How do you bind Vista / XP clients to Open Directory?

Similar Messages

• Can you login with a pc into open directory like you login with a mac into open directory?

  Can you login with a pc into open directory like you login with a mac into open directory.

  AustinRockes16,
  Have you considered posting your question on a Windows forum, asking on a general iMac forum where most users use OS X probably may not yield the results you are looking for.

• How do I bind 10.4 clients to a 10.5 server?

  I've been given the task of cleaning up a Mac network that has 15 iMacs....some running 10.4 and some 10.5.
  2 issues
  1 - as a test I created an account called MacA on the server, and there are only 6 other accounts listed in the server....BUT, some of the iMacs that have complete access to the server, are not listed in the accounts on the server. So I can go to some of the 15 iMacs, and login as JohnD and have complete access, but JohnD is not on the list of server accounts. this seems to just be a roaming client in the network, how do I delete these roaming clients?
  2 - When I am on a Machine that is running 10.5, I go to SYST PREF>ACCTS>LOGIN OPTIONS> and then a NETWORK ACCT SERVER(JOIN) option shows.....when I CLICK on this, I can type in the name of the central Mac server, and VOILA, I can then log in as the user MacA that I created on the central server
  HOWEVER
  on a machine running 10.4, when clicking on SYST PREF>ACCTS>LOGIN OPTIONS....there is no NETWORK ACCT SERVER(JOIN) option.....
  what am I doing wrong.....and how exactly do I go about JUST creating accounts/users on the central server, and when these client machines get the login popup, ONLY the accounts that I've created can login to the server?

  Hi
  +"1- I create a user on the 10.5 server in accounts"+
  From what you've been saying of what it is you think you want to do, this is not the place to be creating network accounts. Assuming I've understood what it is you want. Launch WorkGroup Manager. Select the LDAPv3 node. Create users you wish to have desired network homes. Assign passwords or define a Password Policy. In the Homes tab select the share point you've already shared and defined as an auto-mount for networked homes. Click Create Home Now. Click Save. That's basically it. Repeat the process for however many users you have or want. Alternatively create all the users you want first in one go. Select them all (apart from diradmin) and click Create Home now followed by Save.
  All of this assumes:
  (a) DNS is correctly configured
  (b) Users are defined in the correct directory
  (c) Server is correctly configured to allow LDAP accounts
  (d) Workstations are using the relevant DNS Server
  These are just to begin with.
  +"b - allow network users to login to this computer (it is here that I see the users that I've created on the server, and put them on the list to allow to login)"+
  IMO there truly is no need to do this at the stage you're at now. Get the basics figured out correctly. Above all just get it working. If it's a requirement for your environment to control and/or manage - later on - which network based accounts are allowed to login on designated workstations look at that option then.
  NB: Local accounts will always take precedence over networked accounts if named exactly the same.
  Tony

• How do you keep your VPN clients up to date?

  Hi, how do you keep your Cisco VPN clients up to date? Our users connect to a Cisco 3015 Concentrator. It needs to be as automatic as possible.
  Thanks

