Parallels Desktop 7 for Mac Run Windows applications without switching between Windows and Mac OS X! Best integration of Mac and Windows. Windows apps now work with Lion feaures, including Mission Control, Launch Pad, Resume, and all trackpad gestures. Supports Windows 7 Aero, with peformance even faster than before. Now runs Lion and Lion Server in a virtual machine!

"Parallels Desktop 7 beat VMware Fusion 4.0.2 in 74.9% of the general tests we ran, and Parallels was double the speed or more in almost a quarter of the top-level tests."
 --MacTech Magazine
 

TIP: Fix for Lion 10.7.2, mobile AD accounts -- remove WINS

Monday, November 14, 2011

Nick Vasilopoulos sent us a fix for problems with mobile Active Directory accounts for Lion clients. He had tried a number of fixes we've reported, including last week's Apple IPv6 fix, to no avail. Finally, what worked was "ditching WINS" and binding in a particular manner:

Thanks for the great site. I've been battling this issue for quite some time now, sometimes it works, and sometimes it does not. But reading one of your users posts (it didn't work) led me onto a solution that worked for me. Here's my particular setup;

  • Windows 2008 R2 DC (DNS, DHCP - domain name ends in .office)
  • Windows 2003 DC (DNS, WINS)
  • Lion 10.7.2 (MacBook Pro 13" purchased last week)

I had all the usual issues. Mobile accounts could not be created on startup, via the command line or the GUI. Tried all the fixes (permissions fix from recovery disk, IPv6 fix, adding domains to search for Auth and Contacts, etc) nothing worked. Then I noticed that one of the requirements for one of the fixes was to make sure that the DNS name and WINS name are being reported as the same in System Prefs. I started looking into it and found some funkiness with my WINS. I then looked around my network, realized most people are running either Mac OS X, Windows 7, or Linux with just a few people on XP. So I said fine, I'm ditching WINS. I ripped it out of DHCP (scope options too), DNS, restarted the services and tried again to bind with the following steps:

Users and Groups:

  1. Login Window: Name and Password (how can you specify which network user you want to create a mobile account for with the other method?)
  2. Allow Network Users to log in at Login Window (Checked)

In Directory Utility I did the bind as usual.

  1. In the Advanced Options, I selected "Prefer this domain server" and entered my win2008 server.
  2. Create mobile account on login - checked
  3. Use UNC from AD
  4. Protocol is smb
  5. I de-selected "allow authentication from any domain in the forest"
  6. In the Search Policy I added all the options it listed for Authentication and Contacts but made sure to put /Local/Default to the top in each instance.
  7. Pressed the lock icon.

I then backed out of the menus and restarted. Viola! It prompted me to create a mobile account, went ahead and did so. I then had to manually configure what gets sync'd from my home folder (I selected Desktop, Documents and Library only) pressed sync now and it was successful.

I still do get red/amber lights during login, but it works, I can login and sync. I'm now loading software and expect my outlook email, etc., to work once I load Office 2011 onto the mac. It's already sync'd my Microsoft folders and Library prefs.

I hope this gives some of you some more clarity. You really need to have your networking working 100 percent for this to be successful.

If you've tried this method

Reader says removing WINS didn't fix Lion AD after all

Friday, November 18, 2011

Nick Vasilopoulos reported back that his success with the suggestion he shared for fixing Lion 10.7.2 Active Directory problems was short-lived:

I'm eating my hat as I write this. It seems that my fix was short lived. I'm having the same issue as everyone else now, sometimes not even being able to login locally to the mac with the mobile account while offline. I've tried all manner of fixes and even gave Apple a call. All for nothing.

For more articles like this, see Lion and Active Directory Tips and Reports.

Current news on the MacWindows home page

CrossOver 10 runs Windows apps on a Mac--without Windows
Runs more Windows apps and installs them with 1 click. Office, Outlook support, Quicken, ActiveX in Internet Explorer and more, launched directly from the Finder -- just as if they were Mac apps.
CrossOver Games runs Left4Dead, Warcraft, Steam, Spore, and others on your Mac.

Starts at only $40 (and no need to buy Windows!) Free trial from CodeWeavers.
Click here for more.

Other MacWindows Departments

| Product Solutions | Reports and Tips | News Archives | Site Map |
| MacWindows Home |

| Top of Page |

This site created and maintained by
Copyright 2011 John Rizzo. All rights reserved.