I need a Mac OS X Server/Active Directory guru!

We have a 2003 AD network. I have successfully bound all Macs and the OS X Server to the AD. Users login and validate against AD on their Macs. That all works great!
Now, I want to use OS X Server to control users and groups with Workgroup Manager. I really don't have any idea where to start. The server is bound to AD and the server software has been installed and updated. Is there a document that offers step-by-step instructions for what to do next? Any tips or links to documents that would help would be greatly appreciated.
I would also consider hiring a consultant to walk me through it...
Thanks

Thanks for the replies...
My first attempt to do this resulted in me being able to see AD users & groups but when I tried to apply settings to restrict access to certain System Preferences it would allow me to apply them. I always got an error message.
I have read the Mike Bombich white paper and get lost in a few of the steps along the way.
If that's my best option I will continue to try it... otherwise I'm open to working with someone over the phone or in person. I called a few consultants from the Apple Consultant list and have had no reponse.
Thanks

Similar Messages

Connect to Windows Server Active Directory

I have successfully connected windows comps to our windows server active directory, but when trying to connect from my Apple, I am told that username and password is incorrect even though I know I am using the correct one.
I am a bit confused here, but could certainly use some help.

You more than likely need to either disable the "Digitally Sign Communications" policy on your Windows Server or use a better SMB client than the one built into Mac OS X.
Have a look a this page on Microsoft's website about digitally signed communications and where to disable the policy. While this page does not specifically reference Mac OS X, this still applies to your Mac OS X system using SMB. <http://support.microsoft.com/default.aspx/kb/887429>
I suggest you instead look into a third party product called Dave from <http://www.thursby.com>. It doesn't require that you lower your server's security to connect.
Hope this helps! bill
1 GHz Powerbook G4 Mac OS X (10.4.9)

Windows Server Active Directory services

Hi,
We have installed Windows server 2008 R2 as a primary domain controller.
the domain controller "xxxxxxx" (2008R2 SP1) gets freeze intermittently and at the time of issue we are not able to ping and take RDP session of this server from any other server.In the
event log : 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Kindly advice how to resolve this issue.
Thanks,
Balaji

Hello,
Could you check your servers hdd, nic and another services pls. Also this error (4015) occur DC is not respond requests
from the DNS Server.
Check your DNS functionality (Dcdiag /test:DNS) and refer these
articles please.
DNS Event Id: 4015, 4513 and 4514
Event ID 4015 — DNS Server Active Directory Integration
Regards,
Elguc

Binding Mac to a Windows 2000 server (Active Directory)

I have been trying to connect various mac machines on my campus to the active directory on a windows 2000 server.and i've been getting various errors.in one lab i have some IMac10,1- mac osx ver 10.6.2 and in the other labs i have lower versions on the Mac pro.I have seen on other forums where others where able to bind the mac machine to windows 2003 server,but no one mentioned windows 2000 server. Please tell me if its possible to add these machines to a windows 2000 server platform.

Hi,
what is the matter? it is a difficult problem or it is impossible to do that?
Please, if someone have any idea about this ,tell me?
with advanced thanks.

OSX Server Active Directory

I installed and setup OS X Server 4.0.3 and is working using File Sharing and users. The client computers are Windows 7, i can map network drive from the windows 7 computers and get files in certain directories. But, is there a way i can get it to work the way Active Directory works. I want to be able to logoff one windows 7 computer and login to a different windows 7 computer and be able to be authenticated on the network using the ID and password created on the OS X Server.
Is there a way to do this? I've done many searches and there is a lot of conflicting information that it can and cannot be done.

OS X Server can not act as an Active Directory domain controller. Not since OS X Server 10.6 could this happen and back then OS X Server could only emulate NT Style Domains. Thus, you can not bind Windows workstations to OS X Server 10.10 (Server 4.x).
If you are looking to build a centralized domain, the best tool for a mixed platform environment is actually Active Directory. OS X can bind to AD and works very well in this capacity. Windows can bind to AD. You get centralized user and group management, authentication and authorization, password policy, group management, and single sign-on. Group policy does not apply to Macs as we luckily do not have a registry.
Reid
Apple Consultants Network
Author "Yosemite Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store

Certificate server, active directory...............

hi,
we r working on java cards....
We need to install a certificate server......
So i want to ask ...............
Is there any special requirements for certificate server regarding to the active directory ???

hi,
we r working on java cards....
We need to install a certificate server......
So i want to ask ...............
Is there any special requirements for certificate server regarding to the active directory ???

