AD account Login problem with MAC 10.6.8

Hi All,
We have around 50 odd MAC that are connected to windows server 2008 R2. the user were logining in to these MACs using their AD account. Recently few of the random MAC did not allow the user to login using their AD account.When analyzed though the MAC shows that it has connected to the Domain and the server is active with green button it has unbind itself from the server.I had to login in as local user bind the MAC back to get this resolved.
Now the same has started happeneing for most of the MAC that we have and every morning I have login as local Admin and unbind / bind the MAC with the server. this gets reset once the user reboots or shutsdown.
Have tried with few of the below solution but nothing helped:
Solution 1:
<key>mdns_timeout</key>
<integer>2</integer>
The integer value is in seconds; changing it to at least 5 should allow the Mac OS X client to reconnect to the Active Directory domain after a network interruption. In some configurations, a larger timeout value may be required.
You can change this value by using the sudo command and a text editor to edit the preference file directly. Or you can use the Terminal command below, making sure to enter it all on a single line:
sudo /usr/libexec/PlistBuddy -c 'Set :mdns_timeout 5' /System/Library/SystemConfiguration/IPMonitor.bundle/Contents/Info.plist
Solution 2:
I have seen all of the probable solutions and tried everything and still I am getting issues with 10.6.6 and after rebooting the Mac gets unbind. Or the Mac gets Network Accounts Available even when not accessing the list of users from AD. But the thing that I have done that has solved all my issues with AD on the Macs is to uncheck the box to search on all domains. For some reason I am seeing that when the Macs have this option checked, it searches through out the forest on the same domain controller more than once, so AD stops the handshaking of the authentication.
I hope this helps like it did on our Network, since then I have not seen the Macs lose the binding or slow SMB.
If you've tried this please let us know.
TIP: Uncheck Allow Authentication from any domain for Mac AD problems
Wednesday, April 20, 2011
Steven Wells sent a fix and an explanation of problems with Macs losing their binding to Active Diretory:
Unchecking "Allow authentication from any domain in the forest" is working at our college. We have been beating our heads on this for about 2 terms, with no understanding of why it works in some places and not in others. When we found this working, our IT guy said that the Security SID is being duplicated, when it looks in other domain forest, and that is what is causing the problem. This is the first time I have found an explanation for the problem.
If you've tried this approach please let us know.
Solution 3:
Solved it. Create a file in Textedit with the name 'auto_master' (no file extension) with the following contents:
# Automounter master map
+auto_master # Use directory service
/net -hosts -nobrowse,hidefromfinder,nosuid
/home auto_home -nobrowse,hidefromfinder
#/Network/Servers -fstab
/- -static
Place this in /etc/ folder
Hope this helps
solution 4:
TIP: a Kerberos fix for OS X 10.5 and 10.6 binding to Active directory
Friday, November 11, 2011
Mehdi Mafi forwarded a fix he found for problems with Leopard and Snow Leopard binding to Active Directory:
This was taken from Dane Riley's imaging building for DeployStudio.
With Mac OS X Leopard every Mac is now running a KDC (Kerberos Distribution Center). Basically each imaged machine is using the same security certificate and hash. Deploying a single image will deploy the same KDC to every system. This [Apple] article covers how to reset the local KDC so that each system is unique. Basically, do the following:
Launch Keychain Access
Search for com.apple.kerberos.kdc and delete all 3 items
Using Terminal type sudo rm -fr /var/db/krb5kdc
After deployment, perhaps using Apple Remote Desktop to all systems, re- establish the KDC by typing sudo /usr/libexec/configureLocalKDC
If you've tried this approach with Mac OS X 10.5, 10.6, or even Lion, please let us know. .
TIP: More on a kerberos fix for AD binding problems
Monday, November 14, 2011
Mehdi Mafi updated his Friday report about Mac OS X 10.6 problems binding to Active Directory:
You may want to add this. If the Mac keeps unbinding from AD (people can't log in to a Mac), here is how to fix it:
Unbind it from Domain
Launch Keychain Access
Search for com.apple.kerberos.kdc and delete all 3 items
Using Terminal type sudo rm -fr /var/db/krb5kdc
Re-establish the KDC by typing sudo /usr/libexec/configureLocalKDC
Bind it to domain again ( When you bind, uncheck allow authentication from any domain in the forest in: Directory Utilitiy-> Advanced Options\Administrative ) this fix the issue that sometimes it can' find AD under search space.
If you tried this please let us know.
Solution 5:
For Snow Leopard AD login issues, use upper case domain
Solution 6: for .local
To create this StartupItem, create the following directory as root:
/Library/StartupItems/FixADAuth
Then chown it to root:wheel and chmod it to 755. These must also be the owner/permissions on the two files it will contain, below:
Contents of our /Library/StartupItems/FixADAuth/FixADAuth:
#!/bin/bash
. /etc/rc.common
date > /var/log/FixADAuth.log
n=0
AuthSuccess=0
while [ $AuthSuccess != 1 ]
do
id Administrator && AuthSuccess=1 || networksetup -setsearchdomains Ethernet "Empty"; networksetup -setsearchdomains Ethernet middlewich.local; n=$(($n+1))
done
echo Authentication successful: $AuthSuccess >> /var/log/FixADAuth.log echo Operation count: $n >> /var/log/FixADAuth.log
date >> /var/log/FixADAuth.log
Contents of our /Library/StartupItems/FixADAuth/StartupParameters.plist:
Description = "Fixes Active Directory authentication issue";
Uses = ("Disks");
Obviously you'll need to change "middlewich.local" to your own domain name (and the network interface name if your connection is wireless). The script checks to see if it can see the user "Administrator" on the domain, as he's a fairly common bloke, but if you've renamed yours for security reasons then pick another one. I've also included some logging functionality for debug purposes, so you can verify how well the script is working if you need to and time it in your environment before telling the users how long to wait. The /var/log/FixADAuth.log file will contain the date/time the process started, the success variable set to 1 (just to verify), how many DNS operations were required to fix the problem, and the date/time it ended. For us the time difference is normally about +30-40 seconds with around 120-180 operations taking place. Once you're happy with the script, you can strip it down to its bare functionality if you like, like so for us:
#!/bin/bash
. /etc/rc.common
AuthSuccess=0
while [ $AuthSuccess != 1 ]
do
id Administrator && AuthSuccess=1 || networksetup -setsearchdomains Ethernet "Empty"; networksetup -setsearchdomains Ethernet middlewich.local
done
I hope this helps someone!
Regards

You are welcome.
But the question is 10.6 mac just like 10.6.8 , as long as its the same and works.
Yes. You can save some updates by using the combo update.
10.6.8 Combo Updater

Similar Messages

Thawte Personal Email Cert - Problem with Mac Mail

Hi, I have requested a free cert from Thawte and there seems to be a problem with Mac Mail (using 2.0.7).
I am using Entourage to send a signed message from [email protected] to [email protected]
If I check mail for [email protected]
Mac Mail reports "There was a problem reading the digital signature for this message"
If I check the same account with Thunderbird, everything works fine.
Anyone else having or had problems?
-chris

Hi,
Thanks for the responses. I requested another cert and that did not help. Here is the process I used after requesting another cert.
1. Logged into www.thawte.com and requested a new cert.
2. Using Firefox, retrieved the cert.
3. In Firefox, backed up the cert to a pkcs12 file.
4. Opened Keychain and deleted the first cert.
5. Imported the pkcs12 backup file. Imported fine.
6. Open Entourage, under tools, accounts, exchange profile, security, selected the cert Thawte Freemail Member.
7. Checked all 3 options (sign, include cert, clear test signed.
8. Created a test message from Entourage to .mac account address.
9. Checked mail with Mac Mail and signature fails.
10. Check with 1.02 Thunderbird and it comes back with valid digital signature.
Next, I sent a test email to my Exchange account from Entourage and that message verifies fine. It just seems to not work when I check my email with Mac Mail.
Thanks!
-chris

Problems with Mac OSX 10.5.2 and installing my pro tools le 7.1.1

Problems with Mac OSX 10.5.2 and installing my pro tools le 7.1.1.
My garage band & reason software don´t open anymore giving me a error messasge regarding the midi drivers in the operating system.
Please help!!!
Thanks,
Paolo

Somewhere at either Macworld or here I learned that DVDSP 2, DVDSP 3 and now DVDSP 4 "internally" are major re-writes.
Support for HD among a few other items along with QT 7 which comes with Tiger means sincerely that one set of applications/OS is not going to be stable.
Personally I think of all the issues possible its DVDSP vs QT.
Unless you move to DVDSP v4 the alternative is to wipe the disk and go back to Jaguar (10.2) or perhaps Panther but avoid upgrading QT beyond 6. I advocate wiping the disk because I'n not sure an archive and install to down shift to an earlier version of the OS is possible. If it is I'd still worry about mis-matched files in all sorts of locations.

