using AD authentication

[yoshiatsumi]

Hi, I am trying to use AD authentication from my mac computer. I was able to bind successfully on Active Directory plug-in. But I don’t my mac login is authenticated against AD at all. (I have the same user name both in AC and MAC but they have different passwords. I can login into my mac using the mac password but not the AD user password)

I researched a whole day yesterday about how I can set up AD authentication but it sound like AD plug in should be a straight forward setup. Is there any additional step needed to turn on AD authentication?

any help would be appreciated.
thanks,
Yoshi

[honestpuck]

Yoshi,

Your problem is almost certainly that the login names are identical. If you check the order that Open Directory is using the various authentication methods local will be first.

Either change the account name or change the order and your AD login will work.

# Tony

[inkswamp]

It sounds like you’re not understanding the difference between local accounts and network accounts. A local account doesn’t automatically become a network account just because the machine is bound to AD and the local account shares the same name as a network account.

I went through the process of converting two dozen Macs from using local accounts to network accounts last year. The users were all keeping their local user accounts in synch with the network accounts so I went through the process of converting the local user accounts over to the network accounts so I know what you’re trying to do.

You can move all the files in the local account to temporary, safe location, delete the local user account in the Accounts control panel, and then log in using your network credentials. That will create a user account with the same login name, but it will be a network account instead of local. Then you move all those files back over to the home folder, chown them to the network account and carry on like normal.

[yoshiatsumi]

Wow, thanks for your replies. I didn’t know that a local user would conflict with a network user (I thought it will be an automatic transition somehow). I will try to change the local user name and see what would happen.

I just want to clarify one thing though. I am not using Open Directory at all and I am trying to set up a direct connection between AD plugin on Mac and AD on Widows 2003 server. Please stop me this is something the AD plugin is not meant for…

cheers!
Yoshi

[inkswamp]

> Wow, thanks for your replies. I didn’t know that a local user would conflict with a network
> user (I thought it will be an automatic transition somehow).

I wish it was automatic. It would have saved me a lot of time and trouble last year, but unfortunately, it doesn’t work that way.

> I just want to clarify one thing though. I am not using Open Directory at all and I am trying to
> set up a direct connection between AD plugin on Mac and AD on Widows 2003 server.
> Please stop me this is something the AD plugin is not meant for…

The AD plugin will work just fine binding the machine to AD on a Windows 2003 Server. I’m doing it myself and it works great.

[Author]

Posts