Panther (10.3) and Active Directory

S

Sherbrooke805

Hi,

I just installed 10.3 and in Directory Access I bound my Mac with a
computer object in Active Directory. I then placed the Active
Directory profile in the Authentication section. When I restart, I
cannot log in with an Active Directory account.. even the domain Admin
account. it seems that the Mac is not looking to authenticate with AD
for the login, just locally.. do I have to configure something else as
well?

Thanks in advance,

D-A
 
T

Tony Sheppard

Sherbrooke805 said:
Hi,

I just installed 10.3 and in Directory Access I bound my Mac with a
computer object in Active Directory. I then placed the Active
Directory profile in the Authentication section. When I restart, I
cannot log in with an Active Directory account.. even the domain Admin
account. it seems that the Mac is not looking to authenticate with AD
for the login, just locally.. do I have to configure something else as
well?

Thanks in advance,
Click to expand...
You need to make sure that that you use your AD integrated DNS in the DNS
servers first, and also include the domain in the search domains.

This had things working for a colleague after he had a similar problem.

HTH

Tony Sheppard
 
D

David Alfonso

Tony Sheppard said:
You need to make sure that that you use your AD integrated DNS in the DNS
servers first, and also include the domain in the search domains.

This had things working for a colleague after he had a similar problem.

HTH

Tony Sheppard
Click to expand...

Your particular problem probably has to do with DNS. Make sure you
can ping the FQDN (Fully qualified Domain name) of the domain. For
example: trinity.nyc.ny.us. One of the domain contollers should
reply. The good news we got it working just fine as long as you don't
have an email account associated to the user id.

We have been testing Panther for several weeks and confirmed a problem
with the Active Directory plug-in. It will not authenticate against an
Active Directory database that has Exchange 2003 attributes. In
English, if you have Exchange 2003, Windows 2000/2003 servers and a
user id has a mailbox they CAN NOT login to the domain. We have been
working will an Apple consultant and the developer of the AD plug-in
for about a week now. No solution yet. In addition, Apple has not had
the courtesy to post this problem on their support database. Quote
from Apple rep:

"First, I exchanged emails with the Consulting Engineer who's been
architecting & driving the AD plug-in, so have new information.
Unfortunately, OS X 10.3 Active Directory plug-in has not been fully
qualified with Windows 2003 AD Servers.

When we coded & architected the plug-in, Apple could only base work on
a shipping product - at the time W2K AD Server; like everyone
deploying
or writing software to work with Windows 2003 Server Software, we had
to wait for shipping & final software. There were changes in Windows
2003 Server and when it was available, pushed a Windows 2003 AD
plug-in
outside the 10.3 Panther client development schedule.

Today, there are issues with AD Plug-in & Windows 2003 Server; basic
authentication should work, but you will (as you've experienced) run
into issues. We are already working on an update to work with Windows
2003 AD Servers. As you know, I can't provide an update schedule for
you, but it's a known issue & has attention. It's coming.
"
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

OSX 10.3 authenticate with Active Directory 2
MS UAM and Panther 2
Active directory connector 4
MCSE Active Directory Question 8
Windows Server What can Active Directory Do? 6
Active Directrory and Open Directory 2
Can't login to Win2003 Server from Mac 10.3 5
mac and active directory 3

Top