OSX on MS active Directory

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Obixcx, Apr 1, 2010.

  1. Obixcx macrumors newbie

    Apr 1, 2010
    I hope I have done this in the right area, if not im sorry.. I'm an old school Apple person when 7.1 was the OS and ISDN was used to move files, I went to Windows and now returning to Macs I have found so much has changed.

    We had to add 6 Mac OS X systems to Our Windows based AD system Using the Directory Utility. For a number of years they were not on AD but could access the files we allowed them to on windows 2003 servers via shared permissions. Since They have been on the AD Network, they can still still see the shares, access them but cannot delete or overwrite the files, even when permission is granted on the share with the persons name or group. They could do everything before the Move to AD.

    what is strange that If i choose the " connect as" option and use the domain administrator login, it logs in just fine but give me a permissions error when I try to rename or delete. Again, this is only on the macs

    Only thing new in the entire mix is that we added a 2008 domain server and moved the FSMO Roles from the old w2k server to the new one. (This appears to be affecting just the OSX workstations (10.5.8 Leopard_

    Any ideas?
  2. hakuryuu macrumors 6502

    Sep 30, 2007
    Lomita, CA
    Do you have Kerberos active on your AD server? I have my Mac Pro connected to our Server 2003 AD and since I do not log out each day I have to use Ticket Viewer to renew my kerberos ticket. This allows me access for the account the ticket is for.

    Also, if you can only see and read the shares that still sounds like your permissions are not working correctly server side. I know you have done so but double check the groups your users are members of and what those groups have access to. If you did a migration instead of a fresh setup something might not be quite right.

Share This Page