Home Forums OS X Server and Client Discussion Open Directory Augmentation Records

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • October 31, 2007 at 11:59 pm #370363
    cashxx
    Participant

    Did anyone watch the Server webcast the other day on macenterprise.org?

    They mentioned about “Augmentation Records” but I can’t find anything on this feature anywhere, does anyone know where to find more information on this or if its under another name or what?

    Its supposed to be able to set AD settings or something without having to extend the AD Schema.

    Thanks,

    Dan

    November 1, 2007 at 1:50 am #370365
    cashxx
    Participant

    Yea I know that much, but I’m looking for more info on how to implement it and stuff…….I figured it would be on Apple’s developer pages or something, but I can’t find anything on it. Thanks for the info though…..will look forward to the article.

    Dan

    November 1, 2007 at 3:33 am #370368
    cashxx
    Participant

    Ahhh…shoot

    I was afraid that was the setup! It would be a pain when new accounts are made in AD….you would then need to import that new user into OD as well. We are always adding and removing accounts in AD, would be just an adding pain for the admin to have to do this each time.

    Thanks for the quick replies and info! Still looking forward to reading the articles though!

    -Dan

    November 1, 2007 at 8:00 pm #370378
    JohnOgle
    Participant

    [quote]1. Ensure that you are hosting an LDAP domain and that it has been set up correctly.
    2. Bind to AD.
    3. Using Server Preferences -> Users import users from AD. This creates the stub record which does the augmentation magic.
    4. Bind your clients to both AD and the LDAP hosted by your server.
    5. Use WGM as normal on the “users” in OD that are actually AD users.[/quote]

    I’ve followed this on a clean install through step 4. However in WGM I don’t see additional users listed in the LDAP directory. I can find them using the inspector and viewing the Augment records directly.

    When logging into an augmented user from a client machine bound to the AD and then the OD server, any mcx or other management settings are not applied to the session and nothing shows up in an mcxquery for the augmented user. Authentication works just fine through AD.

    Management application of normal user accounts stored in OD work just fine.

    I’ve tried both with and without using a mobile account, but there is no difference on the management part.

    Has anyone run into this or something similar? Any ideas on where to look next?

    November 6, 2007 at 6:34 pm #370444
    poobie
    Participant

    John – I’m seeing the same behavior. additionally, augmented users are unable to log in to the calendar server. it makes principals for them, but will not allow them to auth.

    November 6, 2007 at 8:21 pm #370447
    JohnOgle
    Participant

    Well it’s good to know I’m not alone in this. I’m pretty sure I’ve confirmed it as a bug in a conversation with an Apple Engineer so here’s hoping for 10.5.1

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.