Set “Add DHCP-supplied LDAP servers…”

[mdspidle]

Does anyone know a command line utility or plist where this can be set. I need to set the LDAP pref for “Add DHCP-supplied servers to automatic search policies.”

I’ve searched but can’t find it anywhere.

Thanks

Mark

[Patrick Fergus]

It appears to be here the following files at /Library/Preferences/DirectoryService:

ContactsNodeConfig.plist
ContactsNodeConfigBackup.plist
SearchNodeConfig.plist
SearchNodeConfigBackup.plist

And it’s this key (specifically the “true” key):

[code]DHCP LDAP

/Sets/629329B4-XXXX-XXXX-XXXX-XXXXXXXXXXXX

/Sets/8CFDFFE0-XXXX-XXXX-XXXX-XXXXXXXXXXXX
[/code]

But I have [i]no[/i] idea what those UUIDs correspond to.

– Patrick

[brent.bb]

Hello.

As far as I can tell, that UUID is related to the connected network. I set that preference in Directory Utility on one Macbook, then copied the files to another Macbook and it worked. Then, when I took the second Macbook to another campus with different DHCP service/IP range settings and its own local OD replica, the files had been changed so that the output is similar to the example output. Another /Sets/UUID had been created with a setting of false.
I took a look at a SearchNodeConfig file from Tiger, and key was set to “/Sets/0” = 1
Manually removing the UUID entry and setting an entry with ‘0’ on a Leopard machine results in the “Network Accounts Unavailable” message at the Login Window, and the checkbox in Directory Utility becoming unset.
I re-enabled the checkbox in Directory Utility and it re-added an entry with the same UUID as before.

Does anyone have more insight into this issue?
Thanks,
Brent Bandelgar
MOST Training & Consulting

[Patrick Fergus]

This is a real Friday activity–I have some time to mess with it.

The UUID corresponds to a “Set” in this file:[code]/Library/Preferences/SystemConfiguration/preferences.plist[/code]A “Set” appears to be a network “Location” (there is a key, “UserDefinedName” which is set to “Automatic” in this file, which corresponds to the only location on my test box). I’m hoping you only have one location, or else you may need to tap someone whose scripting kung-fu is better than mine.

So you could string everything together and get the following:[code]#!/bin/bash

currentSetUUID=`defaults read /Library/Preferences/SystemConfiguration/preferences CurrentSet`
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig “DHCP LDAP” -dict-add $currentSetUUID -bool true[/code]If the UUID is already there, dict-add just flips the bit to true.

The downside to this is that /L/P/SC/preferences.plist doesn’t exist until the machine has started up [i]after[/i] being imaged. You’ll need to create a payload-free package that postflights the above code and have that package install on the first startup of a freshly imaged machine. And it wouldn’t hurt to check to make sure you’re getting back valid information from the “defaults read” before proceeding to act on it since I don’t know exactly when in the startup process /L/P/SC/preferences.plist is created.

– Patrick

[brent.bb]

Wow, thanks, Patrick! I was looking all over my servers for that UUID, after Spotlight failed me on the client machine.
I’m going to stick that in a first-boot suicidal StartupItem script I have written for this image that runs networksetup, which should certainly create the set. (I’ll see after I do a ‘restore’ 🙄 )
This is problem I am trying to solve:
I am creating an Leopard image for a school with four campuses, each with its own OD replica that is offered via DHCP. Ideally, I want the “clean” InstaDMG product to be served up via NetRestore. So, I’m trying to automate as much of the configuration as I can through either first-boot packages/scripts or MCX. The MCX setup is already done and well-understood for our existing Tiger clients, but it isn’t very helpful if the upgraded machines don’t know to get the LDAP servers 😀
– Brent

[brent.bb]

That is a great idea. It wasn’t possible with the previous network setup, but we have redone the inter-campus links this year and I will be redoing the DNS configuration soon.

[Author]

Posts