  Check this link,
  http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_cli
  ent46/administration/guide/vcAch3.html
  Example:
  Steps to perform an automatic update for VPN client :
  ===================================================
  1. Download update-4.8.00.0440-major-K9 file on your PC from the link below and unzip it.
  http://www.cisco.com/cgi-bin/tablebuild.pl/vpnclient-3des
  It will have the following files::
  - binary_config.ini
  - sig.dat
  - vpnclient-win-is-8.00.0440-k9.exe
  - vpnclient-win-msi-8.00.0440-k9.exe
  2. Create a webserver with a folder and move all the above files to this folder on webserver.
  3. Now on your vpn client create a new profile. This profile file will appear in the profiles folder of the vpn client. Copy this file to your desktop and zip it. Name the
  zipped file as profiles.zip. Delete the profile from the client.
  4. Make a copy of your binary_config.ini on your desktop. Rename it to new_update_config.ini. This is just to make sure its not saved as a txt file.
  Open the above file and write the following on it:
  [Autoupdate]
  Required=1
  5. Now move the new_update_config.ini and profiles.zip to the webserver. Once we browse to the webserver it should look like --
  http://webserver/~razshah/vpn_profile_update462/
  Index of /~razshah/vpn_profile_update462
  Name Last modified Size Description
  Parent Directory 09-Mar-2005 13:24 -
  binary_config.ini 09-Mar-2005 13:26 1k
  new_update_config.ini 11-Mar-2005 11:35 1k
  profiles.zip 09-Mar-2005 13:26 1k
  sig.dat 09-Mar-2005 13:26 2k
  vpnclient-win-is-4.6..> 09-Mar-2005 13:26 7.6M
  vpnclient-win-msi-4...> 09-Mar-2005 13:26 10.3M
  6. The concentrator is configured as follows:
  Client Type is Windows
  URL http://webserver/~razshah/vpn_profile_update462
  Revisions 4.6
  7. On your PC go to the VPN Client > updates folder. Delete the update_config file if its already there. This folder should have only autoinstall (this file will be added if update works) autoupdate header files.
  The update does take about 5 mins. To see the new file we have to close and reopen the client. Once connected make sure you are able to browse to the webserver and see all the files.
  1- Auto update runs only on Windows 2000 and Windows XP, all other client types update manually. Windows NT users get notified and can get an update manually from the update server.
  2- Remote users must have the VPN Client for Windows 4.6 or greater installed on their PCs to use the automatic update feature.
  Regards,
  ~JG

• How do you change to single click to open files and folders?

  How do you change from double clicking a file/folder, to single clicking (web style)?

  Finder > Preferences
  Turn it off it irks you. I find it exceedingly useful.

• Binding imaged clients to Open Directory?

  We created 10.5.2 image that we are trying to bind to Open Directory.
  The first imaged client binds fine and adds itself to OD. However, additional clients won't bind. They claim that the computer account already exists.
  I assume this is caused by each imaged client having the same "key" somewhere that it is using to bind to OD. Is there a way to regenerate this "key" on our clients once they are imaged?

  The answer is to remove the local KDC on the 10.5 clients. 10.5 uses the LKDC for personal file sharing - not needed for networked clients.
  Run the following commands to kill LKDC before binding the machine to Open Directory:
  sudo dscl /Local/Default delete /Config/KerberosKDC
  sudo rm -rf /var/db/dslocal/nodes/Default/config/KerberosKDC.plist
  See: http://forums.bombich.com/viewtopic.php?t=11834&highlight=lkdc

• HT201365 How do you close your apps that are open

  How can I close the apps that are open

  Ive got a fix
  Dubble click your home button and swipe the picture of the application up and not the icon
  soo
  Dubble click your home button ---> Find app you want to close --> Swipe up on picture of application
  and it should be closed
  Hows the batterylife like on your phone?

• Adding Client to open Directory

  I am trying to add a client machine to Open Directory but it will not bind. It gives me a error
  Unable to add server
  An unexpected error of typr -14142 (eDDSchemaError) occurred.
  When I try to add the machine it will say machine is already in OD, but I look in OD is is not their. It will not let me over write the machine in OD eather.
  Thanks

  Is this machine a clone of another machine? My guess is you did not reset the local KDC. This will cause the issue you are describing. You need to do the following on all cloned machines as they will all contain the unique identity of the original master's LKDC. The machine that is the master does not need to be altered.
  1: Open Keychain Access.
  2: Select the System keychain.
  3: Find the three entries labeled com.apple.kerberos.kdc and delete them from the System keychain.
  4: Open Terminal
  5: Run this command to destroy the local Kerberos DB (you will need to authenticate as initial admin):
  sudo rm -R /var/db/krb5kdc
  6: Run this command to rebuild a unique LKDC for this machine:
  sudo /usr/libexec/configureLocalKDC
  7: Repeat this on all cloned machines.
  Once complete, you have re-run Directory Utility and perform your bind. You will now be creating a machine record with a unique LKDC value in OD.
  PS: You can do these steps 1 through 5 pre-cloning to avoid the issue. Then once cloned, run step 7 as a post-cloning step.
  Hope this helps.
  Message was edited by: Strontium90 - added the PS