Hello I have a problem with Mac Pro, iPhoto does not want to stay open and close as I can figure this out? thanks

Hello I have a problem with Mac Pro, iPhoto does not want to stay open and close as I can figure this out? thanks

Refer below link once
App doesn’t open | Progress wheel spins continually

After I updated lion to 10.7.4, app store does not recognize my ID APPLE and it unable to connect me to app store in order to update/download apps? What have I to do? I have the same problem with mac mini e mac book air. Please help me!

After I updated lion to 10.7.4, app store does not recognize my ID APPLE and it unable to connect me to app store in order to update/download apps? What have I to do? I have the same problem with mac mini e mac book air. Please help me!

Your advice did not help me. I also installed 10.7.4 combo but the situation is the same.
my internet connection is ok, mail is ok, but app store after 3 resets does not recognize my ID and it says "connection is not possible". Why? I have the same problem in both my mac mini late 2009 and mac book air 2010? Is it a problem of 10.7.4 update? I have to solve this problem and how can i return to 10.7.3 if my last backup was not with 10.7.3???thank you for your kind collaboration...

Email Problem with Mac

Hi, I am new to FIOS so I hope this is the proper board to post in. I set up 2 subaccounts for verizon.net email and configured them for my Mac Mail program. Everything worked well for about 2 days, and all of a sudden the Mail program keeps asking for my password (even though it was saved in my Mail settings) and says the the incoming mail server is offline. I've Googled this issue and see that others have posted about the same authentication error. Has anyone else here experienced - and solved - this problem? Thanks.

I am having the same problems with Mac eMail. I have two Macs, one that is running Lion and the other is running Snow Leopard. I have spent days on the phone with Apple and Verizon and they are blaming each other and neither have a solution. Have you been able to get a response? It looks like this is something that happens from time to time but never really gets fixed.
Please let me know if there has been a fix since the Mac Mail update in July? With the Union Issues Verizon doesn't have enough people to address the issues both in person ( I had a tech come to the house and he didn't know anything about software ) or on the phone. They keep kicking it back to Apple. I also have a couple iPhones and both are working fine. So this seems to be OS X specific. I've had Macs and iPhones for 3 years or more.
Just makes me think something was done to the mail servers they didn't get correct.

Problem with Mac Office Password Protection

I'm running Mac OS X 10.7.5 with MS Word for Mac 12.3.5 and MS Excel for Mac 12.3.5.
I created a Word (.docx) and an Excel (.xlsx) document on my Mac at home, both with password protection. I uploaded the documents onto Google Drive. I was able to open the documents a few times with the password on my Mac at home, and on my PC at work. However, now upon opening the docs, Word and Excel say the password is incorrect (both home MAC and work PC).
I know I'm entering the correct password. I'm 100% positive. I was able to open the docs a few times previously just a day before. Now they're completely inaccessible. My questions are:
(1) Is this a common problem with Mac for Word/Excel docs?
(2) Are there ways to recover the password (a dictionary based brute force solution is unlikely to work, as I use non-word passwords with numbers)?
(3) If this is a common problem, are there other alternatives to password protecting or encrypting Mac for Word and Excel docs that don't cause problems?
Any feedback is greatly appreciated. Thanks.

Could just be thats the way it runs on Rosetta. I called in apple to ask if I could return office '04 because I didn't want to take the chance, they were more than eager to return it for me because of the fact it would be slow/maybe have problems running in Rosetta.
I just got iWorks instead till the universal version of office comes out (which if you buy office '04 you'll have to buy the new universal version as well, or so the rep told me).

Problems with "Mac Help"

My help files, especially "Mac Help", no longer work properly since upgrading to Tiger. If I open "Mac Help", for example, the help window will pop up, but the links will not work (nothing happens when I click on them) and the search feature in help will not work either (the little gray "clock" just spins next to the help bar and nothing else ever happens). Any suggestions on this one? As I'm a relatively recent Mac convert, the help feature was something that I came to rely on. Thanks!

