Classic support for network (AD) users

[Anonymous]

Thank you for your article on authenticating to Active Directory.? Have you run across the problem of these Active Directory “network” users being unable to run Classic, and Mac OS9 applications?? It appears to be a permissions related issue that only occurs to these network users (not local users on the machine).? I’ve followed the steps in the article, including mapping the user’s primary group ID to 20 to put all these network users into the staff group. Any idea of the issue at play here, or how to correct it so that these Active Directory authenticated users can run Classic & OS9 applications?

[Anonymous]

Thanks for the followup.
1. UID is mapped to the Active Directory field uSNCreated.

2. GID is statically assigned the value of group Staff (#20), so my AD admin account is treated the same as any other AD user for now. I hope to utilize an OSX server as you described, but haven’t gotten that working yet. So, for now, all AD-authenticated users are treated the same –they’re logged in as part of the staff group.

-When I log in with my local admin account or even a local non-admin user account, I am able to run Classic and MacOS9 applications.

3. Re: home folders, I hope to eventually map users’ home folders to their existing network folders on our Win2K servers (File Services for Mac). For now though, I’ve just used the /System/Library/User\ Template/English.lproj to make a /User/default folder locally on our machines and used chmod to give logged in users permission to read, write, & execute in this home directory. (see http://www.bombich.com)

Thanks for any help & advice!

[Author]

Posts