• 10.7.5 client shows open directory server not responding

  Hello,
  I am just starting to learn to use OS X Server.  I have created an Open Directory Master and want to connect my various Mac's around the home to.  My iMac is currently running 10.7.5 client and have tried to add the server as a Network Account Server  - re: below, but it shows it is not responding.
  As I am a real novice, have I missed something and how do I get this to work?
  Thanks,
  Nick

  You are likely having issues because you are not using DNS correctly.  The name "CowShed.local" is a bonjour name.  In order to properly use Open Directory you need DNS set up internally.  The reason is that the Kerberos component of Open Directory is very dependent on DNS.
  Generally, I would discourage the use of bogus top level domain.  However, since you say this is for home use, you can likely get away with the use of one (mac.leedern.int, mac.leederm.private, etc).  However, if you do, then you will not be able to use hosted services (mail, calendar, contacts, etc) transparently between the home and external networks (names will not route).
  If you own a domain name, you can use it internally and setup your DNS on the server.  Then distribute the servers's LAN IP address to all clients as the first DNS server.  This way, all your client devices can resolve the server's host name while on the LAN.
  Your journey starts at DNS.
  R-
  Apple Consultants Network
  Apple Professional Services
  Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store

• Authenticate windows users accessing os x client using open directory?

  I need to setup an OS X client machine (10.4.6) so that windows users (XP) can access folders based on their open directory credentials. (Using OS X server, open directory, windows PDC). If I turn on windows sharing in system preferences on the mac, it will only share local home folders to users with local accounts - not what I need. Any ideas? thanks.

  Thanks!  So now I see Open Directory, but it seems like it should be listed under the Server app with all the other services...
  Anyhow, I seem to remember a way to administer the users and groups.  This app shows me the status of the services, logs, settings.  The Server app, if I click on Add Users button, then click "connect to it" to supposedly connect to the directory server, it won't take my credentials.  I always get "Cannot authenticate to server.  Please authenticate by entering the name and password of a user account in this server's directory."
  Connect anonymously doesn't seem to do anything, it doesn't even dismiss the dialog.
  So what am I missing?

• How do you bind a EJB home to a COSNaming service ?

  Hi All,
  I am trying to have a corba client(written in java) communicate to an EJB,
  but I am facing a few problems. As per the procedure specified by the BEA documentation
  I have created the idl files. Then using the idl (idl -jpoa=. -jbase=. Hello.idl)
  command I have created the respective java classes. But I am not sure wether
  the Weblogic server by default binds the EJB to a COSNaming service or not(In
  Borland App server it binds to a COSNaming service). Incase it does not then what
  do I need to do, to have the EJB bound to a COSNaming service. Generally how do
  I find out wether a Home Interface is bound to a Naming service? I am using Weblogic6.1
  app server and IONA Orbix 2000.
  Regards,
  Ameet.

