Active Directory and Windows Share
I have several Mac labs that are working perfecting with the Active Directory client in OS X 10.4.9. I recently made a change to the client and am now creating local home folders for users. Using the network home folders slowed the boot process and affected certain applications when pref files were not deleted properly from the Windows share.
What I would like to do now is have 2 or 3 windows shares mounted automatically for ALL users who log into a computer. Ideally the mounts should be done with the username and password of the user who just authenticated.
Does anyone have any suggestions on how this could be accomplished?
Thank you.
This should be possible using Mac OS X Server in a Golden (or Magic) Triangle scenario with your Active Directory network. This means your Macs would use AD for authentication but your Mac OS X Server would control workstation settings such as auto-mounting drives. The settings could be applied to users and groups from Active Directory.
Hope this helps! bill
1 GHz Powerbook G4 Mac OS X (10.4.9)
Similar Messages
-
What happened to Active Directory and Windows file shares?
Hello all,
i have a few questiona about the integration in active directory. I recently updated to Lion (most certainly without proper risk analysis on the consequences...)
First:
How can one connect to a windows share?
If trying in finder and CMD+k "smb://server/share" a message appears stating i have insufficient rights.
Great, in Snow Leopard one was presented a credentials window, where is it gone? (as most macbook users wont join the domain completely...)
Next try: "smb://DOMAIN;User@server/share" same result...
Second:
Is there any support for DFS (Distributed File System) included in Lion? This would be _very_ much appreciated!
Thanks for your help (hopefully)Hi JFlynn12,
Are you using fully qualified DNS name for the server?
ie:
if your realm is domain.company.com then your FQD for the server would typically be server.company.com. or server.domain.company.com . this is of corse assuming your DNS is properly set for the DNS / DHCP server. x.x.x.x => server.company.com and server.company.com => x.x.x.x .
With that in mind you would expect smb://server.company.com or smb://server.domain.company.com
give it a try, let me know if it works.
-tt -
Problems with Active Directory and Windows 2003
Hello,
I'm using Mac OS X Server 10.4.9 with Active Directory bound to a Windows 2003 Active Directory Domain. I can bind successfully to the domain using the graphical interface. Then in Samba I can access shared directories using Windows users. However, after some time somehow there are problems and Windows users aren't authenticated anymore on the Mac. I've looked at the firewall and there are no denied packets from the Mac. There are two servers in the domain, all clocks are synchronized and domain information is up to date. When I unbind the Mac, I can see the machine account being deleted on both domain servers and created too on both machines when I bind to the domain.
Problems occur when I try login in using ssh or samba do I think this is a problem with the AD module.
I turned on debugging messages on DirectoryServices:
sudo killall -USR1 DirectoryService
When in Windows, using the Administrator user I try:
net use \\10.0.0.1 /user:domain\Administrator
Where 10.0.0.1 is the Mac.
