I would like to upgrade our Xserves to Tiger but am having major issues in the test lab. Here’s the scenario:

Tiger server 10.4.1
Windows Domain 2003
Tiger Server bound to AD and OD configured as “Connected to Directory System”
Tiger clients bound to AD

O.K. So the AD users and groups are showing up fine in WGM. However, I cannot assign AD groups to my share points on the Xserve. It will allow me to drag them into the ACL window, but the name of the group changes to the GID number with an error next to it. I can save, but the share point is still not available to the group.

I actually got the group with proper name to stick for a while. In Server Admin, I then changed AFP access to Kerberos and restarted the service. But connecting to the share point produces an error “32”. Nothing else, just 32.

What’s really strange; when attempting to connect to the share point, the client is receiving a Kerberos service ticket from the KDC (afpserver/[email protected]) but still can’t connect.

Is anyone using 2003 AD integration yet with Tiger? Not ready for prime time maybe?

Using Panther server, I have the Xserves set up as OD masters and bound to AD. This allows me to use OD groups and AD Users. Have been doing this for about a year with no problems. Can’t make this configuration to work with Tiger though.

Would love some feedback.

Thanks,

Jim