I joined a Mac machine to our AD so that users can use their AD credentials to use the Mac. One problem is that when users logon using their AD credentials, they cannot access some of the local folders. The folders all have staff group read/write permissions set and they are good for local users. By default, the AD users are not in the staff group, so they cannot access the folders.
If you’re thinking about purchasing a new GPU, we’d greatly appreciate it if you used our Amazon Associate links. The price you pay will be exactly the same, but Amazon provides us with a small commission for each purchase. It’s a simple way to support our site and helps us keep creating useful content for you. Recommended GPUs: RTX 5090, RTX 5080, and RTX 5070. #ad
To add the AD users to staff group, you can use the dseditgroup command to do so. Open up a Terminal and enter the following command.
dseditgroup -o edit -n /Local/Default -u local_admin_account -p -a 'AD_DOMAIN_NAME\AD_GROUP' -t group staff
Reboot the machine and the AD users in that group should be in staff group now.
Leave a Reply