Getting HTTP 500 Error When Trying To Authenticate Against LDAP Server (Active Directory)

Hello,
I am currently facing an issue when I try and use LDAP authentication in my Apex application as I am getting a HTTP 500 Internal Server Error message. For my authentication scheme I have used the pre-configured option of how to connect to an LDAP server and in my development environment this seems to be working fine but now I have deployed my application to our staging environment and I am getting the error. If I switch to the Application Express Authentication scheme then I don't get the error.
I've had a look at the log file on the server and I see I am getting this error:
[#|2015-03-31T16:19:11.254+0100|SEVERE|glassfish3.1.2|null|_ThreadID=21;_ThreadName=Thread-2;|JDBCException [kind=UNAVAILABLE]
    at oracle.dbtools.common.jdbc.JDBCException.wrap(JDBCException.java:99)
    at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:81)
    at oracle.dbtools.common.jdbc.ora.OraPrincipal.connection(OraPrincipal.java:69)
    at oracle.dbtools.apex.ModApexContext.getConnection(ModApexContext.java:372)
    at oracle.dbtools.apex.OWA.getStatement(OWA.java:536)
    at oracle.dbtools.apex.OWA.init(OWA.java:308)
    at oracle.dbtools.apex.ModApex.doPost(ModApex.java:138)
    at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
    at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:347)
    at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:130)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
    at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
    at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
    at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
    at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
    at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
    at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
    at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
    at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
    at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
    at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
    at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
    at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
    at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
    at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
    at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
    at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
    at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
    at java.lang.Thread.run(Thread.java:662)
Caused by: java.sql.SQLException: Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
    at oracle.ucp.util.UCPErrorHandler.newSQLException(UCPErrorHandler.java:488)
    at oracle.ucp.util.UCPErrorHandler.throwSQLException(UCPErrorHandler.java:163)
    at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:928)
    at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:863)
    at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:855)
    at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:71)
    ... 33 more
Caused by: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
    at oracle.ucp.util.UCPErrorHandler.newUniversalConnectionPoolException(UCPErrorHandler.java:368)
    at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:49)
    at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:80)
    at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:131)
    at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnectionWithoutCountingRequests(UniversalConnectionPoolImpl.java:279)
    at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnection(UniversalConnectionPoolImpl.java:142)
    at oracle.ucp.jdbc.JDBCConnectionPool.borrowConnection(JDBCConnectionPool.java:157)
    at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:916)
    ... 36 more
So it seems that every time I try and use LDAP I hit this error. Also after awhile I have to re-start the Apex Listener for that domain. I have came across this thread: LDAP Authentication Question but I am not sure if the user got the problem solved or not.
Our infrastructure is as follows:
Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit
Apex Listener: 2.0.3.221.10.13
GlassFish Server Open Source Edition 3.1.2.2 (build 5)
If anybody has any idea what is causing this that would be great.
Cheers,
Paul.

