Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Mar 11, 2010, 04:22 AM   #1
Omena.com
macrumors newbie
 
Join Date: Mar 2010
Active Directory client bind via Terminal

Hi!

I have a problem concerning about binding a client computer to Active Directory via Terminal. The binding works perfectly when I do it with the GUI, but with Terminal its just fails.

Client OS: 10.6.2
AD server: Windows 2008 R2

It seems that the Active Directory plug-in won't activate.

Terminal commands:
Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active

dscl localhost -list /
displays
Code:
BSD
Local

Contact
Search
After I do it with the GUI
Code:
dscl localhost -list /
displays
Code:
Active Directory
BSD
Local

Contact
Search
I deleted all the AD plist files from the /Library/Preferences/DirectoryService/
before running the Terminal commands.

Any ideas?
Omena.com is offline   0 Reply With Quote
Old Mar 11, 2010, 08:26 PM   #2
calderone
macrumors 68040
 
calderone's Avatar
 
Join Date: Aug 2009
Location: Seattle
Just to be sure, you are not just running this are you?

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
If so, you cannot bind to AD that way. You need to use dsconfigad and then create and append the Search Policy with dscl.
__________________
ACSA, ACMT
calderone is offline   0 Reply With Quote
Old Mar 12, 2010, 01:55 AM   #3
Omena.com
Thread Starter
macrumors newbie
 
Join Date: Mar 2010
Quote:
Originally Posted by calderone View Post
Just to be sure, you are not just running this are you?

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
If so, you cannot bind to AD that way. You need to use dsconfigad and then create and append the Search Policy with dscl.
Hi!

Yes, that is just the first step.

then
dsconfigad (binding)
dscl ... (add search paths)
...
Omena.com is offline   0 Reply With Quote
Old Mar 12, 2010, 07:26 AM   #4
calderone
macrumors 68040
 
calderone's Avatar
 
Join Date: Aug 2009
Location: Seattle
To my knowledge you do not have to change the directory services plist to bind to AD. Most daemons, like DirectoryService load with the plist on initial startup, so any changes after DirectoryService is loaded would mean that you need to log out or possibly reboot (or restart the service in Terminal, but I wouldn't try that with DirectoryService. So this would be an ineffective method for activating the AD plugin and subsequently binding.

As far as I know, you simply need to bind and set the search paths. If successful, the AD plugin will activate automatically.


You may want to refer to Apple's document on the subject of Macs and AD:
Best Practices: Integrating Mac OS X with Active Directory
__________________
ACSA, ACMT

Last edited by calderone; Mar 12, 2010 at 07:33 AM.
calderone is offline   0 Reply With Quote
Old Mar 15, 2010, 01:38 PM   #5
AdamR01
macrumors 6502
 
Join Date: Feb 2003
Send a message via AIM to AdamR01
This is what I do on my lab machines (sensitive info changed of course):

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
sudo dsconfigad -a `hostname | cut -f 1 -d '.'` -u administrator -p adminpasswd -domain yourdomain.com -ou "OU=Macs,DC=yourdomain,DC=com"
sudo dscl /Search -create / SearchPolicy CSPSearchPath
sudo dscl /Search -append / CSPSearchPath "Active Directory/All Domains"
sudo dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
sudo dscl /Search/Contacts -append / CSPSearchPath "Active Directory/All Domains"
sudo killall DirectoryService
This is with Leopard, not Snow Leopard but I do not think much has changed in this department. This should take effect without a reboot because launchd will restart DirectoryService if it sees that it died.

This is the 10.6 version of the article I got my information from: http://www.peachpit.com/articles/article.aspx?p=1431816
AdamR01 is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Script to bind OSX to Open Directory AppdIT OS X 10.8 Mountain Lion 1 Nov 6, 2013 06:43 AM
Active Directory MonsterRain OS X 10.8 Mountain Lion 1 Aug 8, 2013 12:09 PM
MacBook Pro 10.8.2 with Active Directory MsCasey99 MacBook Pro 3 Jan 30, 2013 02:54 PM
HELP adding 10.8.2 to 2003 Active Directory Slimjim1520 OS X 4 Oct 19, 2012 10:16 AM
Lion client auth bind 10.6.8 server not responding after successful bind Ccarroll Mac OS X 10.7 Lion 0 Jul 25, 2012 09:15 PM

Forum Jump

All times are GMT -5. The time now is 05:05 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC