Network account logged on AD bound Mac suddenly non-admin

[strontium90]

Hi all. Im new to directory issues, and really need some help. Ive recently bound my xserve (just fileserver) to my company Active Directory. Before this every account on a Mac was a local user, which I thought this would resolve. The xserve is bound using the Directory Access utility as a domain member, I was able to assign an AD group to the file share in workgroup manager, and users authenticate against it pulling the credentials from the domain controller perfectly. All was well in my small world. Today a user’s computer started giving permissions errors, (applications couldnt save preferences, he couldnt restart or shut down or logoff, or open terminal) There were no logs in the console either. The network user was named “unknown user” under the apple menu. I logged out of the computer and logged back in as an admin using a local account. I unbound the mac from the AD, went to my domain controller and deleted the computer account. I re-bound the mac to the AD, rebooted the xserve. Still can’t get the mac to recognize the network user. What troubleshooting can I try? I’ve been trying to read up, but some of the Unix stuff I’ve read in other posts is a bit beyond me. thanks.

[macinandy]

Hi strontium90, on the client in Directory Acess, make sure the AD Domain is at the top of the list in Authentication and Contacts tab, also cehck that the allow authentication from any domain, under the advanced tab is not selected.

Reboot machine and click 3-4 times on the grey text on the login window under the MAC OS and see what it says about network accounts.

Cheers

[Author]

Posts