AFP548

Yet another AD binding problem

jimbosyn
Hello all. I've been trying to get 10.5.x computers to bind to AD for quite some time now. Here is my debug output. I suspect is a permission issue with the AD account. I am able to bind windows clients with no issue whatsoever. The problem seems to be that the computer password cannot be changed. I have tried to pre-populate the computer entry in AD, and get the same error message. Can you guys please help me with this, I have been trying to get it working for over a week. 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Bind Step 1 - Searching for Forest/Domain information 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: chick-fil-a.com - Start checking servers for site "any" 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Total Servers "any" LDAP - 3, Kerberos - 3, kPasswd - 3 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: DomainConfiguration reachabilityNotification - Node: chick-fil-a.com - resolves - enabled 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Bind Step 2 - Finding nearest Domain controllers 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Bind Step 3 - Verifying credentials 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: chick-fil-a.com - Start checking servers for site "any" 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Total Servers "any" LDAP - 3, Kerberos - 3, kPasswd - 3 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: DomainConfiguration reachabilityNotification - Node: chick-fil-a.com - resolves - enabled 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: FindSuitableReplica - Node chick-fil-a.com - Established connection to cfadom01.chick-fil-a.com. 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: kadmEntry port is nil, will use default 464 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Password verify for jolivertest@CHICK-FIL-A.COM succeeded - cache MEMORY:iCsN4KW 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Secure BIND Session Success with server cfadom01.chick-fil-a.com.:389 using cache MEMORY:iCsN4KW user jolivertest@CHICK-FIL-A.COM 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Processing Site Search with found IP 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: No site name available 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: chick-fil-a.com - Start checking servers for site "any" 2008-09-16 15:04:02 EDT - T[0xB0103000] - Active Directory: Total Servers "any" LDAP - 3, Kerberos - 3, kPasswd - 3 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Updated schema for node name chick-fil-a.com 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Updating domain hierarchy cache 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Updating policies from domain chick-fil-a.com 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Updated policies for node name chick-fil-a.com 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Bind Step 4 - Searching for existing computer 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: kadmEntry port is nil, will use default 464 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Password verify for jolivertest@CHICK-FIL-A.COM succeeded - cache MEMORY:V55FqU2 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Secure BIND Session Success with server cfadom01.chick-fil-a.com.:389 using cache MEMORY:V55FqU2 user jolivertest@CHICK-FIL-A.COM 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Doing Computer search for Ethernet address - 00:1e:c2:0b:b6:d6 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Doing DN search for account - grendel 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Closing All Connections 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Bind Step 5 - Bind/Join computer to domain 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: kadmEntry port is nil, will use default 464 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Password verify for jolivertest@CHICK-FIL-A.COM succeeded - cache MEMORY:ZeksKvC 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Secure BIND Session Success with server cfadom01.chick-fil-a.com.:389 using cache MEMORY:ZeksKvC user jolivertest@CHICK-FIL-A.COM 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Looking for existing Record of grendel 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Doing DN search for account - grendel 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: kadmEntry port is nil, will use default 464 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Secure BIND Session Success with server cfadom01.chick-fil-a.com.:389 using cache MEMORY:ZeksKvC user jolivertest@CHICK-FIL-A.COM 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Attempting Add Record...... 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Adding in OU = CN=Computers,DC=chick-fil-a,DC=com 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Added record CN=grendel,CN=Computers,DC=chick-fil-a,DC=com 2008-09-16 15:04:03 EDT - T[0xB0103000] - Active Directory: Setting Computer Password...... 2008-09-16 15:04:06 EDT - T[0xB0103000] - Active Directory: Deleting Record CN=grendel,CN=Computers,DC=chick-fil-a,DC=com... 2008-09-16 15:04:06 EDT - T[0xB0103000] - Active Directory: Setting Computer Password FAILED Deleted Record...... 2008-09-16 15:04:06 EDT - T[0xB0103000] - Active Directory: Computer password change date is 2008-09-15 16:21:09 -0400 2008-09-16 15:04:06 EDT - T[0xB0103000] - Active Directory: Scheduled computer password change every 1209600 seconds - starting 2008-09-16 15:04:06 -0400 2008-09-16 15:04:06 EDT - T[0xB0103000] - Active Directory: Closing All Connections 2008-09-16 15:04:06 EDT - T[0xB031C000] - Active Directory: Failed to changed computer password in Active Directory domain chick-fil-a.com
Exit mobile version