  Hello Andy,
  Thank you very much for your reply. Forgive me sending out several
  messages, just to try to reach you. You can tell how frustrated I am
  with the issue. The O2K version I tried is 2.0 came with E2A application
  server.
  Have you tried Orbix 3? and any luck of it? What do you think is
  the effective way to push IONA to fix the bug?
  Thanks,
  Qing
  Andy Piper <[email protected]> wrote:
  "Qing Lu" <[email protected]> writes:
  Yeah, this is a bug in the Orbix 2000 idl compiler, I ran into this
  when I tried it and couldn't find any workaround. I reported the
  problem to Iona but I don't know whether they did anything about
  it. Incidentally what version of O2K is this? I tried with 1.2 and was
  going to try 2.0 - but if this is with 2.0 I won't bother.
  andy
  As far as I know, BEA implemented COSNaming wrapper around their JNDI.So EJB
  got bound just like in the normal case and your client uses COSNamingto get
  reference.
  Do you have any experience with CORBA C++ client (Orbix 2000) callingEJB? I have
  problem with it. I can generate stub files with Orbix idl compiler.
  But when I link stubs with the client.cpp, I got the following:
  [exec] clientC.cpp
  [exec] client.hh(1008) : error C2327: 'IT_Gen_DynamicProxy_EJBHome::EJBHome
  ::EJBMetaData' : member from enclosing class is not a type name, static,or enum
  erator
  [exec] clientC.cpp(1785) : error C2065: 'itlocal_result' : undeclaredident
  ifier
  [exec] clientC.cpp(1785) : error C2296: '*' : illegal, left operandhas typ
  e 'class javax::ejb::EJBMetaData *(__thiscall javax::ejb::IT_Gen_DynamicProxy_EJ
  BHome::*)(void)'
  [exec] clientC.cpp(1789) : error C2440: '=' : cannot convert from'class
  ja
  vax::ejb::EJBMetaData *' to 'int'
  [exec] This conversion requires a reinterpret_cast, aC-style cast
  or function-style cast
  [exec] client.cpp
  [exec] client.hh(1008) : error C2327: 'IT_Gen_DynamicProxy_EJBHome::EJBHome
  ::EJBMetaData' : member from enclosing class is not a type name, static,or enum
  erator
  [exec] Generating Code...
  BUILD FAILED
  Any help will be appreciated.
  "Ameet Kanguri" <[email protected]> wrote:
  Hi All,
  I am trying to have a corba client(written in java) communicate
  to
  an EJB,
  but I am facing a few problems. As per the procedure specified bythe
  BEA documentation
  I have created the idl files. Then using the idl (idl -jpoa=. -jbase=.
  Hello.idl)
  command I have created the respective java classes. But I am notsure
  wether
  the Weblogic server by default binds the EJB to a COSNaming serviceor
  not(In
  Borland App server it binds to a COSNaming service). Incase it doesnot
  then what
  do I need to do, to have the EJB bound to a COSNaming service. Generally
  how do
  I find out wether a Home Interface is bound to a Naming service? Iam
  using Weblogic6.1
  app server and IONA Orbix 2000.
  Regards,
  Ameet.--

• How do you make Vista Icons?

  The question may sound semi-noobish just in its nature, but I've been using Photoshop and similar programs for the past 3 years of my life (I'm only 17) and know how to work my way around quite well. I've been trying to make a icon for Vista (actually Windows 7 RC, but it uses the same guidelines) and simply cannot get it to work. I have my icon made in a 256x256 size and saved into .png. I edit the .xml file for my library that I want the icon to go for, but it simply changes it to the default folder icon. The XML coding is right, the location is correct, so it must lie within how I made the icon.
  Now, I know the default icon in the "Vista guideline" requires 256x256 and 11 other sizes; I had figured this would just downsize automatically. Do I resize the icon manually in seperate layers or what?
  And I apologize if this is the wrong place or this has been answered. I've searched the internet for at least 30 minutes, searched this forum lightly and came up empty. Also sorry if this seems more like a Windows issue rather than a Photoshop issue, but generally going into a Windows forum and asking this will get you a bunch of garbage, seeing as they may or may not have experience with making icons.
  P.S. The PNG is not interlaced; shouldn't make a difference, but I'm trying to cover every little detail.

  BGG001,
  The majority of people here are friendly and helpful.  Most are more (much more) knowledgeable than I am.  There are a few that are as you described, but not many.
  As far as age is concerned, to me, it's like a person's race.  Good & bad in all.  I respect everyone until they show that I should do otherwise.
  Thanks for reply.
  Q

• How do you ADD a Wireless Client PC to your Airport wLan?

  If no security is enabled on the airport extreme 802.11n
  PCs and Macs can get online easily
  As soon as I enable WPA or WPA2
  my macs can get online using the password
  my PCs want a network Key of a specific length and hex format
  and my airport utility app offers a phenomenally long 'equivalent' network password which does not make any of my PCs happy...
  There is also an option of adding a wireless Client (a menu item in the airport utility app) but it closes the page as soon as I click on the menu item - I have NO ACCESS to this feature... something of a bug in airport utility version 5.2.2
  the option is supposed to be add a Client using a PIN or simply add the first client to connect... NEITHER of these features work - the airport util software simply refuses to load that config page!
  what gives?
  how can we solve this?

