We have deployed Thunderbolt Displays in my organization, which is almost entirely Mac-based. As you may already know, Thunderbolt Displays have internal Ethernet adapters which is very convenient in that a user can now connect their wired network connection to their display rather than their MacBook, and when they come in to work in the morning, the only thing they need to connect to their MacBook is the MagSafe adapter and Thunderbolt cable, both which come from their display. Essentially, the display is now acting as a docking station with all of the most commonly used ports on the display sent over the Thunderbolt connection to their MacBook.
However, this convenience presents a problem on more heavily managed networks like my own (e.g. enterprise) that use DHCP reservations.
Traditionally, when a new Macintosh comes in, a system administrator would add the MAC address of the wired ethernet port on the Mac to our DHCP server, and associate it with an IP address. That MAC address will now always get the same IP address assigned to it via DHCP. This is a tried and true method employed on most enterprise networks, regardless of operating system/platform (this all happens at the network level). When that MacBook connects to my network via the wired connection, it will now always get the same IP address – the one that I've designated in DHCP.
Apple has set a new expectation of using the Thunderbolt display as a docking station. This is convenient, but it introduces a problem. Now that Thunderbolt displays have on-board ethernet with a MAC address on the display itself they are the connection point to the network. It would be easy to start adding reservations for displays to our DHCP server, but ultimately foolish because it wouldn't gain us anything in manageability and would only serve to confuse us or slow us down as systems administrators when we're trying to access client workstations for remote support and administration.
I want DHCP reservations to still get honored for the Macs on my network, even if they are behind a Thunderbolt display. This way users can move around and plug their MacBooks into any of our Thunderbolt displays and still get the same hostname and IP address from DNS and DHCP, giving them consistency, and making administration as straightforward as it once was.
So I ask you, fellow Mac administrators. How would you handle this situation?
Best Answer
This depends a lot on your DHCP server, but I would look into using the client id to assign static IPs. It's not tied to the individual hardware (although you'd have to set it at least once when they first use a TB Display), so it avoids the switching displays problem. It can be set via the networksetup tool.