Welcome to the forums. Based on your post I think the only mistake you made was binding the workstations to the Mac server. If AD is your central directory, then all devices, Mac workstations, Mac server, and Windows workstations and servers, should be bound to that directory domain.
Yes you need to bind the OS X Server to AD to be able to see the users and assign access rights to services on the Mac Server. But the client systems also need to point to the parent domain. Unbind the Mac from the OD server and bind it to AD.
Apr 21, 2006 - There is open directory which you can use to manage macs, unices and windows and works fairly well. Also, you can relatively easily bind.
To see if this is the case, try to connect to a service on the OS X Server using AD credentials. For example, log into a Mac as the local admin. Connect to the Mac file sharing service (assuming it is setup) using AD credentials. Assuming the service is on and access is permitted, you should be able to access the service. But login window will not grant access to AD users because you are bound to OD. OD has no users, only a references to an external domain (AD).
![Mac Mac](/uploads/1/2/5/1/125194010/468157360.png)
Reid
Apple Consultants Network
Author 'El Capitan Server – Foundation Services' :: Exclusively available in Apple's iBooks Store
![Mac Mac](/uploads/1/2/5/1/125194010/753430900.jpg)
Author 'El Capitan Server – Control & Collaboration' :: Exclusively available in Apple's iBooks Store
Author of Yosemite Server and Mavericks Server books
Dec 4, 2015 1:26 PM