Odd going ons with OpenDirectory lockdown

I have an AD domain serving authentication and an Apple OD server for locking down my macs.

The problem that I am having is that this setup seems to randomly restrict access to things (increasingly so) on the iBook and MacBook that we have. These are in a different computer group in OD to the 'static' macs (which need to be locked down more to stop fiddling).

Has anyone else seen this or can you recommend anything? I am going to rejoin to OD tomorrow to see if it will synch things up... the tweaks I have recently made in Workgroup Manager have been unsuccessful :(

Short answer:

Its Broken

Long answer:

While apple were spending a little too much time finding the difference between their arse and elbow they screwed something up in 10.4.x. Intels seem to be worse? Odd things happening like no OD settings when a user first logs in, but logout and in again and its fine?

Here is the brainwave apple came up with

1) Load the OD settings from the server
2) Start the network

While I'm not a genius or anything I can clearly spot an issue there. I'll find you the scripts I use tommorow to delay the boot and wait for the network to start. Since changing this it works nearly all the time.

This is one of the reasons I have not opted for full integration between OD and AD. I use WGM to control machines and the machines are bound to the AD and authenticate against it to get home areas.

For the moment it works and present no problems.

I'm AD integrated too. I can also replicate the issues with new installs.

Script is still going to be posted :P Been rather busy today :/

Try this post out Ric http://lists.apple.com/archives/clie.../msg00081.html

I think I have a 15 second delay on mine.