Hi CP,
This is a common problem with Mac Help. When it happens, try first (quit Help) deleting this folder:
Home/Library/Caches/com.apple.helpui
If Help still doesn't work, try then deleting those files:
Home/Library/Preferences/com.apple.helpviewer.plist
Home/Library/Preferences/com.apple.help.plist
(and this one if you find it):
Home/Library/Preferences/com.apple.helpui.plist
See also this KB article for more info
- Mac OS X 10.2, 10.3: Mac Help Viewer unexpectedly quits
and this excellent X Lab FAQ
- Troubleshooting Help Viewer
It seems (not sure about that), that Help caches get easily corrupted when interrupting searches instead of patiently waiting for its internet accessings etc?
Good luck!
Axl

Re-login problem with WLS 5.1 sp8

Hi,
I have a re-login problem with a war servlet: user called reader does not have
viewing access to all views of a web interface. When she tries to access those
views a new login dialog comes up as should. The problem is that this new dialog
does not accept power user login as I would like it to! Any ideas how to change
the configuration in either web.xml or weblogic.properties file to make it work?
In Tomcat environment it works.
BR Jukka

Hi,
I have a re-login problem with a war servlet: user called reader does not have
viewing access to all views of a web interface. When she tries to access those
views a new login dialog comes up as should. The problem is that this new dialog
does not accept power user login as I would like it to! Any ideas how to change
the configuration in either web.xml or weblogic.properties file to make it work?
In Tomcat environment it works.
BR Jukka

TS3899 iPad mail account says problem with 'ssl settings' - can you help me?

iPad mail account says problem with 'ssl settings' - can you help me?

The 4Gs hardware, only 256 MB of RAM, prohibits updating beyond 6.1.6.
Starting when iOS 7 was released, Apple now allows downloading the last compatible version of some apps (iOS 4.2.1 and later only)
App Store: Downloading Older Versions of Apps on iOS - Apple Club
App Store: Install the latest compatible version of an app
You first have to download the non-compatible version on your computer. Then when you try to purchase the version on your iPod you will be offered a compatible version if one exists.

Problem with .mac account and mail 2.05 (os x 10.4.4)

hi!
i am not able to add a .mac account in mail 2.05. system is os x 10.4.4.
.mac settings in system preference work fine, on my cube with os 10.3.9 i can add the .mac account without problems.
in mail under 10.4.4 i can´t even select accounts besides IMAP, POP and EXCHANGE. if i delete mails plist and even the mail file and achieving a "virginal mail" i just can select these 3 accounts (POP,IMAP,EXCHANGE). strange because if i setup .mac settings in system preferences before setting up a POP mail account (i have 3 POP accounts besides .mac), the .mac account is automatically set up in mail. but even than i can´t set up manually (another) .mac account (can´t be selected in account pulldown menue) as well as soon as i delete it it can´t be resetup.
no way with new user, same procedure. i reinstalled mail from tiger-dvd as well as reinstalling 10.4.4 combo update and repair disc permissions. no way to get .mac to work the normal way.
has anyone any idea?
thanks so long,
peter

the empty folder ~/Library/Mail/ at root level seemed to be the problem of not being able to activating the .Mac account in mail. after copying this folder onto harddisk again (i have a new "20 iMac at work with 10.4.4) the problem was solved. no idea how to get this folder again besides installing a blank 10.4.x install onto external firewire hdd or having a second system...
thanks so long.
i guess i made a mistake when migrating my old mail prefs from 10.3.x to 10.4.x blank install when moving the folders to 10.4.x maybe i have first choosen the ~/Library/Mail/ folder at root level and when recognizing that mail is not working with new user, i´m sure i might have deleted the whole mail prefs and mail folder on root level and copied the whole stuff again into USER/Library/Mail/. Therefore the folder ~/Library/Mail/ at root level became empty. i purchased .Mac just a few days ago so i recognized this failure just now...

Keyboard problem with Mac os 10.7 + FileVault to + login screen

I have a problem with the login screen, the keyboard is recognized as a English keyboard but I have a french keyboard. The menu to change keyboard language is not displayed on login screen since 10.7.2.
During the session the keyboard is French, it's only for the login screen.
How can I fix this and switch my keyboard layout to French in login screen ?
Thank you.