In the Mac I get from
tail -f /Library/Logs/DirectoryService/DirectoryService.debug.log |grep ADPlug
2007-06-27 10:48:37 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:37 CDT - ADPlugin: Searching domain domain.com.mx for User administrator
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:37 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:37 CDT - ADPlugin: Adding Search for Attribute displayName containing DOMAIN\administrator
2007-06-27 10:48:37 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=DOMAIN\\administrator)), limit 1
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:37 CDT - ADPlugin: Searching domain domain.com.mx for User administrator
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:37 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:37 CDT - ADPlugin: Adding Search for Attribute displayName containing domain\administrator
2007-06-27 10:48:37 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=domain\\administrator)), limit 1
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:37 CDT - ADPlugin: Searching domain domain.com.mx for User ADMINISTRATOR
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:37 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:37 CDT - ADPlugin: Adding Search for Attribute displayName containing domain\administrator
2007-06-27 10:48:37 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=DOMAIN\\ADMINISTRATOR)), limit 1
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:37 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:37 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:37 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:37 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=administrator)), limit 1
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:37 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:37 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:37 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:37 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:37 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=ADMINISTRATOR)(sAMAccountName=ADMINISTRATOR)(dis playName=ADMINISTRATOR)(mail=ADMINISTRATOR)(userPrincipalName=ADMINISTRATOR)(use rPrincipalName=ADMINISTRATOR@*)))
2007-06-27 10:48:37 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=ADMINISTRATOR)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=administrator)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=ADMINISTRATOR)(sAMAccountName=ADMINISTRATOR)(dis playName=ADMINISTRATOR)(mail=ADMINISTRATOR)(userPrincipalName=ADMINISTRATOR)(use rPrincipalName=ADMINISTRATOR@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=ADMINISTRATOR)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Searching domain domain.com.mx for User administrator
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing DOMAIN\administrator
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=DOMAIN\\administrator)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Searching domain domain.com.mx for User administrator
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing domain\administrator
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=domain\\administrator)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Searching domain domain.com.mx for User ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing DOMAIN\ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=DOMAIN\\ADMINISTRATOR)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=administrator)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=ADMINISTRATOR)(sAMAccountName=ADMINISTRATOR)(dis playName=ADMINISTRATOR)(mail=ADMINISTRATOR)(userPrincipalName=ADMINISTRATOR)(use rPrincipalName=ADMINISTRATOR@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=ADMINISTRATOR)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=administrator)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=ADMINISTRATOR)(sAMAccountName=ADMINISTRATOR)(dis playName=ADMINISTRATOR)(mail=ADMINISTRATOR)(userPrincipalName=ADMINISTRATOR)(use rPrincipalName=ADMINISTRATOR@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RealName
2007-06-27 10:48:38 CDT - ADPlugin: Adding Search for Attribute displayName containing ADMINISTRATOR
2007-06-27 10:48:38 CDT - ADPlugin: Did DC search with queryFilter = (&(objectCategory=cn=person,cn=schema,cn=configuration,dc=domain,dc=com,dc=mx)( displayName=ADMINISTRATOR)), limit 1
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: 16784372 - Put 0 records in Buffer for AttributeValueSearch
2007-06-27 10:48:38 CDT - ADPlugin: Calling OpenDirNode
2007-06-27 10:48:38 CDT - ADPlugin: Opening Specific Node domain.com.mx
2007-06-27 10:48:38 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:38 CDT - ADPlugin: 16833877 - Calling GetRecordList Routine
2007-06-27 10:48:38 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:38 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:38 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:38 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:38 CDT - ADPlugin: 16833877 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:38 CDT - ADPlugin: Calling CloseDirNode
2007-06-27 10:48:42 CDT - ADPlugin: Calling OpenDirNode
2007-06-27 10:48:43 CDT - ADPlugin: Opening Specific Node domain.com.mx
2007-06-27 10:48:43 CDT - ADPlugin: Calling GetRecordList
2007-06-27 10:48:43 CDT - ADPlugin: 16833881 - Calling GetRecordList Routine
2007-06-27 10:48:43 CDT - ADPlugin: Search Records called in ADSWrapper
2007-06-27 10:48:43 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-06-27 10:48:43 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=administrator)(sAMAccountName=administrator)(dis playName=administrator)(mail=administrator)(userPrincipalName=administrator)(use rPrincipalName=administrator@*)))
2007-06-27 10:48:43 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:43 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-06-27 10:48:43 CDT - ADPlugin: Returning 0 Results
2007-06-27 10:48:43 CDT - ADPlugin: 16833881 - Put 0 records in Buffer for RecordList
2007-06-27 10:48:43 CDT - ADPlugin: Calling CloseDirNode
I really don't know what to do. The Windows Event log shows no messages. The link used to work and there have been no changes in the domain servers.
The key line seems to be:
2007-06-27 10:48:43 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
But I don't know what that ADSEngine.mm is.
XServe G5 Mac OS X (10.4.9)Hello.
Thanks for your reply.
I tried the net use with a drive letter with and without the /user switch. When I use a domain user domain\user1 I can't connect. When I use a user local to the XServe it works.
When I use
net use x: \\10.0.0.1\share /user:domain\user1
I get prompted for a password, but it doesn't work.
I checked the firewall and all packets to or from the mac are accepted, no denied or dropped packages.
I already went through the MS document on fw ports. Before I opened to Kerberos ports the binding failed. No the binding work OK.
Some users who were authenticated yesterday still can access files using the Windows domain accounts. It's new users trying to connect those who have problems.
This is what the Samba log.smbd log shows:
[2007/07/04 14:58:45, 2] /SourceCache/samba/samba-100.7/samba/source/smbd/sesssetup.c:setupnew_vcsession(662)
setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/07/04 14:58:45, 2] /SourceCache/samba/samba-100.7/samba/source/smbd/sesssetup.c:setupnew_vcsession(662)
setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
[2007/07/04 14:58:46, 0] /SourceCache/samba/samba-100.7/samba/source/auth/authutil.c:make_server_infoinfo3(1138)
makeserver_infoinfo3: pdbinitsam failed!
[2007/07/04 14:58:46, 0] pdbods.c:odssamgetsampwnam(2329)
odssam_getsampwnam: [0]getsam_recordattributes dsRecTypeStandard:Users no account for 'user1'!
[2007/07/04 14:58:46, 2] /SourceCache/samba/samba-100.7/samba/source/auth/auth.c:checkntlmpassword(367)
checkntlmpassword: Authentication for user [user1] -> [user1] FAILED with error NTSTATUS_NO_SUCHUSER
This is what the DS log shows:
2007-07-04 14:58:46 CDT - ADPlugin: 16892201 - Calling GetRecordList Routine
2007-07-04 14:58:46 CDT - ADPlugin: Search Records called in ADSWrapper
2007-07-04 14:58:46 CDT - ADPlugin: Searching attribute: dsAttrTypeStandard:RecordName
2007-07-04 14:58:46 CDT - ADPlugin: Locating User with Query (&(objectCategory=person)(|(cn=user1)(sAMAccountName=user1)(displayName=user1)( mail=user1)(userPrincipalName=user1)(userPrincipalName=user1@*)))
2007-07-04 14:58:46 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-07-04 14:58:46 CDT - ADPlugin: Failed getting credentials at line 2687 in ADSEngine.mm
2007-07-04 14:58:46 CDT - ADPlugin: Returning 0 Results
2007-07-04 14:58:46 CDT - ADPlugin: 16892201 - Put 0 records in Buffer for RecordList
XServe G5 Mac OS X (10.4.9) -
Active Directory and Windows 10
Youll need to on the RSAT feature just like Windows 8 ..
https://support.microsoft.com/en-us/kb/2693643Hi everyone!
We are testing out Windows 10 on one of our IT workstations, and wondered if anyone has figured out how to get Active Directory snap-in?
This topic first appeared in the Spiceworks Community -
Step by step process to create domain name and active directory in windows 7 64 bit
Step by step process to create domain and active directory in windows 7 64 bit
I work in an organization
I want to create a domain name SBBYDP and make it server for other computers
I want that, all users’ have a personal account while they use any computer from this organization, even they use any computer from this network they use their own account to login to network.
And this may be in Active directory option.
I installed windows 7 professional edition 64 bit
Can any person help me? Step by step process, I always thanks full all of youHi,
You must use the Windows Server platform system for the AD service, you can refer the following KB first:
Active Directory
http://technet.microsoft.com/en-us/library/bb742424.aspx
AD DS Deployment Guide
http://technet.microsoft.com/zh-cn/library/cc753963(v=ws.10).aspx
Hope this helps.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Upgrade from Windows Server 2012 Active Directory to Windows Server 2012 R2 Active Directory
We are currently running Windows Server 2012 Active Directory and would like to upgrade to Windows Server 2012 R2 AD. Is it OK to just do an in-place upgrade, or is it advisable to build new domain controllers on R2? Are there any guides or articles anyone
can recommend?Hi Ginandtonic,
To upgrade DC(Domain Controller) from windows server 2012 to windows server 2012 r2, please refer to these articles:
Upgrade from windows Server 2012 to 2012 R2
Upgrade Active Directory from 2012 to 2012 R2
I hope this helps.
Best Regards,
Anna -
Hello all,
This topic might have been talked about before but after a lot of searching I still have not found a solution, so I ask for a bit of help.
In our Active Directory there are many OUs where users are kept. There is no one top OU where you can start your search. I don't really know why it was set up this way and I don't have an option to change that. I would really like to have ou=users like most have!
So when I try to authenticate a user (I'm installing DSpace in my uni) I cannot automatically add the OU for the user trying to log in and the users themselves don't know their OU (well, why would they!).
I'm hoping there is some simple solution to this. Maybe JNDI API allows for searching in many OUs at the same time (some fixed list in the code)? Or maybe the OU is not needed at all in the search?
Any help/hints would be appreciated.
best regards, LogiFor searching, you can issue a subtree search will search through the entire subtree, irrespective of how many levels of OU's may exist, by using SearchControls.SUBTREE_SCOPE
Have a look at the tutorial at http://java.sun.com/products/jndi/tutorial/basics/directory/scope.html
For authentication, you can either get the user to enter their:
distinguished name
(cn=Albert Eirnstein, ou=Research,dc=Antipodes,dc=com), although that is not entirely user friendly
their NT style logon name (samAccountName)
ANTIPODES\alberte, more user friendly,
or their Windows 200 style logon name (userPrincipalName),
[email protected], equally as user friendly.
You may also want to look at some of the following posts:
JNDI, Active Directory and Authentication (Part 1) (Kerberos)
http://forum.java.sun.com/thread.jspa?threadID=579829&tstart=300
JNDI, Active Directory & Authentication (part 2) (SSL)
http://forum.java.sun.com/thread.jspa?threadID=581425&tstart=50
JNDI, Active Directory & Authentication (part 3) (Digest-MD5)
http://forum.java.sun.com/thread.jspa?threadID=581868&tstart=150
JNDI, Active Directory & Authentication (part 4) (SASL EXTERNAL)
http://forum.java.sun.com/thread.jspa?threadID=641047&tstart=0
JNDI, Active Directory and Authentication (part 5, LDAP Fastbinds)
http://forum.java.sun.com/thread.jspa?threadID=726601&tstart=0
JNDI, Active Directory, Referrals and Global Catalog
http://forum.java.sun.com/thread.jspa?threadID=603815&tstart=15 -
10.4, active directory and smb mounts
I am having a problem mounting windows shares using smb mounts. I am getting the dreaded data could not be read or written error -36 problem. I have tracked it down to the number of groups an account is a member of. If I login with an account that is a member of roughly 6 groups, I can connect to shares just fine. But if I connect to shares with an account that is a member of roughly 30+ groups, I get this error. I get the error about Socket is not connected when I try to connect through the terminal. I have tried the nsmb.conf file. This is a fresh install of 10.4.1 with the 10.4.4 patch applied. I am also using the Active Directory plugin (Windows 2003 domain, shares are located on 2003 also).
all security groups. They have the network set up for every share there is a group setting permission. Te accounts I am having trouble with is the student accounts. They have a default set of groyup membership that allows them access to all related student activity. This has lead to some very large number of groups that they are members of.
-
10.6 home directory mounting with active directory and open directory integration
Hi guys i am having some issues in my new mac environment. I have a windows network with an server 2008 active directory. I have just recentlly created a "magic triangle" setup with active directory and open directory. When my users login via windows their home folders mount perfect. When any user logs in to any iMac in the building it does not work. They login perfectly fine, but their home folders do not mount. When i try mounting them manually with smb, i get a prompt for credentials. I am thinking this is my issue, my Single sign on with kerbos is working but for some reason is not logging in correctly. If i type in my credentials with my domain first then my name it works.