Hi Colm,
Thanks for getting back to me on this. I have downloaded and created a new ORDS server with 2.0.10 and while I don't get the error:
Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
I am now getting the following (I have turned on the logging)
No more data to read from socket java.sql.SQLRecoverableException: No more data to read from socket
at oracle.jdbc.driver.T4CMAREngine.unmarshalUB1(T4CMAREngine.java:1157) at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:345)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:223) at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
at oracle.jdbc.driver.T4CCallableStatement.doOall8(T4CCallableStatement.java:205)
at oracle.jdbc.driver.T4CCallableStatement.executeForRows(T4CCallableStatement.java:1043)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1336)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3612)
at oracle.jdbc.driver.OraclePreparedStatement.execute(OraclePreparedStatement.java:3713)
at oracle.jdbc.driver.OracleCallableStatement.execute(OracleCallableStatement.java:4755)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.execute(OraclePreparedStatementWrapper.java:1378)
at sun.reflect.GeneratedMethodAccessor1991.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.ucp.jdbc.proxy.StatementProxyFactory.invoke(StatementProxyFactory.java:230)
at oracle.ucp.jdbc.proxy.PreparedStatementProxyFactory.invoke(PreparedStatementProxyFactory.java:124)
at oracle.ucp.jdbc.proxy.CallableStatementProxyFactory.invoke(CallableStatementProxyFactory.java:101)
at $Proxy432.execute(Unknown Source) at oracle.dbtools.apex.OWA.execute(OWA.java:145)
at oracle.dbtools.apex.ModApex.handleRequest(ModApex.java:201)
at oracle.dbtools.apex.ModApex.doPost(ModApex.java:152)
at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:350)
at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:132)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)
I cant see anything glaring that is causing this. I have also increased the Minimum Connections to 30 and Maximum Connections to 100 with the administration part of Configuring ORDS via SQL Developer and it still has no desired effect.
The application works fine in our Development and Testing Environment but since I have ported it over to our production instance I am unable to log into it using my Active Directory credentials.
Cheers,
Paul.

OS X Server + Active Directory Authentication Issue with Wikis

Hello,
I recently purchased an Apple XServe with Snow Leopard installed. The purpose of this server is to enable students and teachers to create Wikis and Blogs.
The majority of my environment is MS, with Active Directory as our LDAP provider.
I have joined the server to my domain and can add domain accounts to the Wiki creation access list without issue, but whenever I try to login to the server's web interface with one of those accounts the login screen shakes and prompts for another set of credinitals.
What am I doing wrong? Open Directory seems to be setup properly and has been kerberitized as it requested when I joined the box to the domain.
Thank you all for your help,
David
Message was edited by: DHeath_WJCC

please ask in the Snow leopard server forum
http://discussions.apple.com/category.jspa?categoryID=96

Advice needed for WAP4410n to authenticate using active directory ?

Hello,
We have a couple of Cisco WAP4410n newly purchased for our organisation.
1)We already have a windows 2003 active directory with domain and users.
2)We have installed a machine with ubunto linux.It has freeradius configured
in it.we have also installed the certificate server in this machine.
3)we have given the linux machine's ip to the freeradius settings in wap4410n.
4)Our logic is that when a wireless users tries to connect to wap4410n the linux
free radius server will communicate with the windows active directory and grant
access to the wireless user.
However when we try to connect a wireless user we are getting certificate related
errors.
Can someone advice us on the settings (PEAP and certificate issues) with respect to freeradius and wap4410n
so that the active directory users can be authenticated.
Thanks & regards.....

Hi Sabeesh,
if you get a certificate warning, then you should check what it is complaining about.
-If you go for PEAP, you're supposed to install a certificate on the radius server and to have the clients to trust it.
-Usually people configure the windows peap client to NOT validate the server certificate, which bypass this problem. However a certificate still has to be installed on the Radius server but it can be invalid.
Hope this helps
===
Don't forget to rate answers that you find useful

Binding Mac OS X to Active Directory Domain

Question 1:
I've just binding a Mac (Windows File Service) to a W2K3 Domain controller. After that I will configure the Mac share point using W2K3 Domain's account. From Mac Workgroup Manager I can't find the Active Directory account, the opposite from W2K3 Explorer I can't adding Active Directory users or groups to Mac sharing object. Do I missed some steps for Active Directory Binding?
Question 2:
Why I can't unbind my Mac (Windows File Service) from W2K3 Active Directory clearly? I should using Force Unbind, after that I cannot rebinding againt to that Active Directory. Is there any missing of my Mac component or driver?

thought I might add...
i keep getting folders in Trash aswell named recovered, there are a couple of them. I think this may be if the machine is dropping off the network. (but not sure)
different models Mac OS X (10.4.8)

Mac OS X and Active Directory

An interesting problem that has been in effect for what must be years now.
I'm a student troubleshooter at a college. We have a mostly Windows based campus, but we do have a nice share of Macs as well.
For logging in, our Macs authenticate through Active Directory.
However, we have several domains on the network, and that presents a problem.
While the Macs are bound to the top level domain, it has become apparant that if a user account exists in two lower level domains, the Mac will not log in.
For example, I have two accounts with the same username in password in two domains. Because the short name is the same in both accounts, the Mac does not know which to login and refuses entry, even if the domain is specified at login.
I was wondering if this was a known issue and if any workarounds exist (other than deleting one of the accounts).

