Home Forums OS X Server and Client Discussion Active Directory Odd behavior in Workgroup Manager

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #382617
    ajg372
    Participant

    We are running 10.7.4 and managing domain users (as well as local users) locally via Workgroup manager.  I can create a local group (say ad_users) using dscl but don’t know how I would go about scripting the addition of ‘AD\Domain Users’ as ‘Members’ of this group.  I have already added our AD server as a search directory so it’s only a few clicks to add manually, but I really need a faster solution.

    However, currently, if I add the group Member ‘AD\Domain Users’ manually under the “Members” area in WGM (using the Plus sign), I save and hit refresh and it immediately says the group is ‘Not Found’.  I have seen there are reports of this behavior but don’t see a fix.  Anyone?

    Thanks in advance!

    #382876
    mgnicks
    Participant

    I am seeing the same issue on 10.8. WGM allows you to add ad users /groups into the OS X groups to allow MCX management but as soon as you change tabs or refresh the view the groups come back with not found. We did manage to drag in a couple AD groups that “stuck” after a refresh, but as we cannot view the AD, we are not sure what differences there were between the groups/user accounts.

    I found a post on experts exchange with the same issue and he suggested a fix. This was to change the security group from global to domain local. However, after checking with the admin for the AD, the groups that we could add had the same settings as the groups that we couldn’t.

    Your mileage may vary though.

    #383092
    yavnehtech
    Participant

    I cant seem to reproduce your issue, I have WGM 10.7 running on a 10.7.4 client, and my AD domain has the schema modified / extended for supporting Macs. The tutorial I followed was a podcast video by Timothy Perfitt called Modifying Active Directory Schema. I dont know if thats why your WGM is having issues, but all I know is that I am authenticated to LDAPv3/127.0.0.1 after connecting to the server and this server is bound to AD, but again the AD has been modified to support Macs by extending the schema so the settings play nicer together.

    #384505
    salediablo
    Participant

    Hello, everybody, and players from Malaysia – Smecta. Today was not thought to be post. Read some forum posts, I feel it is necessary to share the players from the witch doctor comprehend a Build. Of course, I believe Build Perhaps the players tried, but I did not read about it in a forum similar posts. Put it to the finishing, d3 gold to others.

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.

Comments are closed