For Proxy Authentication, if you proxy server supports it, check out IdentD - IdentD for Mac - Free software downloads and software reviews - CNET Download.com
I'm really hoping someone can help me solve a few issues I have with our macs on our network. We have an OSx server together with a 2003 domain, and we have the clients authenticating to the domain as well as workstation restrictions being applied by the OSx server, that all works well - when it works that is.
The first problem is that the macs randomly lose their binding to active directory, complaining that they can't see the directory server. This happens about every 4-6 weeks but not always on all the macs, some seem to do it more often than others, there's no real pattern to it. I can fix this temporarily by un-binding and re-binding the mac to AD and it's then OK for another few weeks.
The second problem concerns the use of memory cards. Whenever a user inserts a memorycard into the reader on the mac the machine needs an admin username and password in order to mount the folder to the desktop, is there a way of avoiding this?
The thrid provlem involves the use of i-movie, whenever a user tried importing a video clip into the program, it complains that it 'cannot copy the file xxxxxx' error -43 but doesn't tell me where it's trying to copy it to so I've no idea where to start with this problem.
The 4th problem is to do with proxy authentication, and the fact that students have to re-insert the username and password to authenticate to the proxy - is there as way of getting macs to transparently authenticate to these servers in the same way windows machines do. We get the same issues when printing, they have to re-authenticate to the print server before they can send a job to print.
Any help with these issues would be greatly received.
the imovie issue is because your using the network, create a folder in the root of the hard drive called imovie events and give permission to everyone read & write, this will then allow imovie to use the folder as a scratch area.
do you use WGM to control the proxy? we do and dont have issues
Your AD problem is to do with the Mac machine accounts expiring in the AD, I think. It's something along those lines. It was mentioned by an Apple guy I met once, but I don't really remember any more about it! Sorry.
I expect the card reader/mounting devices issue is something you'll have to live with. It's probably related to the fact you're using supplemented AD accounts, rather than Open Directory ones. I found a handful of quirks in our system the other year that stemmed from that, which there seemed to be no solution to - at least that I could find! Either that, or your 'Media Access' settings in Workgroup Manager are wrong!
Your iMovie problem is probably caused by the fact you're using supplemented AD accounts, meaning the user doesn't have a proper local 'home directory' - a requirement for iMovie, for which mapped AD home folders (that typically appear in the Dock) do not suffice for.
iMovie will only work properly with media on a local disc. If the user has a local folder, it'll be put in %user%\Movies\iMovie Events.localized. Otherwise it tries (in my experience) to place the iMovie Events.localized folder on the root of Macintosh HD, where your users most likely have no permission to write.
There are ways of dealing with this, but they all involve some kind of local 'movie' folder where iMovie can run from. There's a good few threads about this issue already on EG with a few suggested solutions, so it's probably worth your time hitting up the search box!
The proxy authentication issue, as zoom7000 said above, can only really be resolved with an IdentD client [ Download IdentD 2.5.1 Free - IdentD - Standalone identd server - Softpedia ]. Apple doesn't support Windows' transparent authentication methods.
I can't find the original link to it but the AD losing bindings is due to the PassInterval. It can be set using the following command:
dsconfigad -lu username -lp password -passinterval 0
where username and password are your AD administrators details. I usually send it out ARD but otherwise can be run on the machines after binding.
Hope that helps.
dayzd (12th January 2011)
There are currently 1 users browsing this thread. (0 members and 1 guests)