Accessing Active Directory list on Apple Remote Desktop 3

Question

We are working on a project where a software needs to be deployed on a set of Mac clients connected to a Windows Active Directory server. Software will be pushed from a Mac machine using Apple Remote Desktop 3(ARD3) Application available from apple.

Here is what we have done so far:

1. Mac clients are connected to Windows Active Directory server.
2. Mac is bound to Windows Active Directory server using "Directory Utility" application available on Mac.
3. Now all the user, user groups, computers are listed under "Workgroup Manager" application, but we are not able to create a computer list under "Workgroup Manager" so that it will list under "Open Directory" option of ARD3 application.

Questions:

1. Is the approach fine?
2. Is ARD3 is capable of of listing machines connected to Windows Active Directory server ?
3. Why computer list creation from the "Workgroup Manager" is not possible ? I can create a computer list on the local domain but not on the Active Server domain. If I create a local domain and add devices from the Active Server domain then that list will be visible at Scanners -> Open Directory, but devices under it are not visible.
4. We have even tried adding the Mac schema to Active Directory server. But still creation of computer list is not possible.
5. If this is not possible any workaround to achieve the same ?

Thanks in Advance.

Answer 1

I am by no means an expert on this, I'm just now fumbling through getting our Macs joined to the domain as well. However, I can tell you that I believe that the Mac clients have to be joined to both the AD as well as the Mac OS X open directory (in our case the Mac OS X server where we've installed Workgroup Manager is also running Open Directory).

With the Mac clients and Mac OS X server joined to the Active Directory domain, I signed into the AD and Open Directory in Workgroup Manager, created a computer group, clicked the + sign to add members, then in the drawer that appeared changed the Directory to the Active Directory directory and could then see the computer accounts and add them to the Open directory group.

I'm still testing this out so its possible I might be wrong or may have missed a step. Hope this helps.

--- just now realized this is from a year ago...oops.