Home Forums OS X Server and Client Discussion Active Directory AD account and contact name collision on 10.3.9 server

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • August 26, 2005 at 1:03 am #362937
    blake
    Participant

    What a meltdown…

    So our directory service team has been adding contacts to our active directory that match our user names. This means that I have a “blake” user account and a “blake” contact in AD. For some reason this is used by the wonderful exchange system we are getting..

    The end result is that users can no longer connect to my os X 10.3.9 fileserver. We are guessing that the ad plugin is attempting to use the contact account instead of the user account.

    If I use a secondary user account that doesn’t have a matching contact account logging into the server works as expected.

    Has anybody run into this issue? Suggestions?
    Seems like you should be able to use ad to specify that computer accounts like the one used by my server don’t give a flying rip about contacts..

    Looks like the tiger AD plugin handles this situation properly…
    But I don’t have a ton of time to go around upgrading all my servers tonight..

    August 26, 2005 at 3:36 am #362940
    blake
    Participant

    Yep they added new contacts to the domain with exactly the same name as the user accounts. The suggestion I got from them was to narrow my search base to return only the user accounts.

    I’m not sure the AD plugin can be configured that way but I foresee some serious face to man page time in my near future…

    August 26, 2005 at 8:11 pm #362957
    blake
    Participant

    No luck on changing the search base.

    I’m going for the accelerated upgrade to tiger server plan.
    Good thing I already have the licenses and such on hand.

    The AD plugin in 10.4.2 was able to handle the changes in the directory without issue in my lab.

    Thanks for the input dudes…

    Blake-

    August 26, 2005 at 11:07 pm #362962
    maccanada
    Participant

    This is getting a little OT but…
    Is there any explanation as to why users are being duplicated into contacts? I can think of reasons why an account would be linked to a contact (advanced forwarding or cross-forest Exchange synchronisation), but I’ve no idea why you’d want identical entries. Contacts are pointers to email addresses for external people without Exchange mailboxes. Just curious…

    August 30, 2005 at 11:57 pm #363025
    blake
    Participant

    I was told that the contacts are being used as place holders. The will be removed after the users email account is migrated to exchange.

    Didn’t make sense to me either..

    In the end we restored a fresh disk image of 10.4.2 server and had the systems up and running in a matter of hours.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2026 AFP548. All Rights Reserved.