[QUOTE][u]Quote by: MacTroll[/u][p]The AD plugin was updated to handle this. I thought the functionality went as far back as 10.5… but your experience leads me to believe that my memory is wrong and it only started doing this with 10.6.
So the short answer is… 10.6 got new functionality to do this, and it won’t work out of the box for you on 10.5.
It’s feasible to cook something up on your own, but it would probably be more effort than it’s worth.[/p][/QUOTE]
Is it a bug? The problem I have is the clients become unresponsive for a period of time – maybe they’re trying to renew kerberos? – but I’m sure it’s a DNS issue.
Only thing I can think of is to manually register them in DNS.
Specifically, when our 10.6 clients bind to AD, they get forward and reverse lookup on the AD DNS.
[code]
phyb-m-2143-c2s:~ admin$ nslookup ANAT-M-581-II.ad.xxx.edu
Server: 131.193.68.141
Address: 131.193.68.141#53
[QUOTE][u]Quote by: Jon_c[/u][p]Thank you for the recommendations!
I was able to use the -u option with the createmobileaccount tool and specify the afp user home sharepoint where I had previously directed my AD augments ( e.g. sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n username -u afp://server.domain.edu/Users/username ).
After that I logged in with my AD credentials and was prompted with the option to create a portable home directory – synchronization to the network home worked flawlessly and all the mobility settings that I had previously designated for the OD group of with the AD user was a member functioned properly.
[/p][/QUOTE]
This worked for me on a 10.6 client. Do I still need the MCX setting Tom H talked about?
I’m having the same problem however, it’s because some script kiddies are running a dictionary at the server. At somepoint sshd must die because no one can login and we have to hard reboot to get back up.
HELP!
Oct 19 16:38:43 comrb-24-10 sshd[5114]: Illegal user linda from 210.95.212.131
Oct 19 16:38:43 comrb-24-10 sshd[5114]: Failed password for illegal user linda from 210.95.212.131 port 60525 ssh2
Oct 19 16:38:45 comrb-24-10 sshd[5116]: Illegal user linda from 210.95.212.131
Oct 19 16:40:44 comrb-24-10 sshd[5116]: fatal: Timeout before authentication for 210.95.212.131
Oct 19 16:41:31 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:08 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:14 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:20 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:25 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:31 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:36 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:42 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:48 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:53 comrb-24-10 mDNSResponder: Unknown DNS packet type 5020 from 128.248.155.165:1951 to 10.134.24.10 :5353 on 01816000 (ignored)
Oct 19 16:48:59 comrb-24-10 launchproxy[5166]: /usr/libexec/xftpd: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 16:48:59 comrb-24-10 launchproxy[5166]: /usr/libexec/xftpd: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 16:48:59 comrb-24-10 ftpd[5168]: getpeername (xftpd): Socket is not connected
Oct 19 16:58:47 comrb-24-10 launchproxy[5200]: /usr/libexec/sshd-keygen-wrapper: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 16:58:47 comrb-24-10 launchproxy[5200]: /usr/libexec/sshd-keygen-wrapper: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 17:02:48 comrb-24-10 sshd[5225]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Oct 19 17:02:48 comrb-24-10 sshd[5225]: fatal: Cannot bind any address.
Oct 19 17:03:06 comrb-24-10 launchproxy[5227]: /usr/libexec/xftpd: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 17:03:06 comrb-24-10 launchproxy[5227]: /usr/libexec/xftpd: getnameinfo(): Non-recoverable failure in name resolution
Oct 19 17:03:06 comrb-24-10 ftpd[5228]: getpeername (xftpd): Socket is not connected
Oct 19 17:03:31 comrb-24-10 reboot: rebooted by locals
typically I’ve logged in to a server account first on a desktop (to make sure the account is okay), then logged out and then log in on a laptop, go to system preferences and select Create Mobile Account. Tiger does it’s wonder automagically.
Syncing doesn’t work on our wireless since it’s not the same subnet.
Recent Comments