Let's Build
This section will guide you through binding a Mac computer to Windows Active Directory.
Apple still supports this payload, but it is not recommended. Instead, you should use Platform SSO (if your IdP supports it) the Kerberos SSO Extension, or an OIDC/ROPG workflow, if your MDM supports it.
You'll also see how to revert from an Active Directory bind by demobilizing a user account that was previously bound to Active Directory and created as a mobile account.
It's important to know that when transitioning to the Kerberos SSO extension, Platform SSO, or using an OIDC/ROPG workflow, you will need to demobilize a mobile account before proceeding. Check with your MDM provider for guidance on demobilizing accounts.
