Mac Thread, AD-OD Integration - AD Timeout in Technical; Hi Everyone.
Hope someone with a deeper knowledge of the Mac will be able to help me. We've got a ...
10th November 2010, 05:27 PM #1
AD-OD Integration - AD Timeout
Hope someone with a deeper knowledge of the Mac will be able to help me. We've got a suite of 14 iMac's with Leopard on them. All fully updated.
All of them work fine, however... we had a period of 2 days of network downtime on the switch that served all the Mac's on our network. The fact it was 2 days was because the music department are extremely to relay back any information (that's another problem in itself). It ended up being a damaged fibre patch lead being damaged which I did by mistake.
Once we got the link live, most of the Mac's refused to login with an AD logon/password. The only way to re-initiated the Mac's is to unbind and then bind them back on Active Directory. Is there some sort of time-out before AD or the Mac's will refuse to login with an AD account? We sometimes get the odd Mac refuse to login. The result of that was because a teacher took the network lead to use on their laptop and didn't put it back in the Mac.
Any advise would be great.
10th November 2010, 05:36 PM #2
We have had this before so i will be keeping an eye on this thred for a definitive solution.
However i do know if the time on the mac is more than 5mins out with the rest of the network login will fail. Could this have been an issue for you?
10th November 2010, 07:44 PM #3
Mac OS X v10.6: Active Directory binding lost on network transition (.local domain)
If your internal domain is not based around .local then simply unbinding-rebinding should be enough. The macs will use the mdns_responderer daemon to continually query your DNS Servers so as to resolve the Primary Domain Controller on both pointers. If there's a network disconnect for whatever reason the macs will give up the ghost after a short while and revert back to Bonjour/Rendezvous - which itself uses .local.
Hopefully making the repairs to the physical structure of the network should get things back on track.
You could use ARD and the dsconfigad command to unbind and rebind all of your macs at the same time. If you don't have the application and depending on how many macs you have you'll be looking at some leg exercise.
Antonio Rocco (ACSA)
Last edited by AntonioRocco; 10th November 2010 at 08:33 PM.
11th November 2010, 09:52 AM #4
We don't any issue with the time. I made sure all the Mac's are sync'd up to the same time as the AD network which is done via the pool.ntp.org servers. I may however change it so the Mac's pick up the time from our PDC in future just to avoid any issues if the net ever went down.
Antonio: Our domain is not a ".local" one and your solution is what I currently do. I don't unfortunately have a Mac in my office to do a remote dsconfigad. I could do it from the MacPro server which I have VNC access to. Could you post the command lines for this? I'm wondering if they could be put into some startup script or schedule script on all the Mac's to do it every so often.
By rocknrollstar in forum O/S Deployment
Last Post: 10th December 2009, 12:44 AM
By darrenmcginnis in forum Internet Related/Filtering/Firewall
Last Post: 21st October 2009, 04:36 PM
By localzuk in forum Windows Server 2000/2003
Last Post: 25th September 2009, 10:03 AM
By dperrott in forum Thin Client and Virtual Machines
Last Post: 29th October 2008, 01:32 PM
By bjohnny42 in forum EduGeek.net Site Problems
Last Post: 2nd May 2008, 11:53 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)