  Here's a wonderful piece of info that could help all of us...
  Many wLan cards on the PC side don't seem to like WPA2
  so you can resolve that issue by selecting WPA in the Airport utility
  If you are using WPA / WPA2 on the airport extreme
  then... go grab a PC
  yes, I said a PC... ARE YOU LISTENING APPLE?
  on the PC, you need to install the software that came with your Airport Extreme 802.11n... it looks the same as the SW on your trust Mac
  but the thing is, it actually works when you want to ADD a new Wireless Client to your network.
  now... when the PC has the software up and running and you can see your Airport extreme - ADD A WIRELESS CLIENT but don't use the PIN method - that method failed 5 out of 5 times I tried... Use the First Attempt method..
  You will likely get an error but ignore it and go to the wLan connection app in your windows taskbar (bottom right side) you will want to VIEW Wireless Networks available to you.
  If you see your airport, great, click the CONNECT button and the app will ask for your NETWORK KEY
  Just enter your Wireless Password (the same one you used to configure your Airport Wireless Security on the WIRELESS page of the Airport Utility)
  then click connect and voila... all 6 of my PCs were able to access via WPA
  I am stunned that I wasted so much time with this
  and concerned that Apple's software acts differently on the PC allowing me to ADD users whereas the Mac application simply would not load the page
  in case you are wondering I used the following versions for this time wasting exercise
  Mac: Airport Utility v5.2.2
  PC: Apple Airport Utility for Windows v5.0
  gosh what fun this has been
  on the Mac ADDING a wireless Client failed (see my post earlier)

• How do you bind a radio button to a row in a table

  Im developing a web page that does a search given certain criteria. It displays the results in a table and dynamically allocates a radio button for each row that is created.
  I then want to be able to select the radio() button and display the row that was selected by the radio button on another page.
  Im doing a project in college developing a online airline ticket booking system. The user searches for flights and is displayed back with the Outgoing flights and the return flights. Each flight that is displayed is given a radio button. The problem is that I want to let the user select the a radio button that corresponds with their choice of flight and display this flight on the next page.
  Can anyone help me please with some code or ideas on how to go about doing it
  Thanks very much Nicky

  I suppose you do something like this:
  <sql:query var="var" scope="request">
  SELECT * FROM table
  WHERE something = ?
  <sql:param value="${param.something}" />
  Right??
  When you start the page, add:
  <%@ page language="java" %>
  Then under that
  <% int i = 0; %>
  Then:
  <html>
  <body>
  <form action="your_action" method="post">
  <table>
  <c:forEach items="${var.rows}" var="v">
  <% i++; %>
  <tr>
  <td>
  <input type="radio" name="yourname<%= i %>" value="yourvalue">
  </td>
  </tr>
  </c:forEach>
  <tr>
  <td>
  <input type="Hidden" name="i" value="<%= i %>">
  <input type="Submit value="next page">
  etc. etc.
  Follow me so far?

• How do you bind default services(syslogd, ntp, ...) to localhost?

  Hi,
  I´m new to Mac OS X, and I can´t find the answer on google,
  I want all running services on my system listening to incoming connections only from localhost if possible.
  The services in questions were enabled by default, I didn´t touch anything.
  # netstat -an -f inet
  udp4 0 0 *.5353 .
  udp4 0 0 *.631 .
  udp4 0 0 *.123 .
  udp4 0 0 *.49175 .
  The following process are listening at those ports:
  5353 -> mdns (Bonjour)
  631 -> ipp (printing)
  123 -> ntp (network time protocol)
  49175 -> syslogd (log daemon)
  Notes: you can find out with the lsof command: "lsof -i :$port"
  So, my question is why do I need those services running and why are they not listening on localhost only?
  Thanks,
  . Federico

  Hi,
  I´m new to Mac OS X, and I can´t find the answer on google,
  I want all running services on my system listening to incoming connections only from localhost if possible.
  The services in questions were enabled by default, I didn´t touch anything.
  # netstat -an -f inet
  udp4 0 0 *.5353 .
  udp4 0 0 *.631 .
  udp4 0 0 *.123 .
  udp4 0 0 *.49175 .
  The following process are listening at those ports:
  5353 -> mdns (Bonjour)
  631 -> ipp (printing)
  123 -> ntp (network time protocol)
  49175 -> syslogd (log daemon)
  Notes: you can find out with the lsof command: "lsof -i :$port"
  So, my question is why do I need those services running and why are they not listening on localhost only?
  Thanks,
  . Federico