Mac Thread, Mavericks Profile Manager - AD groups showing No Members in Technical; We're trying to set up some infrastructure to allow us to manage Mavericks Mac clients, as we're going to be ...
2nd June 2014, 10:54 AM #1
- Rep Power
Mavericks Profile Manager - AD groups showing No Members
We're trying to set up some infrastructure to allow us to manage Mavericks Mac clients, as we're going to be buying new Macs in the summer which won't be able to downgrade from Mavericks.
We have a server with OS X 10.9.3 and Server.app 3.1.2, the server is an Open Directory master and is bound to our Active Directory. We can see the AD groups in Profile Manager but when we click on Members it reports "No Members".
Members are visible in the Directory Editor in Directory Utility. Additionally, I've just noticed that Profile Manager is only displaying some of the AD groups we have and not all of them. There are many groups visible in Server.app that are not showing up in Profile Manager.
Anyone have any ideas what to do to correct this?
I've already tried wiping the Profile Manager database using the wipeDB.sh.
3rd June 2014, 02:25 PM #2
- Rep Power
Our Mac support people are suggesting that this is the result of the most recent update by Apple to Server.app. Apparently there are a ton of people running into this on the Apple forums so hopefully a fix will happen soon, but if anyone knows of a workaround in the mean time I'd be much obliged.
3rd June 2014, 04:30 PM #3
We found that profile manager didn't show up all the groups but if you searched for them they were there!
As for the members I think there is a flaw where by if the group has too many users then it doesn't show members e.g we have an all student groups which has 1500 members in AD which don't show in Profile Manager but our individual intake years 300~ members do show up properly in profile manager
5th June 2014, 09:38 AM #4
- Rep Power
This seems to be a recurring theme that we've found in our research. As far as I can tell it's related to AD's MaxPageSize setting and Apple's unwillingness to implement the RFC that describes paging extensions to LDAP (source: Mac OS X: First 1000 results displayed when querying Active Directory). We're also looking in to what the implications of increasing this would be.
Originally Posted by mdench
By tobiasclarity in forum Mac
Last Post: 27th March 2013, 01:19 PM
By OutLawTorn in forum Windows
Last Post: 29th July 2009, 10:16 AM
By Paid_Peanuts in forum Windows
Last Post: 7th December 2007, 06:46 PM
By CyberNerd in forum *nix
Last Post: 14th September 2007, 09:19 AM
By localzuk in forum *nix
Last Post: 11th February 2007, 08:57 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread