2

I manage a network of Apple computers connected to an Active Directory server running Windows 2003. No exotic configurations. OS X clients only use the AD as a login server. Everything works fine, except for a strange issue that happens sometimes on the Apple clients: login failed, and the only thing I found to fix this issue is to re-join the computer to the AD server.

When the problem occurs, this is the output of ls -l /Users:

drwxrwxrwt   7 root         wheel        238B Mar  1  2011 Shared

drwxr-xr-x+ 16 2007941056   1918399388   544B May  9  2011 e.valeri

As you can see, UID and GID are not matched with the real Username and GroupName, which are in the AD server.

I am not an Apple expert but I'm a Linux System Administrator, so it is not a problem for me to search in the logs with the command line but, at the moment, I didn't find any clues.

Also, as you can imagine, the logfiles are quite long, so I can't simply paste the content in this thread. If there is anything specific that I should post, please leave a comment.

Does anyone have any idea why this might be happening?

MDMarra
  • 100,183
  • 32
  • 195
  • 326
frengo
  • 21
  • 3
  • Any luck on an answer yet? I have the same issue with my old iMac (Leopard), while my 3 MacBook Pros are fine (Snow Leopard and Lion). After a few weeks I have to rejoin the iMac to the domain to get it to work. – Jay Imerman Mar 24 '12 at 18:59

1 Answers1

0

There is some weirdness that happens with OS X clients joined to .local domains. This is because .local is used for mDNS (Bonjour).

Also, I've observed OS X clients using A records, not SRV records to locate Domain Controllers. Since these records are served round-robin, the problem appears intermittent. Verify that your A records for your AD domain contain only your DCs.

MDMarra
  • 100,183
  • 32
  • 195
  • 326