[Anonymous]

Thank you for your quick response.

If this authenticate user belongs to the Domain Users group, he can’t do authentication. If I assign him to the Domain Admins group, he can authenticate without any problems. Is that how you would assign permission? If you have any other ways of giving this user NT permission to do authentication, please let me know. I do not want to assign him in the Domain Admins group if I do not have to.

Thanks.

[Anonymous]

[quote:9bf0c02a2d=”MacTroll”]What do you mean by “info”?

Joel[/quote:9bf0c02a2d]

Some text information about content and owner.

Artem

[Anonymous]

hi,

i could i set up my xserve as a proxy server? any help would be appreciated.

[Anonymous]

Hi BossaNova

Probably you realy need to write on the ad, at less the mac UID.
The win UID is cripted, and so you can’t use it.
Without a UID, you will finish ine the console, and won’t be abble to login in the finder. The other way is to put a static UID, for exempel #521 directly in the Directory access mapping. If you have not access to the AD, but you have a account who have the permission to change it, you should use a ldap browser for add the values. For exemple go to http://www.iit.edu/~gawojar/lda.

Good luck

[Anonymous]

Hi,

MacTroll:
Q: What network settings do I need to enter for the second NIC?
Q: What settings must I enter for the Airport Base station?

The second NIC needs to be on the 10.0.42.1/24 network. So give it 10.0.42.1

The airport at this point need only be in bridge mode. It isn’t acting as a DHCP server or a NAT box, just as a wireless access point.

LEO REPLY:

Why must it be 10.0.42.1/24?
On my lan we have a Firewall and have a VPN connection to an exsiting
network 10.0.x.x 255.255.0.0.

If I use 10.0.42.1/24 on my second NIC, Will this conflict with our VPn 10.0.x.x network? Any suggestions?

MacTroll:

Q: How do you setup and specify DHCP on the second NIC Card?
Q: What is the network subnet mask etc for the second NIC?

Read our article on setting up NAT for more info, or just use server settings and configure the DHCP server. If you aren’t using client and want to make this easier you should be able to just set up internet sharing in the sharing preferences pane. This will create at 192.168.1.1/24 network instead of 10.0.42.1/24 but other than that should be similar.

LEO REPLY:

By turning on Internet sharing, yes but, how will it determine to use my second NIC? and when I create the second NIC, what IP setting do I use before applying the Internet Sharing? Can this cause any problems on my exsisting network?

MacTroll:

Q: In that psk.txt file, wemust replace asecretcodegoeshere with our in all 4 areas? what about the field with macuser@localhost somethingsecret ??

You’ll need to have an entry for every client IP and then the shared secret in the psk file.

I’m a little confused by your question without seeing what your psk file looks like.

LEO REPLY:

In the psk file there are 4 locations that specify to enter a secret code, must we enter the secret code in each of those areas?

Thks again for responding!
Leo

[Anonymous]

Thanks for the quick response Joel. I’m understanding bit by bit! It’s more of a struggle than I thought. To put the MAC address in netinfo what label do I put in? I understand I need the netinfo labels: name, serves and ip_address, but don’t know what to put in for the MAC address
Thanks,

Gregor

[Anonymous]

Try also allowing IP protocol ID 50 and IP protocol ID 51 through the firewall in both directions for Encapsulating Security Protocol (ESP) and Authentication Header (AH).

Larry

[Anonymous]

Hi Craig

If I map the group whith wrong things, Workgroup manager don’t have some “whelcome” error message.
If I delete the group in the ldapv3 map, workgroup manager tell me :
Got unexpected error
Error of type -14130 on line 1988 of PMMUGSearchController.mm

It it the same for you ?

I still unable to use the netinfo group with a osx client.

A strange thing is that once, I’ve obtain with OSXs an open ldap server, and with an other install he don’t appear any more in the ldapv3, but he’s in the netinfo servers. Which is the correct one ?

❓

[Anonymous]

Joel,
Thanks for the quick response! FYI, I checked and I do have LDAP in the authentication section. 😥
I’m sure it’s the mappings. Since I’m using the static mapping method, should every mapping that I use need a # in front of it?

Thanks again!

[Anonymous]

idem for me… one reboot later it works…. 😯 😯 😯 😯

[Anonymous]

Okay got it working…wohoo.. but I broke rule #1 didn’t write down the exact settings..

Went on to play with login hooks and screwed the pooch on the test box…

I thought I’d set it up again on a vanilla client only to find I can’t get it to work…

I can lookupd to get users etc but even with the staic values for user name and primary group I get dumped into Darwin … any thoughts?

TA 😉

[Anonymous]

Hi,

I just wanted to add more info to my original post…
I would appreciate it if someone can give me more detailed info on the setup
with IP# and settings for the 3 steps….

———————————————-
My Lan settings:
———————————————-

– Firewall SonicWall 10.1.1.1 with NAT
– No Dhcp Server, all static addresses
IP#: 10.1.x.x
Subnet: 255.255.0.0
Router: 10.1.1.1
DNS: xxxx

———————————————-
The G3 as a Gateway:
———————————————-

NIC-To-Lan:
– Do I just assign a static IP ex:. 10.1.x.x or must I use another network?

NIC-To-Airport Base:
– What are the settings for the Airpot Base (IP, mode???)
– How or what becomes the Dhcp server…what settings?

Will these settings affect my stable Lan in any way?
All I want is to have all Wireless connections communicate via IPSec and have access to my LAn’s Firewall, Internet and Fileservers…

Thks
Leo

[Anonymous]

Any thoughts?

[Anonymous]

It says it’s been going for over a day, with 2 users. I assume that’s root (before I disabled it) and my admin user. So I guess it’s a logout, not a restart.
-Allan

[Anonymous]

Yes that helps a lot! Thanks!

by using ipphone (as in your example) will that write to the ad server?

I am beginning to think I should buy a machine to run at home and try this there. You did warn us this was involved!!!

[Author]

Posts