+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 39
Mac Thread, Snow Leopard AD Integration woes in Technical; Certainly markcromwell! You are correct; if you had a local account called Administrator, then the id command would always succeed. ...
  1. #16

    Ephelyon's Avatar
    Join Date
    Aug 2008
    Location
    Cheshire, England
    Posts
    1,849
    Thank Post
    351
    Thanked 392 Times in 249 Posts
    Rep Power
    162
    Certainly markcromwell!

    You are correct; if you had a local account called Administrator, then the id command would always succeed. I didn't anticipate there being a local account with the same name...

    I have since come up with an improved method of detecting when the system is ready to accept network logins, rather than just waiting 30 seconds. It seems the Mac OS login window has the ability to display the status of its connection to network login servers, showing either a red or a green light (or orange if you have multiple connections and not all are available yet). If your Mac clients are bound to an Open Directory server (i.e. a Mac server) as well as Active Directory, you can set this option using Workgroup Manager in Preferences > Login Window for individual computer accounts or a group of them. If you don't use Open Directory, you can specify this manually on each client using a command (the last one below). Then you can just tell your users to wait until the light goes green before trying to log in.

    Now for more detailed instructions for creating the StartupItem, including the modification to the login window:

    sudo su
    mkdir /Library/StartupItems/FixADAuth
    nano /Library/StartupItems/FixADAuth/FixADAuth (enter script from above)
    nano /Library/StartupItems/FixADAuth/StartupParameters.plist (enter PList from above)
    chmod 755 /Library/StartupItems/FixADAuth/FixADAuth
    defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo DSStatus (not needed if you can set this via OD)

    Turns out if you're running as root the owner/group permissions will be correct on creation so you don't need to use chown, and only the script itself will need to be chmodded to allow execution.

  2. #17
    TomH's Avatar
    Join Date
    Jan 2010
    Location
    Nottingham
    Posts
    47
    Thank Post
    0
    Thanked 5 Times in 5 Posts
    Rep Power
    11
    Hi Guys,

    These .local issues are generally resolved in 10.6.4 where we have them installed, be careful with mDNSResponder as its now rolled in with DNS.

    Tom

  3. #18

    Ephelyon's Avatar
    Join Date
    Aug 2008
    Location
    Cheshire, England
    Posts
    1,849
    Thank Post
    351
    Thanked 392 Times in 249 Posts
    Rep Power
    162
    First thing I tried was installing the latest updates, including 10.6.4. Didn't help very much... :/

  4. #19

    Join Date
    Jun 2010
    Location
    Indiana
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks, Eph. We experience a similar issue, but have an actual domain. Logging in generally works fine for most of our users, but maybe twice a week I get a user who cannot login. Upon logging in under a locadmin account, the domain status reports as 'not responding'. I then have to simply rebind.

    Would pointing your script at our domain and setting it to run at login likely resolve this issue?

    If I don't see a response, I'll certainly be testing it. Thanks again for the work.

  5. #20

    Ephelyon's Avatar
    Join Date
    Aug 2008
    Location
    Cheshire, England
    Posts
    1,849
    Thank Post
    351
    Thanked 392 Times in 249 Posts
    Rep Power
    162
    That's the idea of it, so yeah, I'd should work in that scenario =]

  6. #21

    Join Date
    Jul 2008
    Location
    Merseyside
    Posts
    306
    Thank Post
    17
    Thanked 10 Times in 10 Posts
    Rep Power
    15
    Hi Eph, your script looks good, shame snow leopard didnt get it right! Anyway, Im a little confused about the nano bit, i can make a directory and chmod it etc but im confused whats next?

    Thanks

  7. #22

    Ephelyon's Avatar
    Join Date
    Aug 2008
    Location
    Cheshire, England
    Posts
    1,849
    Thank Post
    351
    Thanked 392 Times in 249 Posts
    Rep Power
    162
    nano is a text editor. You can use it to create the two files (FixADAuthand StartupParameters.plist) using the contents given above.

  8. #23

    Join Date
    Dec 2007
    Location
    Leeds
    Posts
    41
    Thank Post
    8
    Thanked 2 Times in 2 Posts
    Rep Power
    15
    Mac OS X v10.6: Active Directory binding lost on network transition (.local domain)
    This has sorted it out for me. I increased the value to 10 as a couple of systems are hanging off very poor desktop switches. The fix has to be re-applied after every service pack as the file this refers to is replaced by 10.6.4 back to 2!

  9. #24

    Ephelyon's Avatar
    Join Date
    Aug 2008
    Location
    Cheshire, England
    Posts
    1,849
    Thank Post
    351
    Thanked 392 Times in 249 Posts
    Rep Power
    162
    Didn't work for us, that's why I wrote the script :/

  10. #25

    Join Date
    Jul 2008
    Location
    Merseyside
    Posts
    306
    Thank Post
    17
    Thanked 10 Times in 10 Posts
    Rep Power
    15
    Hi Eph, your script doesnt work for me, any more suggestions from anyone? I was thinking of forcing a unbind and then bind at logon?

  11. #26

    Join Date
    Jun 2010
    Location
    Indiana
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    As a follow-up, I haven't seen the issue plague any of our machines since implementing this script. Obviously not sure whether no users have lost their connection with the domain, or whether the script is doing it's job. But given the duration since implementation, it's quite possible that it's resolving the problem.

    Thanks again.

  12. #27

    Join Date
    Jul 2008
    Location
    Merseyside
    Posts
    306
    Thank Post
    17
    Thanked 10 Times in 10 Posts
    Rep Power
    15
    Maybe its just me, could someone give me a more detailed walkthrough of what exactly I have to do with this script please? Im a bit of a twonk when it comes to macs. And Im not sure im doing everything correctly! Thanks

  13. #28

    speckytecky's Avatar
    Join Date
    May 2006
    Location
    UK
    Posts
    2,625
    Thank Post
    3,563
    Thanked 301 Times in 229 Posts
    Blog Entries
    3
    Rep Power
    124
    And me please - if this one.

    Quote Originally Posted by mbrunt View Post
    Maybe its just me, could someone give me a more detailed walkthrough of what exactly I have to do with this script please? Im a bit of a twonk when it comes to macs. And Im not sure im doing everything correctly! Thanks

  14. #29

    Join Date
    Jun 2010
    Location
    Indiana
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I'm taking it back. Had the issue occur this morning with a user. No indications of why, as usual. Just unbound and rebound to the domain.

  15. #30
    Zoom7000's Avatar
    Join Date
    Feb 2006
    Location
    London
    Posts
    992
    Thank Post
    348
    Thanked 93 Times in 62 Posts
    Rep Power
    34
    I had the same issue where I'd get the "Domain not responding" error. I tried both Ephelyon's and Apple's script (separately) and both worked a treat.



SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Snow Leopard With Microsoft 2008
    By Connect in forum Mac
    Replies: 1
    Last Post: 29th September 2009, 07:35 PM
  2. Snow Leopard 'less secure than Windows Vista'
    By Chuckster in forum General Chat
    Replies: 4
    Last Post: 24th September 2009, 01:57 PM
  3. Snow Leopard - Aug 28th - £25 each
    By FN-GM in forum Mac
    Replies: 54
    Last Post: 2nd September 2009, 09:26 AM
  4. Mac OS X Snow Leopard - Free, or not?
    By Zoom7000 in forum Mac
    Replies: 16
    Last Post: 15th August 2009, 07:39 PM
  5. Snow Leopard Release Date
    By FN-GM in forum Mac
    Replies: 10
    Last Post: 28th July 2009, 10:01 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •