Odd binding to AD/OD issue - 10.4 & 10.5

Author	All Replies
Mike Premium,Mod join:2000-09-17 Pittsburgh, PA clubs: ·Verizon FIOS ·Verizon Online DSL Host: Site Tools W.O.W. FairPoint World of Warcraft Alltel Axcess	Odd binding to AD/OD issue - 10.4 & 10.5 Has anyone had a problem with any type of mac being kicked off a 2003 domain? When you attempt to readd it you get; Unable to add the domain domainHere An unexpected error of type -14910 (eServerError) occurred. The ONLY way to get it to rebind so far is to wipe the machine and redo it. Repair + Archive/Install doesn't do anything. All of a sudden I had a bunch do this and have no clue why. Nothing has changed. -- "If something about the human body disgusts you, complain to the manufacturer" - Lenny Bruce What this country needs is a good five dollar plasma weapon.
	to forum · permalink · · 2008-11-19 11:02:59 ·
Thinkdiff Premium,MVM join:2001-08-07 Bronx, NY 1 edit	Had a machine with the exact same problem 2 weeks ago. It's constantly in use, so we haven't been able to re-image, and I've tried everything to get it back on the domain. It just won't rebind. 10.5.4 and 10.5.5 (updated after it got kicked off) with 2003 AD server.
Thinkdiff Premium,MVM join:2001-08-07 Bronx, NY 1 edit	to forum · permalink · · 2008-11-19 13:01:35 ·
Mike Premium,Mod join:2000-09-17 Pittsburgh, PA clubs:	Something did happen. A 2008 domain controller was put in place with 2003s. The authentication level changed. However, it was rolled back to the 2003 default for kerobos. I wonder if it doesn't like the 2008 schema?
Mike Premium,Mod join:2000-09-17 Pittsburgh, PA clubs:	to forum · permalink · · 2008-11-19 13:08:58 ·
Thinkdiff Premium,MVM join:2001-08-07 Bronx, NY 1 edit	In our case, no changes were made to the AD server, AFAIK. The Mac just refused to rebind all on its own. We're planning on moving to 2008 sometime soon, so if that's causing problems, we might have to reconsider.
Thinkdiff Premium,MVM join:2001-08-07 Bronx, NY 1 edit	to forum · permalink · · 2008-11-19 15:24:44 ·
Mike Premium,Mod join:2000-09-17 Pittsburgh, PA clubs: ·Verizon FIOS ·Verizon Online DSL Host: Site Tools W.O.W. FairPoint World of Warcraft Alltel Axcess	Fixed. For some reason, OD responds first and sends back, literally garbage then ignores AD. We have to nuke a Kerberos file. Open terminal - "sudo rm /Library/Preferences/edu.mit.Kerberos" Open Kerberos - terminal - "sudo open /System/Library/CoreServices/Kerberos.app" On the edit menu choose "Edit Realms" Click the "+" and add your domain as whatever your domain is. Click the "Servers" tab and add the AD server you want to authenticate against three times ... kdc, kpasswd, and admin (use the combo box). Pick a AD server.. click the "Domains" tab and add the domain in all caps again Click ok Click "New" to get a new ticket and use a regular domain account and if all is well you should be granted a ticket. Destroy the ticket.
	to forum · permalink · · 2008-12-03 10:30:10 ·


Monday, 30-Nov 06:49:30	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF