Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
macenterprise
Message from discussion Mobile account / AD bug in Snow Leopard

View parsed - Show only message text

Received: by 10.224.19.6 with SMTP id y6mr582551qaa.12.1254769410185;
        Mon, 05 Oct 2009 12:03:30 -0700 (PDT)
Received: by 10.224.19.6 with SMTP id y6mr582550qaa.12.1254769410151;
        Mon, 05 Oct 2009 12:03:30 -0700 (PDT)
Return-Path: <owner-macenterpr...@lists.psu.edu>
Received: from f05s16.cac.psu.edu ([128.118.141.59])
        by gmr-mx.google.com with ESMTP id 19si391646qyk.0.2009.10.05.12.03.30;
        Mon, 05 Oct 2009 12:03:30 -0700 (PDT)
Received-SPF: error (google.com: error in processing during lookup of owner-macenterpr...@lists.psu.edu: DNS timeout) client-ip=128.118.141.59;
Authentication-Results: gmr-mx.google.com; spf=temperror (google.com: error in processing during lookup of owner-macenterpr...@lists.psu.edu: DNS timeout) smtp.mail=owner-macenterpr...@lists.psu.edu
Received: from tr12n08 (tr12g08.aset.psu.edu [146.186.16.58])
	by f05s16.cac.psu.edu (8.13.8/8.12.11) with ESMTP id n95AKPXp134126;
	Mon, 5 Oct 2009 15:03:18 -0400
Received: by LISTS.PSU.EDU (LISTSERV-TCP/IP release 15.5) with spool id
          20930183 for MACENTERPR...@LISTS.PSU.EDU; Mon, 5 Oct 2009 15:03:21
          -0400
Received: from f05s16.cac.psu.edu (f05s16.cac.psu.edu [128.118.141.59]) by
          tr12n08.aset.psu.edu (8.13.8/8.13.8) with ESMTP id n95J3JOo3014824
          for <MACENTERPR...@LISTS.PSU.EDU>; Mon, 5 Oct 2009 15:03:19 -0400
Received: from postoffice03.bates.edu (postoffice03.bates.edu
          [134.181.130.141]) by f05s16.cac.psu.edu (8.13.8/8.12.11) with ESMTP
          id n95J3DTw075026 for <MACENTERPR...@LISTS.PSU.EDU>; Mon, 5 Oct 2009
          15:03:14 -0400
Received: from a8643.bates.edu (a8643.bates.edu [134.181.130.125])
          (authenticated bits=0) by postoffice03.bates.edu (8.13.1/8.13.1) with
          ESMTP id n95J2Ijg010660 (version=TLSv1/SSLv3 cipher=AES128-SHA
          bits=128 verify=NO) for <MACENTERPR...@LISTS.PSU.EDU>; Mon, 5 Oct
          2009 15:02:22 -0400
Mime-Version: 1.0 (Apple Message framework v1076)
References: <217122BB-2551-44A2-A94A-445CE4597516@bates.edu>
            <51BEE550-CF49-498D-B9EA-13BBD651F...@mail.nih.gov>
            <19B3FF3E-EA51-4FCC-944F-006BBDAE5...@gmail.com>
X-Mailer: Apple Mail (2.1076)
X-PMX-Version: 5.5.7.378829, Antispam-Engine: 2.7.2.376379,
               Antispam-Data: 2009.10.5.185124
X-Greylist: Default is to whitelist mail,
            not delayed by milter-greylist-3.0 (f05s16.cac.psu.edu
            [128.118.141.59]); Mon, 05 Oct 2009 15:03:14 -0400 (EDT)
X-Virus-Scanned: amavisd-sophos
X-PSU-Spam-Flag: NO
X-PSU-Spam-Hits: -2.598
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=windows-1252; format=flowed; delsp=yes
Message-ID:  <BF31D5F0-15D8-4938-BF67-779D7DDDB...@bates.edu>
Date:         Mon, 5 Oct 2009 15:02:17 -0400
Reply-To: Mac OS X enterprise deployment project
              <MACENTERPR...@lists.psu.edu>
Sender: Mac OS X enterprise deployment project <MACENTERPR...@lists.psu.edu>
From: Paul Benham <pben...@BATES.EDU>
Subject: Re: Mobile account / AD bug in Snow Leopard
To: MACENTERPR...@LISTS.PSU.EDU
In-Reply-To:  <19B3FF3E-EA51-4FCC-944F-006BBDAE5...@gmail.com>
Precedence: list