For example DOMAIN\jsmith works, but the way i think the mac and active directory is doing it now is just jsmith without the DOMAIN.
I feel like this is the problem with the home folders not mounting.
Can anyone provide some help with this?
Thanks,
DaniHi dani190,
are you using the fully qualified domain name of the network server? ie if your server is bob. and your domain is domain.company.com. then the FQDNS would typically be bob.domain.company.com or bob.company.com.
If the FQDNS works, then have you checked in the AD to make sure the path to the network home folder uses the FQDNS?
For the contact search path, did you put the AD at the top the list? (in directory utility)
Did you set the WINS work group on your client computer to your domain?
ie:Apple Menu, System Preferences, Network, Active Network Port (ethernet and or airport) , Advanced Button, WINS Tab, set workgroup to the name of your domain. ie domain.company.com and or company.com -
How to manage Active directory and tools to manage Active Directory
How to manage Active directory and which tools we use?
You can use Microsoft Active Directory management tools:
http://technet.microsoft.com/en-us/library/aa998508(EXCHG.65).aspx
http://technet.microsoft.com/en-us/library/aa998508(EXCHG.65).aspx
erview of Server Message Block signing
http://support.microsoft.com/kb/887429/en-us
Remote Server Administration Tools for Windows 7:
http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en
AD Admin Center:
http://technet.microsoft.com/en-us/library/dd560651(WS.10).aspx
http://technet.microsoft.com/en-us/library/dd560652(WS.10).aspx
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX http://blogs.sivarajan.com/ http://publications.sivarajan.com/ This posting is provided "AS IS" with no warranties, and confers no rights. -
Urgent: Configuring LDAP or Active Directory on Windows XP
I tried authenticating user against infromation stored in Database tables dont know whats the problem its not working, I followed all the required steps for that but not succeed. So I decided to validate the user against LDAP or Active directory. Can anyone tell me how to configure LDAP or Active Directory in Windows XP.
Please help me out as only one day remained for to submit my project, everything is done except the login page.
And I dont think I may get even grade C if there is no security for the application. Please help me out in configuring Active Directory or LDAP and ASAP please.Yea I agree with you the custom table is easiest way then AD but I was working on the problem from almost a week now and I don't have much time to sort out things with that anymore.
Help me in configuring AD on Windows XP Professional with SP2, as I'm running out of time.
the below link is the detailed steps I followed for Custom Authentication:
Urgent: Custom Database Authentication
Please help me out for Configuring AD. -
How to map active directory and wordpress ?
i want to import my existing wordpress users in Active Directory but status is not changed.
This topic first appeared in the Spiceworks Community1) I want to Import wordpress user in active Directory
2) so,I install one plugin like "Active Directory Integrate".
3) I configure this plugin and import users in Active Directory
4) I want to Enable user in Active directory and importing in Active Direcoty.
help me -
User synchronization issue between Active Directory and Solution manager.
Requirement:
Synchronize the users between Active directory and solution manager system.
<u>What we did:</u>
1. Created RFC connection (LDAP_RFC) for LDAP connector.
2. Created new LDAP connector that utilize the RFC (LDAP_RFC).
3. Created new logical LDAP Server(CUA).Here we have to maintain the connection
details to the physical directory.
4. We maintained the communication user that is used by the LDAP connector to bind the LDAP Directory Server.
5. In transaction LDAPMAP specific SAP data fields, we mapped to the desired
directory attributes.
6. Testing from LDAP transaction working fine. We are able to see the attributes and
values from Active directory.
<b><u>Issue:</u></b>
When executed the program RSLDAPSYNC_USER for user synchronization from t-code se38 with below selection .
LDAP Server = CUA (created earlier)
LDAP Connector = LDAP_RFC (RFC connection created created ealier)
In the tab: (Object that exist both in the directory and in the Database:)
Selected: Compare Time Stamp.
