Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 21, 2013, 02:11 AM   #1
dabizkitman
macrumors newbie
 
Join Date: Oct 2012
Looking for OD only binding script / need help with binding to OD with DPS

Hello everyone,
after several weeks of trying different solutions we are stuck with trusted binding / OD binding in Deploy Studio.
We've added several workstations to our computers and they are renamed by a script this works fine.
The problem is that we have to add those workstations to our Open Directory and then add those workstations via OD to several groups.
The workstation is binded but it doesn't bind correctly.
We can see the OD server in the "Users and Groups" as "connected". But it's only bound locally (can only be seen on the workstation)
But it's not binded as we want it to be.
Our goal is that the workstation needs access to the directory (System Preferences -> Accounts -> Login Options -> Network Account Server -> Open Directory Access… --> LDAPv3 ...)
And then we have to use "Edit..."-> "bind" .After that the workstation is added to our OD and we can see it in our workgroup manager and add this workstation to the group.
Is it possible to solve this issue with Deploy Studio?
We've already tried to use "Enable trusted binding" but after imaging a workstation there is only the ouput "An error occured while trying to establish a trusted binding with the server "xxxxx",new attempt in 10 seconds..." and "Invalid credentials supplied for binding to the server" in the finalize script and the workstation has to be bound to the OD manually.
But the credentials are 100% correct.We are using the login of your OD-administrator account for the trusted binding.
We've also tried to activate trusted binding without any login information in the fields for "Directory Admin", after that there is no error but the workstation has to be bound manually again.
It would be great if there is anybody who has the same issue and maybe solved it or has any idea what to do here.

Sorry if the english description for several "buttons" aren't exactly,we are using a german version of MAC OS X (10.8.2). I hope everything is easy to understand.
Just tell me if you need any additional information about things.

DPS Version: 1.0 RC 135 (121112)

Kind regards

---------------------------



This is my post in the official DPS forums but there wasn't any reply except one that we could use an own OD binding script.

Is there anybody who has a working script?I found one but it has AD inside and I don't know if it's that easy to delete the AD parts from this script.

It would be great if there is someone who could help with this issue.
dabizkitman is offline   0 Reply With Quote
Old May 28, 2013, 06:54 AM   #2
dabizkitman
Thread Starter
macrumors newbie
 
Join Date: Oct 2012
We haven't been able to find a solution for this issue,even with a newer version of DPS.
Is there anybody who has an idea?
dabizkitman is offline   0 Reply With Quote
Old May 28, 2013, 02:36 PM   #3
DJLC
macrumors 6502
 
Join Date: Jul 2005
Location: Mooresville, NC
Send a message via AIM to DJLC Send a message via MSN to DJLC Send a message via Yahoo to DJLC Send a message via Skype™ to DJLC
I'm not sure that I have a solution, aside from advising you to double-check your DS workflows and network infrastructure. I do see this error on maybe 10% of the Macs we image, but it always seems to resolve itself before the DS finalize script gives up.
__________________
-John Mairs
DJLC is offline   0 Reply With Quote
Old May 30, 2013, 08:18 AM   #4
dabizkitman
Thread Starter
macrumors newbie
 
Join Date: Oct 2012
Thanks for your reply.
Have you tried to bind a mac by using a script?
I tried the following one but it brings up the same error,that my credentials are invalid:

---------------------------
#!/bin/bash
computerid=`scutil –get ComputerName`
dsconfigldap -v -f -a OD_SERVER -n OD_SERVER -c $computerid -u ADMIN_USERNAME -p ‘ADMIN_PASSWORD’
sleep 10
dscl /Search -create / SearchPolicy CSPSearchPath
dscl /Search -append / CSPSearchPath /LDAPv3/OD_SERVER
sleep 10
dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
dscl /Search/Contacts -append / CSPSearchPath /LDAPv3/OD_SERVER

OD_SERVER= FQDN of our OpenDirectoryServer
ADMIN_USERNAME= account used for binding computers manually
ADMIN_PASSWORD= password for ADMIN_USERNAME
-------------------------
dabizkitman is offline   0 Reply With Quote
Old Jan 8, 2014, 03:11 PM   #5
atperseghin
macrumors newbie
 
Join Date: Jan 2014
I was having a similar issue with a join to AD script I was writing. On 10.7 I was able to run the script with no issues. I tried to run it on 10.8 and 10.9 and it would say "your credentials are invalid". After some research I found that I needed to run the script as root. I made this easier by writing another script that runs the AD script as root.

Not sure if it will help, but try running the script as root.

For Reference

Join to AD script

echo “Enter Computer Name:”
read computername

echo The Computer Name is $computername

scutil --set ComputerName $computername
scutil --set LocalHostName $computername

dsconfigad -add your.domain.com -username domainaddminaccount [-computerid $computername] [-ou CN=Computers,DC=your,DC=domain,DC=com] [-mobile enable] [-mobileconfirm disable] [-useuncpath disable] [-shell /bin/bash]

Run as Root Script

sudo /Path/To/Your/Script/JoinAD.sh

Last edited by atperseghin; Jan 8, 2014 at 03:26 PM.
atperseghin is offline   0 Reply With Quote
Old Jan 9, 2014, 10:29 AM   #6
HackBook
macrumors member
 
Join Date: Nov 2007
Location: Essex, UK
I've probably got the wrong end of the stick, but I had a similar issue whereby the Macs in our network do not show up in OD properly unless they are assigned to an OD group when they are imaged in DeployStudio. (Running OD & AD in the Magic Triangle config, Mountain Lion 10.8.5 server). In order to combat this, I specify the groups from the Hostname form in Deploy Studio. In the Client Management box, type the OD group you want the machine to be a member of, then press Enter. Repeat this process for each group you need to join. Also, if you are using DeployStudio to join to OD, then make sure you tick the "Apply computer's Client Management settings automatically" tick box in the OD bind area of the workflow, otherwise it won't apply the memberships.

I have attached screen grabs of these boxes in case you are unfamiliar with them.

Hope that this is of some use!
Attached Thumbnails
Click image for larger version

Name:	S1.png
Views:	44
Size:	91.3 KB
ID:	455623   Click image for larger version

Name:	S2.png
Views:	43
Size:	133.5 KB
ID:	455624  
__________________
Move along people, nothing to see here.

Last edited by HackBook; Jan 10, 2014 at 05:03 AM.
HackBook is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Need help with binding some keys in windows 7! Zeov Windows, Linux & Others on the Mac 0 Jul 6, 2013 04:29 PM
Macs binding to Open Directory twice lotsofjam OS X 0 Feb 4, 2013 01:55 PM
Binding an NSNumber to an NSTableColumn BadWolf13 Mac Programming 4 Dec 30, 2012 03:49 AM
AD Binding Issue dmoore70 MacBook Pro 4 Aug 28, 2012 03:53 PM

Forum Jump

All times are GMT -5. The time now is 02:00 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC