Administering macOS Systems
About IBM Security Management Services for Mac
With IBM Security Management Services for Mac, you can use Active Directory to centrally manage authentication, policy enforcement, single sign-on (SSO), and user self-service for popular endpoint devices running Mac operating systems.
A key component of IBM Security Management Services for Mac is the DirectControl agent for Mac computers. You must install the agent on each computer that you want to integrate with Active Directory and manage through IBM Security Access Manager.
After you install the agent on a Mac computer, you can perform many administration and configuration tasks on the computer to enable the computer to work with IBM Security Management Services and with Active Directory.
Intended Audience
This guide is intended for Mac system administrators.
Topics Covered in this Guide
The following topics are covered:
Installing the DC AgentCreating Home DirectoriesWorking with MacsUnderstanding Group PoliciesSetting Computer-based PoliciesSetting User-based PoliciesConfiguring a Mac for Smart Card LoginTroubleshootingInstalling and Removing the Agent
The Administrator’s Guide for Mac provides information about the administration and configuration tasks that you perform on a Mac computer after you install the agent so that you can manage users, groups, computers, and zones with Access Manager. Additional topics, such as installing the agent, optionally enrolling the computer in the IBM Security Platform, and troubleshooting issues after the agent is installed are also covered.
Specific areas of focus are as follows:
- This guide provides installation instructions and step-by-step instructions for configuring Mac computers to join an Active Directory domain through Auto Zone, which creates one large zone for all Mac computers. Auto Zone requires minimal configuration and is appropriate for most Mac environments. If your environment is larger, or more complex, and doesn’t easily fit into Auto Zone, you must consult the Planning and Deployment Guide for detailed information on how to move your Mac users and computers to Active Directory and use IBM Security zones to structure your environment.
- This guide explains how to handle issues and tasks that are specific or unique to a Mac environment.
This guide does not cover planning or Access Manager tasks handled through the Access Manager console. For more information about those topics, see Where to go for more information.
This guide assumes you have a working knowledge of performing administrative tasks in a Mac environment.