In the tab: (Objects the only exist in the Directory.)
Selected : Create in Database.
In the tab(Objects that only Exist in the Database:
Selected: Ignore Object.
Result from the report shows that connection to LDAP server is fine and 0(zero) objects in Directory.
The program does not create any new user in the Solution Manager system.
Any help on this issue greatly appreciated.
Thanks & Regards,
Harishwhere did you see this error ? is there anymore details.
i think the account you are using for Sync does not have Replicate Directory Changes permission in AD. follow below article and give Replicate directory changes permission.
http://technet.microsoft.com/en-us/library/hh296982(v=office.15).aspx
Thanks, Noddy -
Store signature image in Active Directory and deploy it to each users desktop
What I am trying to achieve is to have each user a hand written signature scanned in and stored in the .jpgPhoto attribute in Active Directory and then have some sort of script, like our login script, pull that information and copy the file to the users
desktop. We are wanting to be able to allow users to apply the signature image on a signature line in Office 2010 or InfoPath forms instead of typing their name. I know there has to be a way to do this but I have not found it yet and I am
not very good at scripting. Is there anyone here that has accomplished such a task and if so, how did you go about doing it?
David HoodWe already have Outlook email signatures created from AD information deployed to all users. Someone else on my team deployed that already and it works great. But that is just basic user info pulled from fields that were manually entered in
the user account. What I want to do is have a user scribble their signature on a piece of paper or a tablet, capture an image of that to crop and resize to store in the AD user account or somewhere secure that can be queried to be pushed to that users
desktop. I work at a state government agency and I have heard of another agency doing this but I have no idea how they did it. The only thing I could think of is to have a script ran during login to query the AD attribute the image is stored in,
pull it and then copy it to the users machine so when they sign a word document or .PDF with a digital signature they also have the option to place that image in the signature line.
David Hood -
Can a mac and windows share a wifi connection?
can a mac and windows share the same wifi and network conenction
and if it's yes
what should i configure or what are the parametres needed to set up?
Say "Thanks" by clicking the Kudos Star in the post that helped you.
Although I work for HP my posts and replies are my own
Please mark the post that solves your problem as "Accepted Solution"Yes, Windows and Mac computers can share the same Wi-Fi network.
Are you setting up a new network or are you adding devices to an existing network?
Regards / Jim B / Wireless Enthusiasts
( While I'm an embedded wireless systems engineer at work, on this forum I do not represent my former employer, Hewlett-Packard, or my current employer, Microsoft )
+ Click the White Kudos star on the left as a way to say "thank you" for helpful posts.
Maybe you are looking for
-
I try to go to my Hotmail email and it wont let me go through. so I deleted cookies and still the same issue with my home page. It will not go to home page it just goes to a blank page. I do not want to constantly deal with this problem. You have bug
-
SSIS fails to load files from network when executed via SQL server Agent (SQL server 2008 R2 SP 2)
Hi All, I have a simple SSIS package that reads a flat file and copies it into a SQL Server table. When the flat fiel is on the C drive I have no problem runnign this package from SQL Server Agent, but as soon as I update the path to a network locati
-
Mobile App Challenge 6/17/2013 - 7/01/2013
MOBILE CHALLENGE CONTEST INFORMATION This Contest opens on February 11th, 2013 with a new challenge every two weeks until July 31st 2013. What is a stream cipher? A. Cipher that encrypts a byte at a time B. Cipher that encrypts a block at a
-
I'm building a site which would include a number of items (sheets) under one section. In order to keep a user attracted, instead of making one SWF file including these sheets which would then be loaded into this section, I was thinking how to load ea
-
R/3 extraction.{direct delta and queued delta and V3}
Hi, I am new to BW.Can anyone explain me about R/3 extraction in detail and steps to extract from R/3 to BW. I understood direct delta.But i couldn't understand queued delta.Can anyone please explain queued delta and also V3.Are queued delta and V3 s