Hi
Im using noth 10.5 server and clients, setup my open directory and im using the golden triangle to create od groups and nest AD groups within and assign preffs.
My trouble is that for this to work, the OD Kerberos has to stop which is ok until I want to require authentication when binding a new client top the OD. Authentication when binding is the only automatic way I know of adding a computer record in workgroup manager, no other way has worked for me.
What I want to do is create an OD group called laptops with all our macbooks in I want to then set it up so that on these laptops, any AD user that logs in, it creates a mobile home (non synced). If this very same AD user logs in on any other mac not in this macbook group, then they do not get a mobile home.
This sounds like it should all work, but if I try and require authentication when binding, I get an error that kerboros isnt working on the OD master (which is by design!) If I try and use the existing computer record in AD by creating an OD computers group and nesting the AD computer in that group, that doesnt work either, then the mac just doesnt seem to login at all!
If anybody could point me in the right direction, that would be great!
.
.
Comments are closed