| MacWindows.com User forum http://www.macwindows.com/forum/ |
|
| OS X Lion seems to ignore AD computer lists http://www.macwindows.com/forum/viewtopic.php?f=2&t=835 |
Page 2 of 2 |
| Author: | jgregmac [ Tue May 01, 2012 1:44 pm ] |
| Post subject: | Re: OS X Lion seems to ignore AD computer lists |
This thread is getting a bit old, but I thought I should mention that I both have seen this problem, and have a resolution from Apple. Apparently, the "Search Base" is not actually invalid. The OpenDirectory client is looking for "computer-list" objects in "CN=Mac OS X", within the scope of the bound Active Directory domain. If you create a "Mac OS X" container in your domain and populate your apple-computer-list objects there, OenDirectory should be able to locate the objects. Also, you should be aware of the following article: http://support.apple.com/kb/TS4243 The problem documented here is that if you have configured the AD plugin to allow authentication from "all domains in the forest", the search from computer-list objects will fail. You need to run "dsconfigad -alldomains disable", then modify the Directory Utility Search policy to search specific domains instead of all domains. Apple has stated that they have no intention to fix this bug. |
|
| Author: | aaulich [ Wed May 02, 2012 5:00 am ] |
| Post subject: | Re: OS X Lion seems to ignore AD computer lists |
Thanks a lot! That works fine. I just summarized the whole process at http://www.andre-aulich.de/en/perm/how-to-make-lion-clients-work-with-active-directory-computer-lists. Problem solved for me. Cheers, André |
|
| Page 2 of 2 | All times are UTC - 8 hours [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|