you can use it off the domain as well but only if there is a local account by the same name. But ofcourse if you have a local account by the same name then that will tak precedence even if you are bound to AD.
I dont know about the booting problems unless it was somehow related to the previous statement. I havent had any issues with my trouble except lock up of the print menu if you have printers installed from the directory.

Final Cut Server & Active Directory authentication

Hi all,
This is an older question that was not be answered in the past.
I have a Xserve with Mac OS X server 10.5.6, running Final Cut Server 1.1.1 and a Windows 2003 AD server with hundreds of users.
The issue is FCS is not authenticating against AD even though clients can do it, being binded with Directory Utility without trouble.
Could somebody tell me if is this a known issue?
Did somedody make it work?
Thanks

Same problem here. We couldn't make it work, that is login to FCS using AD users.
Don't remember where but I was reading about it in a forum, somebody said that they talk to someone in Apple and they told him this is a problem and that they were going to fix it in the next FCS update/release.
Hope they do
PS: De donde sos nono??

Need Help creating new user in Active Directory

I am trying to create a new user in active directory via a java application. I have included the code that I am using. I am able to successfully bind to Active Directory. I have been able to change passwords, and delete users, but I have not been able to create a user.
ldapHost : "mta101.DOM101.CEL.ACC.AF.MIL"
domainName: "dc=dom101,dc=cel,dc=acc,dc=af,dc=mil"
existing account: CN=Brett K. Humpherys,OU=Users,OU=CEL
I get the following error on the createSubcontext statement:
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - 00000057: LdapErr: DSID-0C09098B, comment: Error in attribute conversion operation, data 0, v893 ; remaining name 'CN=test1,OU=Users,OU=CEL'
I have commented out the password portion and change the ObjectCategory to a 32 and get the same error.
    public GblStatus createAccount7(DbaDb dbConn,
                                    String jsrcName,
                                    String personName,
                                    String username,
                                    String password)
      Hashtable ldapEnv = new Hashtable(11);
      ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
      ldapEnv.put(Context.PROVIDER_URL, "ldap://" + this.ldapHost + ":636");
      ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
      ldapEnv.put(Context.SECURITY_PROTOCOL, "ssl");
      ldapEnv.put(Context.REFERRAL, "ignore");
      ldapEnv.put(Context.SECURITY_PRINCIPAL,"cn=" + this.adminAcct + ",cn=users," + this.domainName);
      ldapEnv.put(Context.SECURITY_CREDENTIALS, this.adminPwd);
       try
        // Create the initial context
        DirContext ctx = new InitialDirContext(ldapEnv);
        BasicAttributes attrs = new BasicAttributes();
        BasicAttribute ocs = new BasicAttribute("objectclass");
        ocs.add("top");
        ocs.add("person");
        ocs.add("organizationalPerson");
        ocs.add("user");
        attrs.put(ocs);
        BasicAttribute gn = new BasicAttribute("givenName", "test1");
        attrs.put(gn);
        BasicAttribute sn = new BasicAttribute("sn", "");
        attrs.put(sn);
        BasicAttribute cn = new BasicAttribute("cn", "test1");
        attrs.put(cn);
        BasicAttribute uac = new BasicAttribute("userAccountControl", "66048");
        attrs.put(uac);
        BasicAttribute sam = new BasicAttribute("sAMAccountName", "test1");
        attrs.put(sam);
        BasicAttribute disName = new BasicAttribute("displayName", "test1");
        attrs.put(disName);
        BasicAttribute userPrincipalName = new BasicAttribute
                                      ("userPrincipalName", "[email protected]");
        attrs.put(userPrincipalName);
        BasicAttribute instanceType = new BasicAttribute("instanceType", "4");
        attrs.put(instanceType);
        BasicAttribute objectCategory = new BasicAttribute
                  ("objectCategory","CN=User,CN=Schema,CN=Configuration," + domainName);
        attrs.put(objectCategory);
        String newVal = new String("\"password\"");
        byte _bytes[] = newVal.getBytes("Unicode");
byte bytes[] = new byte[_bytes.length - 2];
System.arraycopy(_bytes, 2, bytes, 0, _bytes.length - 2);
BasicAttribute attribute = new BasicAttribute("unicodePwd");
attribute.add((byte[]) bytes);
attrs.put(attribute);
ctx.createSubcontext("CN=test1,OU=Users,OU=CEL", attrs);
ctx.close();
catch (NameAlreadyBoundException nex)
System.out.println("User ID is already in use, please select a different user ID ...");
catch (Exception ex)
System.out.println("Failed to create user account... Please verify the user information...");
ex.printStackTrace();
return new GblStatus();
Any help would be much appreciated.

