Mac Thread, Removing Directory Services cofig in Technical; I am looking for the best way to do this - Need to remove a bunch of machines on my ...
7th August 2009, 08:11 AM #1
- Rep Power
Removing Directory Services cofig
I am looking for the best way to do this - Need to remove a bunch of machines on my network from the AD & OD bindings. Is removing the Directory Services "folder" (& the edu.mit.kerberos file) a recommended way to do this, by doing the following:
rm -R -i DirectoryService
sudo shutdown -h now
Any known issues that would come up if I delete this folder?
Or if not, could someone help me with these commands. I tried the following commands and the removal from AD & OD were successful but I just cant seem to take out the "/Active Directory/All Domains" entry from the Authentication & Contact search path policies with these commands:
# Standard parameters
# Remove from AD
dsconfigad -f -r -a $computerid -domain $domain -u $udn -p "$password" -ou "$ou"
# Remove from OD
dsconfigldap -v -r myOD.com
# Restart DirectoryService
sudo dscl "/Active Directory/All Domains" -list /Computers > /dev/null
sudo dscl /Search -delete / CSPSearchPath /Active Directory/All Domains
sudo dscl /Search/Contacts -delete / CSPSearchPath /Active Directory/All Domains
sudo dscl /Search -delete / CSPSearchPath /LDAPv3/myOD.com
sudo dscl /Search/Contacts -delete / CSPSearchPath /LDAPv3/myOD.com
sudo -r /Library/Preferences/DirectoryService/SearchNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
sudo -r /Library/Preferences/DirectoryService/SearchNodeConfig "Search Policy" -int 3
IDG Tech News
8th August 2009, 11:01 PM #2
- Rep Power
If any of you wouldn't mind giving some recommendation on this? Thanks again.
10th August 2009, 04:39 PM #3
No need for the script as the removal of /Library/Preferences/DirectoryService removes everything including the Search Policy listing. I would issue the command this way:
sudo rm -R -i -v /Library/Preferences/DirectoryService
This way you should get a y/n prompt. As far as I know there are no repercussions. It's a safer way as rm is a particularly dangerous command to use. For example there is an rm command that can be used that basically deletes the whole OS and BSD before your eyes. After a while the mac gives up the ghost and dies.
If you're into that sort of thing it can be fun? Clearly I'm not going to give it here.
Follow the above with:
sudo reboot now
On successful log in you should see the edu.mit.Kerberos file has been removed as well. This is true for 10.5 only as unbinding from the DC automatically removes this file. However sometimes it can stick around for no good reason in which case remove it either with a Terminal command or via the Finder. At this point I would also issue:
sudo rm -R -i -v /Library/Managed\ Preferences
This should remove the possibility of any 'rogue' MCX affecting the local admin account. If you want to totally 'reset' Network Settings (again useful for completely removing macs from a network environment) issue:
sudo rm -R -i -v /Library/Preferences/SystemConfiguration
Again it's advisable to restart after doing any of the above.
Antonio Rocco (ACSA)
Thanks to AntonioRocco from:
jasonthat (11th August 2009)
10th August 2009, 10:21 PM #4
- Rep Power
Thanks antonio. But since I needed to have it done soon, I went ahead and tried the script again. Silly me, I just had to put quotes around the /Active Directory/All Domains.
But I will remember to use these commands next time. sounds easier and quick. And totally resetting the network settings on the mac sounds cool to me. Always like to follow the "total reset" methods with most of the tasks I do on the network. Thanks again.
By brownfc in forum Network and Classroom Management
Last Post: 10th June 2009, 06:57 PM
By steveo2000 in forum Mac
Last Post: 6th April 2009, 11:26 PM
By Tiger in forum MIS Systems
Last Post: 23rd April 2008, 11:33 PM
Last Post: 31st January 2008, 01:17 PM
By _Bat_ in forum Windows
Last Post: 3rd May 2007, 05:27 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)