Home Forums OS X Server and Client Discussion Active Directory Trouble binding to AD

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • May 15, 2006 at 5:56 pm #366178
    Alphadog7
    Participant

    I am running 10.3.9 on an eMac. When I try to bind to my Windows 2000 AD server I get the following error on step 5:
    “Unable to access domain controller

    This computer is unable to access the domain controller for an unknown reason.”

    I have read about others having this issue, but I can’t find the solution….

    THANKS!

    May 15, 2006 at 6:14 pm #366179
    jdyck
    Participant

    I went through some similiar issues with having difficulties binding computers to Active Directory… Turned out to be a Domain Controller issue, but one of the things that helped me enormously in figuring out was to enable the DirectoryService logging by going into the Terminal before binding and typing “sudo killall -USR1 DirectoryService”. After you try binding to AD you can then go into Console and choose the /Library/Logs/DirectoryService/DirectoryService.debug.log.
    I found there was a lot of great info in that log that helped me trace the problems down. In my case the poor computer was trying all over our slow WAN to try and find a server to bind to, when there was a domain controller sitting right next to it. Brought in our AD guru and he found all kinds of things wrong with the DC, rebuilt it from scratch and now everything is fine and beautiful in AD land.
    Hope that helps.
    Cheers
    Jeff

    May 15, 2006 at 6:20 pm #366180
    Alphadog7
    Participant

    Thanks Jeff!!

    Any of this look familiar? The “Clock Skew” bit looks to be responsible… Incidently, this only happens on a couple machines, the rest seem OK…

    2006-05-15 14:06:33 EDT – ADPlugin: Good credentials for me@here
    2006-05-15 14:06:33 EDT – ADPlugin: No connection in connection mgr for Me@here:389
    2006-05-15 14:06:33 EDT – ADPlugin: GSSAPI FAILED doing gss_init_sec_context: Clock skew too great in KDC reply
    2006-05-15 14:06:33 EDT – ADPlugin: Secure BIND Session FAILED with server domain controller:389
    2006-05-15 14:06:33 EDT – ADPlugin: GSSAPI FAILED doing gss_init_sec_context: Clock skew too great in KDC reply
    2006-05-15 14:06:33 EDT – ADPlugin: Secure BIND Session FAILED with server domain controller:389
    2006-05-15 14:06:33 EDT – ADPlugin: Unable to read the schema, something wrong, using existing info…
    2006-05-15 14:06:33 EDT – Plug-in call “dsDoPlugInCustomCall()” failed with error = -14006.
    2006-05-15 14:06:33 EDT – Port: 8239 Call: dsDoPlugInCustomCall() == -14006
    2006-05-15 14:06:33 EDT – ADPlugin: Calling CloseDirNode
    2006-05-15 14:06:33 EDT – Plug-in call “dsCloseDirNode()” failed with error = -14278.
    2006-05-15 14:06:33 EDT – Port: 8239 Call: dsCloseDirNode() == -14278

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.