I've got a couple of MacBooks that I'd like to be able to read / write files on a shared network drive within a Windows Active Directory network. What's the best way of doing this?
Also, one of the MacBooks is being used by someone who is only here on a temporary basis (its their own personal MacBook), so ideally I'd like to be able to remove their access once they've left. I'm thinking setting up a new user with just access rights on what's required, then when they leave, revoking the account. Does this sound like a reasonable approach?
From Finder, hit Command-k, enter
smb://<servername>/<share>They need a user account, but the Mac doesn't need to be bound to the domain. Macs don't support DFS, so you need to know the actual path to the file share that you're interested in.
I was about to say that I thought it would be easiest to bind the machines to the Directory domain using the Mac Directory Utility in Applications>Utilities, but I'll defer to duffbeer703 (cos my practical AD experience ended with 2000 Server). If you get stuck, there's some good info at MacWindows.com and there's a specific forum at afp548.com.
As for your plan about using limited rights accounts for a temporary period, that sounds very sensible to me.