Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old Mar 11, 2010, 04:22 AM   #1
Omena.com
macrumors newbie
 
Join Date: Mar 2010
Active Directory client bind via Terminal

Hi!

I have a problem concerning about binding a client computer to Active Directory via Terminal. The binding works perfectly when I do it with the GUI, but with Terminal its just fails.

Client OS: 10.6.2
AD server: Windows 2008 R2

It seems that the Active Directory plug-in won't activate.

Terminal commands:
Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active

dscl localhost -list /
displays
Code:
BSD
Local

Contact
Search
After I do it with the GUI
Code:
dscl localhost -list /
displays
Code:
Active Directory
BSD
Local

Contact
Search
I deleted all the AD plist files from the /Library/Preferences/DirectoryService/
before running the Terminal commands.

Any ideas?
Omena.com is offline   0 Reply With Quote
Old Mar 11, 2010, 08:26 PM   #2
calderone
macrumors 68040
 
calderone's Avatar
 
Join Date: Aug 2009
Location: Seattle
Just to be sure, you are not just running this are you?

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
If so, you cannot bind to AD that way. You need to use dsconfigad and then create and append the Search Policy with dscl.
__________________
ACSA, ACMT
calderone is offline   0 Reply With Quote
Old Mar 12, 2010, 01:55 AM   #3
Omena.com
Thread Starter
macrumors newbie
 
Join Date: Mar 2010
Quote:
Originally Posted by calderone View Post
Just to be sure, you are not just running this are you?

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
If so, you cannot bind to AD that way. You need to use dsconfigad and then create and append the Search Policy with dscl.
Hi!

Yes, that is just the first step.

then
dsconfigad (binding)
dscl ... (add search paths)
...
Omena.com is offline   0 Reply With Quote
Old Mar 12, 2010, 07:26 AM   #4
calderone
macrumors 68040
 
calderone's Avatar
 
Join Date: Aug 2009
Location: Seattle
To my knowledge you do not have to change the directory services plist to bind to AD. Most daemons, like DirectoryService load with the plist on initial startup, so any changes after DirectoryService is loaded would mean that you need to log out or possibly reboot (or restart the service in Terminal, but I wouldn't try that with DirectoryService. So this would be an ineffective method for activating the AD plugin and subsequently binding.

As far as I know, you simply need to bind and set the search paths. If successful, the AD plugin will activate automatically.


You may want to refer to Apple's document on the subject of Macs and AD:
Best Practices: Integrating Mac OS X with Active Directory
__________________
ACSA, ACMT

Last edited by calderone; Mar 12, 2010 at 07:33 AM.
calderone is offline   0 Reply With Quote
Old Mar 15, 2010, 01:38 PM   #5
AdamR01
macrumors 6502
 
Join Date: Feb 2003
Send a message via AIM to AdamR01
This is what I do on my lab machines (sensitive info changed of course):

Code:
sudo defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" Active
sudo dsconfigad -a `hostname | cut -f 1 -d '.'` -u administrator -p adminpasswd -domain yourdomain.com -ou "OU=Macs,DC=yourdomain,DC=com"
sudo dscl /Search -create / SearchPolicy CSPSearchPath
sudo dscl /Search -append / CSPSearchPath "Active Directory/All Domains"
sudo dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
sudo dscl /Search/Contacts -append / CSPSearchPath "Active Directory/All Domains"
sudo killall DirectoryService
This is with Leopard, not Snow Leopard but I do not think much has changed in this department. This should take effect without a reboot because launchd will restart DirectoryService if it sees that it died.

This is the 10.6 version of the article I got my information from: http://www.peachpit.com/articles/article.aspx?p=1431816
AdamR01 is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
thread Thread Starter Forum Replies Last Post
Active Directory Issues After Lion Upgrade andrewbecks Mac OS X 10.7 Lion 13 Jan 15, 2012 07:29 PM
Active Directory, Leopard - unable to bind machine randomlinh Mac OS X Server, Xserve, and Networking 4 Jun 17, 2011 08:28 PM
Terminal, add text to the end of all text files in a directory. Jesse Smith Mac Basics and Help 2 Feb 22, 2011 02:13 PM
Mac client and Active Directory xWinDows Mac OS X Server, Xserve, and Networking 0 Mar 23, 2009 11:24 AM


All times are GMT -5. The time now is 11:38 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC