PDA

View Full Version : Authentication through OD connected through an AD directory service




sakin4life
May 25, 2011, 05:51 AM
Hi guys,

I have just configured open directory on a Mac OS X server (10.5) which is connected to an AD directory service....DNS and Open directory are working fine as the Mac server has been able to pull all information from the AD server. However, on getting to the client system (mac snow leopard), I have not been able to use network logon through OD

I want the mac client systems to get authentication and contact information throught the OD server....

Please, can anyone help.

thanks for your help in anticipation.



rbrownict
May 25, 2011, 02:16 PM
Hi there,

Whenever I setup the "golden Triangle" I always bind the clients to AD for the authentication and the OD server for managed prefs and shares hosted on the OSX server.

Basically you set the server to be an OD master (if its the only osx server) and also "connected" to the AD schema. then on the clients you bind to both ie windowsdomain.local and Xserve01.

You can then setup groups in OD and import the AD users into them and then set the managed prefs side of things.

If you would like any help then please feel free to PM me.

Good luck

Rich

sakin4life
May 26, 2011, 10:26 AM
@rbrownict, thanks for your reply. I have just done the following:

1. Configured the Mac Server using the Workgroup Server option
(Open Directory Master configured on the server)

2. The OD Master was able to retrieve user information from AD (which I believe it means everything is working fine including DNS)

3. On the client side (Mac OS Snow Leopard), in Directory Utility, enabled LDAP, specified the server from which to get Authentication and Contact information. (Directory Utility specifies the server is responding normally---the green bulb)

4. Specified to allow network logon in Accounts from System Preferences

5. The 'Others' icon shows in the list of users on logon page.

However, I still cannot use the network logon. Please, help me. This is very important.

Thanks once again.

sakin4life
May 26, 2011, 10:45 AM
Hi there,

Whenever I setup the "golden Triangle" I always bind the clients to AD for the authentication and the OD server for managed prefs and shares hosted on the OSX server.

Basically you set the server to be an OD master (if its the only osx server) and also "connected" to the AD schema. then on the clients you bind to both ie windowsdomain.local and Xserve01.

You can then setup groups in OD and import the AD users into them and then set the managed prefs side of things.

If you would like any help then please feel free to PM me.

Good luck

Rich




@rbrownict, thanks for your reply. I have just done the following:

1. Configured the Mac Server using the Workgroup Server option
(Open Directory Master configured on the server)

2. The OD Master was able to retrieve user information from AD (which I believe it means everything is working fine including DNS)

3. On the client side (Mac OS Snow Leopard), in Directory Utility, enabled LDAP, specified the server from which to get Authentication and Contact information. (Directory Utility specifies the server is responding normally---the green bulb)

4. Specified to allow network logon in Accounts from System Preferences

5. The 'Others' icon shows in the list of users on logon page.

However, I still cannot use the network logon. Please, help me. This is very important.

Thanks once again.