Hi .,
me too got up with same problem., can anyone help me.??
Someone help me to create attributes in AD using LDAP
package LDAPpack;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import java.util.Hashtable;
class CreateAttrs {
public static void main(String[] args) {
     Hashtable env = new Hashtable();
          env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
          env.put(Context.PROVIDER_URL, "ldap://10.242.6.166:389/");
          env.put(Context.SECURITY_AUTHENTICATION,"simple");
          env.put(Context.SECURITY_PRINCIPAL, "CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org");
                    env.put(Context.SECURITY_CREDENTIALS, "password-1");
          LdapContext ctx =null;
          try {
               //ctx = new InitialLdapContext(env,null);
               try {
ctx = new InitialLdapContext(env,null);
               catch(NamingException e) {
System.out.println("Login failed");
System.exit(0);
if(ctx!=null){
System.out.println("Login Successful");
byte[] buf = new byte[] {0, 1, 2, 3, 4, 5, 6, 7}; // same data
     // Create a multivalued attribute with 4 String values
     BasicAttribute oc = new BasicAttribute("objectClassNew", "topNew");
     oc.add("personNew");
     oc.add("organizationalPersonNew");
     // Create an attribute with a byte array
     BasicAttribute photo = new BasicAttribute("jpegPhotoNew", buf);
     // Create attribute set
     BasicAttributes attrs = new BasicAttributes(true);
     attrs.put(oc);
     attrs.put(photo);
     Attributes attrs1 = ctx.getAttributes("CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org");
System.out.println(attrs1);
Context result = ctx.createSubcontext("CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org", attrs);
//i got error here; i attach the error below.
     ctx.close();
System.out.println("close");
     catch(NamingException e){
          e.printStackTrace();
ERROR:
Login Successful
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece
ANYONE HELP ME PLS.
Edited by: vencer on Jun 19, 2008 12:38 AM

Need a Mac OS X Server Admin to setup a home/business server? Know anyone?

Looking for an expert to setup a home based server to support mail for a few domains. Do not have the time to work through the configurations.

Hello
You can contact me through my profile.
Jeff

Sharing Printer in OS X Server (Active Directory)

I have my Snow Leopard server bound to AD and I feel like a retard right now for not figuring out how to share printers. I want to use this xserve as a print server for the rest of the Macs in our organization.
Workgroup Manager is all AD integrated now and I can't figure out how to share a printer!

Hi
You use Server Admin. Enable the Print Service first, then add the printer to the Server itself using the Print & Fax Preferences Pane. Once you verify you can successfully print to the printer from the Server directly create a Queue for that Printer, enable your desired Protocols and start the Service. That should be it in Server Admin. In Workgroup Manager select the OD Group that has your nested AD Users and/or Groups and define an MCX for that Printer. Users should now 'see' this Printer in their Print Dialog Box.
All of this assumes 10.5 or 10.6 Server and the correct driver/ppd is installed on the client workstations. To be honest if this is a network printer it might be best if you configured it locally on the client workstations anyway. That way any user local or otherwise can use the printer. If the Printer itself is on an AD Spooled Queue then I can't see why you would want to manage it via OD? Authentication and authorisation will be coming from AD as should any quotas/costings.
Tony

I need a Mac OS X Server/Active Directory guru!

Similar Messages

Maybe you are looking for