+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 17 of 17
Mac Thread, Migrating users from AD to open directory. in Technical; Like I said is the mac computer name you are using when you join AD the same as the name ...
  1. #16
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,456
    Thank Post
    10
    Thanked 494 Times in 434 Posts
    Rep Power
    113

    Re: Migrating users from AD to open directory.

    Like I said is the mac computer name you are using when you join AD the same as the name that OD sees? This will cause kerberos issues! It really does ask what name you want to use when you join with the AD plugin, but not I assume if you script it.

    I simply image with the test machines OD and AD plugins settings removed. I then simply image and configure them afterwards.

  2. #17

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,190
    Thank Post
    299
    Thanked 215 Times in 185 Posts
    Rep Power
    56

    Re: Migrating users from AD to open directory.

    Yeah. Thats how i did mine. I have yet to script the AD using the dscl and dsconfigad commands. I would think that the process is the same when you script with dsconfigldap that you would specify the name of the computer in the line used to join the machine.

    ie in dsconfigldap you use

    dsconfigldap -v -f -a server name -n config name -c $computerid -u bind username -p bind password

    So i would assume the dsconfigad would use the same method using the variable to pull in the computer name but you would need to change it at some point during the script.

    You could maybe include acsv file and read the information from the fields depending on which bind you were doing. ie if it were the od you could pull in the od field into the variable and if the AD that field.

    I'm not a scripter but i suppose it could be done since its what net-restore uses for his byhost settings i think.

    Anyway i resolved my issue with the authenticating.

    I had to re-index my slapd.

    The commands are as follows if interested.

    I removed the computer from the OD in WGM first.
    Removed the DirectoryServices from /library/preferences/

    I then ran the following commands (found on the AFP548 site):


    It looks like your ldap db is corrupted.
    1. Stop slapd with sudo launchctl unload /System/Library/LaunchDaemons/org.openldap.slapd.xml
    2. Wait a minute to give slapd time to stop. You can see it in the OD status pane of Server Admin
    3. Re-index your ladp db with sudo slapindex -v -d 1 (I like the debug output just to see what it is doing.)
    4. Start slapd backup with sudo launchctl load /System/Library/LaunchDaemons/org.openldap.slapd.xml

    The commands are all one line.

    Thanks for your help and info DMcCoy. Most valuable. I will be trying a test run of OD-AD in the new academic year i think but for now i will stick with the dual domains.

    Thanks again.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Cannot create users in Active Directory
    By WithoutMotive in forum Windows
    Replies: 17
    Last Post: 6th February 2009, 11:20 AM
  2. Active Directory-Script for Creating Bulk Users
    By calapso in forum How do you do....it?
    Replies: 8
    Last Post: 14th January 2009, 06:32 PM
  3. Importing new users into Active Directory
    By Mr_M_Cox in forum How do you do....it?
    Replies: 16
    Last Post: 4th November 2008, 11:36 AM
  4. Replies: 2
    Last Post: 28th November 2007, 04:40 PM
  5. Replies: 3
    Last Post: 27th April 2007, 08:32 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •