Active Directory, Leopard - unable to bind machine

Discussion in 'Mac OS X Server, Xserve, and Networking' started by randomlinh, Nov 25, 2008.

  1. randomlinh macrumors newbie

    Oct 19, 2006
    I'm having a hell of a time trying to bind some new Leopard machines to our domain. I had successfully done this w/ 10.4, but held off on it because of unrelated issues. I figured I'd just wait for 10.5 to mature some and do it all then for the few systems we have.

    I have the ability to join systems to our domain, no problems on the windows end. I even tried to pre-allocate the system in AD before joining it, no go. What happens is I get this error while attempting to bind:
    failed to changed computer password in Active Directory

    All I can come up with from google was try opening port 464. Well, it's already open. I will say early on when I tried, I had noticed the mac blip onto our active directory tree, then disappear after it failed.

    Reverting back to 10.4 isn't an option, especially since this is brand new hardware. It's a small enough number of systems that I could just manually manage each machine, but this would greatly simplify password issues and seamless integration w/ our network shares.

    Appreciate any assistance
  2. flyingcactus macrumors newbie

    Apr 4, 2008
    I am having the same problem - except I am having it on all machines, 10.4 , 10.5 and 10.6. The issue seemed to come up when we added server 2008 domain controllers.

    Have you found any solutions yet?
  3. MUHenslel macrumors newbie

    Jun 16, 2011
    Seeing the Same Problem with Snow Leopard

    We recently extended our test and production AD Schema's. We started by extending our test schema with the Snow Leopard extensions. We tested everything - joining, Workgroup Manager, etc.

    Then Lion came out about the same time we were ready to extend our production domain. We compared ldif files and there's only one field that is different between the Snow Leopard extensions and Lion. That field is apple-hwuuid.

    We added the Lion schema extensions to our test domain and tested Lion. I'm not sure if we tested Snow Leopard (bad mistake!).

    We went ahead and extended our production domain with the Lion extensions. We can join a Lion machine to our domain, but we can't join Snow Leopard. We are getting the error message: "DirectoryService[15]:Failed to changed computer password in Active Directory domain".

    (That typo/grammer problem is cracking me up!)

    Any feedback is appreciated, even if you are just confirming the same problem in your environment. We have emailed our Apple System Engineer also.
  4. pismobrat macrumors regular

    Aug 13, 2007

    I had the same problem which was solved by elevating my FSMO role of my domain to 2k8
  5. satcomer macrumors 603


    Feb 19, 2008
    The Finger Lakes Region

Share This Page