Home Forums OS X Server and Client Discussion Active Directory limited users in Workgroup manager

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • July 17, 2003 at 3:10 pm #356135
    lamasculo
    Participant

    Hi

    After much experimenting we finally got Active Directory integrated with OSX. We have done the amendments to the schema etc etc. Our test environment only consisted of about 30 users and everything worked a treat. OS9 clients logged in via mac manager, you could see all the users from AD in the workgroup manager, OSX clients logged in directly to the Win2k server/AD. All home dirs exist on the Win2k machine.

    Now we are onto a rollout and we get the following problem.

    We set up the AD machine, it has around 1600 users. We set up the OSX server; go through Directory Access do all our mappings etc.

    WorkGroup manager can only see 1003 users. We have manipulated various OU’s on the AD machine, but WGM never sees more than 1003 users.

    Is there a limit on WGM? IS this an undocumented feature?
    Any ideas?

    thanks in advance

    David

    Got this fixed

    its a limit in Active Directory within the configuration container

    configuratiuon container->services->windows NT->Directory Service->Query-Policies

    pull up properties on Default Query Policy
    Select IDAPAminLimits
    Modify MaxPageSize to rquire number

    got this from apple developer connection

    regards

    David

    November 3, 2005 at 10:14 pm #363929
    Anonymous
    Guest

    Hi,

    Can you give us some direction on how you went about changing the active directory schema to allow Mac Manger to work – and to get the OS9 clients to authenitcate??

    I – and I assume many other people – are having trouble finding information about OS9 / AD integeration

    Thanks

    Travis

    November 3, 2005 at 11:57 pm #363931
    superrcat
    Participant

    [QUOTE BY= madcat] Hi,

    Can you give us some direction on how you went about changing the active directory schema to allow Mac Manger to work – and to get the OS9 clients to authenitcate??

    I – and I assume many other people – are having trouble finding information about OS9 / AD integeration

    Thanks

    Travis[/QUOTE]

    You can’t extend the Active Directory schema for Macintosh Manager. The extension that is mentioned (and which is no longer required) was to enable Active Directory to function as a mock Open Directory server. Your best bet would be to follow this article for setting up Kerberos authentication between Active Directory and your OS 9 clients. Macintosh Manager 2: Using Macintosh Manager in a Kerberos Environment. I would highly recommend exploring migration plans from OS 9 as the difficulty to support and maintain a legacy deployment will continue to increase.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.