Forum Replies Created

Viewing 7 posts - 46 through 52 (of 52 total)
1 2 3 4
  • Author
    Posts
  • March 22, 2004 at 5:22 pm in reply to: 10.3.3, AD plugin, granting admin control #357663
    sketch
    Participant

    [quote:f9275d702a=”MacTroll”]
    FWIW: smb homes are fully supported now

    man dsconfigad for more info.

    Joel[/quote:f9275d702a]

    Unless you use M$ Dfs

    March 22, 2004 at 5:19 pm in reply to: 10.3.3, AD plugin, granting admin control #357662
    sketch
    Participant

    if you only have a select group of pople that NEED admin rights, create and AD group of just those users, then give that group admin rights, so the Mac doesn’t have to load ALL the users in your AD.
    Or if your system’s going to be used pretty much by 1 person, manually add that person to the local admin group in netinfo.

    February 19, 2004 at 5:40 pm in reply to: Odd Kerberos issue #357428
    sketch
    Participant

    well it looks like the issue is on the Windows side, but there’s still this issue that tickets don’t auto-renew unless the Kerberos app is open.

    Does anybody have any ideas on where to find a fix?

    and another issue: How do I get my 10.3 server to recognize the authority of the AD TGTs? Currently I’m working on using WGM for machine management while logging in with AD accounts. In order to do this properly I have to have the MacServer isolated, kerberose-wise. It’s NOT bound to the AD (which means I can’t even read information from the AD) and the Mac’s KDC is enabled. I then modify the edu.kerberos.mit file on the clients to access 2 realms.
    I’d like to only have 1 realm for everything: the AD’s KDC.

    January 22, 2004 at 5:06 pm in reply to: AD plug-in causing high CPU load on AD #357255
    sketch
    Participant

    was teh spike on the domain controller(s), file servers, etc? Or all of the servers?

    January 22, 2004 at 4:49 pm in reply to: AD plug-in causing high CPU load on AD #357254
    sketch
    Participant

    [quote:85976bed84=”deejemon”]The other thing we noticed is that AD reports that they are “Domain Controllers”, not “Computer/Workstation”.[/quote:85976bed84]

    Not sure about the CPU load, but we have seen the DC issue. It’s really odd since in the properties of teh machine it says it’s a workstation/server. If you do a “find” for Domain Controllers, no Macs appear. But it still says it’s a Domain Controller.

    January 22, 2004 at 4:06 pm in reply to: Mac OS X Server as a front-end to AD #357253
    sketch
    Participant

    This is an idea I toyed around with as well to avoid integrating 180 clients machines, but I honestly don’t see how it could be done. The primary concern to me is how would kerberos single sign-on work when connecting to shares. All of our storage is hosted off Windows 2003 servers, and we’re certainly not going to even entertain the idea of managing 2 sets of group permissions.

    January 19, 2004 at 2:18 pm in reply to: Odd Kerberos issue #357236
    sketch
    Participant

    AD running on Win2003 server

  • Author
    Posts
Viewing 7 posts - 46 through 52 (of 52 total)
1 2 3 4
Copyright © 2025 AFP548. All Rights Reserved.