[phuber]

[QUOTE][u]Quote by: sboomer[/u][p]We also run DeepFreeze in this enviroment and found a work around here for it:

[url]http://www.mikespike.org/2008/08/12/osx-leopard-deep-freeze-and-active-directory-oh-my[/url]

The solution for was to run: (From Terminal)

dsconfigad -lu username -lp password -passinterval 0

The we rebound all the computers and refroze. We haven’t had the problem since.

Does anyone have a clean generic script for bind a computer to a domain using it’s current ad bind?[/p][/QUOTE]

This is the script I use on our campus to bind our computers to AD. This script will get the Computer Name from the local client then use that name when binding to AD. We also have Deepfreeze on our computer which is why the ending passinterval 0 is in there (so the computers don’t try to re-authenticate after the default 14 days). After binding to AD the script creates a custom search node for Active Directory. Modify as needed:

computerid=`/usr/sbin/scutil –get ComputerName`

dsconfigad -f -a $computerid -lu LocalUsername -lp LocalPassword -u ADUsername -p ADPassword -domain yourdomain.edu -CN Computers,DC=yourdomain,DC=edu -mobile disable -localhome enable -useuncpath enable -protocol smb -shell /bin/bash -nouid -nogid -noggid -preferred preferreddomain.yourdomain.edu -nogroups -alldomains enable -packetsign allow -packetencrypt allow -csp=”/Active Directory/All Domains” -passinterval 0

killall DirectoryService

sudo defaults write /Library/Preferences/DirectoryService/SearchNodeConfig “Search Node Custom Path Array” -array “/Active Directory/All Domains”
sudo defaults write /Library/Preferences/DirectoryService/SearchNodeConfig “Search Policy” -int 3
sudo plutil -convert xml1 /Library/Preferences/DirectoryService/SearchNodeConfig.plist

[Author]

Posts