[dom9inic]

Might be obvious, but always worth asking. Is your DNS good, as in, can you do forward and reverse lookups?

[dom9inic]

Good to know about the AD schema and home dir mounting being specified in the profile rather than logon script. I think that might be why I’ve had no success yet with SMB home dirs mounting as peeking at the AD schema shows no homeDir specified in lookupd.

Cheers,

[dom9inic]

Hi,

does that mean Apple advocate setting up Tiger server as an OD master and also bound to AD?

I must admit I’m having real difficulty getting the magic triangle working. I have a 10.2.8 server as an OD master, no home dirs. My admin machine is bound to AD and I drag and ddrop my AD users into my OD groups on the server.

Clients Directory Access is set to AD first then OD master. MSX is set on the OD master at the group level.

Yet when my AD user logs into a client, the MCX seems messed up. The dock in particular seems to not play friendly and what applications a user can open, all of which is restricted to some extent at the group level on the OD master.

Perhaps I’m just befuddled.

[dom9inic]

Thanks for the response Z, it’s now fixed. The fix was the Win2K admin recreating the PTR records for the server, now all is well.

Thanks for the input.

[dom9inic]

When you log in using the AD account are the users bound by your MCX policy from WGM? If they are, then I’m not sure you have a problem.

What do you want in the way of clients? All AD logons or a mix of OD and AD?

Have you made sure your authentication tab in directory access has both OD and AD lookups?

[dom9inic]

A little update,

using an LDAP browser, I have looked at my account plus other staff members whom I know have a home folder in a windows share.

Interestingly, I seem to be the only one with the AD attribute “home Direcotry: \\\\” and the other staff members do not have that attribute.

Yet, when I manually mount that share I see all the staff members home folders, and they are home folders because mine contains the .normal Word file and usual rubbish.

This puzzles me because at first glance it means I shouldn’t see a home drive mount when binded to the AD plugin on the Mac, but then again, I’m using my login and I do have the home Directory attribute specified.

I’m trying to set a meeting with my Wintel admins to sort this out.

[dom9inic]

Thanks for taking a look.

[dom9inic]

Hi macshome,

I have disabled use local home (if that was what you were referring to)

I can also manually mount the home folder or put it as a startup item. Of course this is no good as I’m trying to setup in a college environment with dynamic logins.

Can someone please confirm that what I’m attempting is actually possible:

Bind clients to AD in straightforward manner so when they login they receive their windows home directory automounted.

Then manage them using Mac OS X Server as an OD master and further adding afp automounts.

Cheers

[dom9inic]

Just run a lookupd -d userWithName and it turns out I’m not pulling the AD account at all, it shows the home as /Users/myUserName

(Ponders a coffee break.)

[dom9inic]

Cheers for that. I’ve asked the AD admin to up the MaxPageSize in ADSI but he didn’t seem to pleased about doing it.

We have 35K students and I only need around 300, but gotta see the whole list to select the ones I need.

Thanks again,

[dom9inic]

Hi there,

the home path as seen on the A server is:

\\machineName\Group\myUserName

Regards,

[dom9inic]

That I would need to find out. I’ll be getting all the Windows side info on Monday from the Wintel Admins. Bit of an odd situation, they are not too forward coming in aiding my “research”.

Don’t want to post that info on the web anyway, no offence.

Once I find out all the AD info, how do I use it to troubleshoot the problem? Via dscl, lookupd etc?

When monitoring through DirectoryService.debug.log the bind shows no errors.

Thanks for the input, I’ll let you know.

[dom9inic]

Hi all,

So I finally received a copy of the 10.2 Server media and it installed perfectly and the kernel panic is gone.

So for whatever reason, the Xserve is sensitive to my media.

I’m a happy camper now.

[dom9inic]

It would appear that if you are on a corporate LAN then other machines are using the switches and routers just fine. So this does seem like an Xserve issue.

I think we need to know more about the setup first. What services are you running on the Xserve, are you fileserving via afp or smb or nfs etc. What OS are the clients running? How do they access the shares, at login with script, or manual mounting?

Is your Xserve nailed down with a static IP? Have you entered in FQDN on the server, can you get a reverse lookup going with the server.

[dom9inic]

Are you guys in the States? Is it easy to get certified in the UK on these courses?

Can anyone give a little more background on whether it is necessary to do the ludicrously expensive 5 day training programs and how useful people have found it for employment.

[Author]

Posts