Hi,

an update on the problem that I had been experiencing (and reported as =20=

Bug 7069059 / Duplicate 6793037).
It turns out that the issue is caused by having a value assigned to =20
the Active Directory user's Home Folder in their AD profile. Once I =20
removed the value I could log on and create a mobile account with no =20
problems - I then re-added the Home folder value to the AD user's =20
profile.
I only found this information through an SE who had access to see the =20=

bug report. Is there a way to be notified when a resolution to a bug =20
has been made? It's frustrating to see that a bug has been closed, or =20=

marked as a duplicate and not know the outcome (and I have tried =20
emailing for follow ups, but have not had any luck with that).

paul
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Paul Benham
Desktop Operations Specialist
Bates College
110 Russell Street
Lewiston, ME 04240
PH: 207-786-6382
pben...@bates.edu

On Aug 28, 2009, at 5:45 PM, Kyle Crawford wrote:

> I reported this back in January radar 6490040.
>
> Disabling use uncpath allowed it to work for me, but that turns on =20
> home syncing and that requires that your network homes are working.
>
> Kyle
>
> On Aug 28, 2009, at 4:46 PM, Rich Trouton <rtrou...@MAIL.NIH.GOV> =20
> wrote:
>
>> I've seen that exact same issue today, though I was able to make =20
>> one AD account work correctly. I was able to work around it with =20
>> one that didn't work by running the following commands:
>>
>> sudo /System/Library/CoreServices/ManagedClient.app/Contents/=20
>> Resources/createmobileaccount -n username
>> sudo createhomedir -c -u username
>>
>> Once I'd done that, I was able to log in with my AD credentials to =20=

>> the newly-created mobile account. Kerberos looks like it's working =20=

>> properly as well, as I was able to mount my AD home.
>>
>> Thanks,
>> Rich
>>
>> On Aug 28, 2009, at 1:47 PM, Paul Benham wrote:
>>
>>> Hi,
>>>
>>> just a heads up for anyone who is using mobile accounts and Active
>>> Directory - they currently are not working with Snow Leopard.
>>> I filed a bug report with Apple regarding this issue back in the
>>> middle of July (  7069059) and was hoping that it might be =20
>>> resolved by
>>> the time the final release came out, but apparently not. It is still
>>> marked as a duplicate bug (Duplicate /6793037) as of today.
>>> What is a little strange to me is that network accounts with AD are
>>> working fine (in fact we even got our SSO ability back which we lost
>>> with Leopard), but when you change the Advanced settings in =20
>>> Directory
>>> Utility (now found in /System/Library/CoreServices) to include =20
>>> "Create
>>> mobile account at login" you get a shaking login screen when =20
>>> trying to
>>> authenticate with an AD user's name and password.
>>>
>>> paul
>>> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
>>> Paul Benham
>>> Desktop Operations Specialist
>>> Bates College
>>> 110 Russell Street
>>> Lewiston, ME 04240
>>> PH: 207-786-6382
>>> pben...@bates.edu
>>>
>>>
>>> _____________________________________________________
>>> MacEnterprise, Inc
>>> http://www.macenterprise.org
>>>
>>> Subscription Options and Archives
>>> http://lists.psu.edu/archives/macenterprise.html
>>
>> ---
>>
>> Rich Trouton (Contractor)
>> LAN Support
>> rtrou...@mail.nih.gov
>> -----------------------------------------------------------
>> National Human Genome Research Institute
>> National Institutes of Health =97 Bethesda, MD
>>
>> Office number:
>> (240) 506-7993
>>
>> NIH Help Desk:
>> (301) 496-4357
>>
>> NIH support request website:
>> http://ithelpdesk.nih.gov/Support/
>>
>> The best way to get in touch with me is through email.
>>
>>
>>
>>
>> _____________________________________________________
>> MacEnterprise, Inc
>> http://www.macenterprise.org
>>
>> Subscription Options and Archives
>> http://lists.psu.edu/archives/macenterprise.html
>
> _____________________________________________________
> MacEnterprise, Inc
> http://www.macenterprise.org
>
> Subscription Options and Archives
> http://lists.psu.edu/archives/macenterprise.html
>


_____________________________________________________
MacEnterprise, Inc
http://www.macenterprise.org

Subscription Options and Archives
http://lists.psu.edu/archives/macenterprise.html

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google