How did you find out the keyboard layout changed to English? I had a similar problem with my first login after enabling FileVault, and now I think this might be a cause? I have a Spanish keyboard.
See this thread also:
https://discussions.apple.com/message/16293028#16293028
Rolando

Problems with Mac OS X 10.5.4

I started to use Macbook recently. I found three annoying problems with Leopard 10.5.4.
1) cannot shut down. I have to press the power button to shut down the machine.
2) cannot wake from sleep. After enter password in the login window, the screen becomes dark and the mouse arrow is the only viewable object on the screen. I have to close the lid and log in again.
3) lost wireless connection when you browse the Internet.
I did some google and found I am not the only one who encountered these problems. Why Apple Inc. does not have cures for these? Does Jobs get annoyed by these problems too?
I always consider Apple a software company. Apple really should spend more manpower to improve its software.

I'd say that your problems are very isolated. There are millions of Mac users out there and the majority of them have problem free experiences on the Mac.
First, there are a couple of things you can do. For the first two problems.
1. Repair permissions. Often when things go wrong, it can point to permission issues.
If you don't know know how to do that see this article. http://support.apple.com/kb/HT1452
2. See if it is an account problem. Sometimes it may just be the settings in your account. Create a new one and see if the problems still occur
a) Go to Systems Preferences
b) Click on Accounts
c) Click on the + sign at the bottom
d) Create your new account
e) Log out of your current account and log in to the new one and try the things that don't work. If they do, it is a problem with your account.
3. Drastic Action - Re-install the OS. This is a last resort.
For the third problem, are you sure your wireless connection is still strong. Do you have all the "reception bars" in the wireless icon in the menu bar? Many computers (Windows and Mac) can have wireless reception problems. Sometimes cordless phones can interfere with wireless reception, as can very thick walls and water.
Good luck and post back if this doesn't resolve your problem.

HT5361 Problems with @mac email NOT being received by others

Recently people that I have been sending email to and they are in my address book have NOT been receiving a new email from my @mac.com account. The emails are in my Sent folder and show they have been sent. If someone sends me an email and I reply everyone sees it. But not a new email. Any thoughts on what I can do to find the problem?
I've cleaned up my email, rebuilt my inboxes. Please help!! I use my @mac for all my business!
Oh - this happens no matter where I send the email from - iphone 5 or Ipad or macbook pro.
Thank you,
K

Hi,
Part of the final question will depend on how you got to have the various email IDs
If you had an .Mac account and therefore the @mac.com email and then Linked this to @me.com in MobileMe then people can send to either and it will turn up in your mail box.
The same is true if you then linked the MobileMe @me.com to the iCloud account which moved the @me.com address to iCloud and may have latter given you the @iCloud.com.
In this case people could send to any of the three IDs and they will be received in your In box.
You should be able to login to iCloud (the web page) with any of the IDs (they all use the same password) and view the mail from there.
There should not really be any problem sending from one type of account compared to another.
I am not aware of any filtering either by Apple on older @mac.com IDs or Google not accepting them.
In the Window Menu of Mail there is the Connection Doctor which may give further clues.
9:20 pm Tuesday; January 7, 2014
 iMac 2.5Ghz 5i 2011 (Mavericks 10.9)
 G4/1GhzDual MDD (Leopard 10.5.8)
 MacBookPro 2Gb (Snow Leopard 10.6.8)
 Mac OS X (10.6.8),
 Couple of iPhones and an iPad

Sync and problem with .mac configuration

Hi
I am having the following problem with Sync Now to my .mac account
Following the initialisation of Sync, the following message appears.
"There was a problem with the sync operation
Could not retrieve .Mac configuration."
And another message says
".Mac login failed."
The syncing to I mac has not functioned since Oct 2nd
Can someone advise how to rectify this problem
G5 Mac OS X (10.4.8)

Can you log into .mac mail? That will tell you if your username and password are OK.
I recently had a similar problem, so I unregistered my work and home computers (using the Advanced tab of .mac preferences) from .mac then re-registered them. At that point, you are offered the initial sync choices like the first time you connected to .mac.
Be careful that you don't overwrite your data. I highly suggest making backups of your Address Book, Safari Bookmarks, iCal, iDisk files, etc. on all computers before starting the process.
- Wayne
PowerMac G5 Mac OS X (10.4.8)

AD account Login problem with MAC 10.6.8

Similar Messages

Maybe you are looking for