Link to home
Create AccountLog in
Avatar of Magnus Bergdahl
Magnus BergdahlFlag for Sweden

asked on

Cannot join AD from Mountain Lion 10.8.2

Hi
Any got tricks on joining a Macbook Pro with 10.8.2 into a normal AD domain?

I tried solution in https://www.experts-exchange.com/questions/27816397/Active-Directory-Authentication-FAILS-on-Mountain-Lion.html

but didn't work. It complains still that it cannot bind due to some authentication error.

The Macbook Pro has a fresh installation.
I am admin on the domain for our Windows computers. The OU I use, works for Windows computers

Any have a solution that works?
Avatar of jhyiesla
jhyiesla
Flag of United States of America image

Can you tell us the steps you are taking to bind the Mac to AD  I have one on our network that is running 10.8.2 without issue.
Avatar of Magnus Bergdahl

ASKER

System Preferences > Login Options > Join (Network Account Server) > Open Directory Utility > Active Directory >

current settings (but have tried many variations of them)

*Force local home directory on startup disk
*Use UNC path from Active Directory to derive network home location (using smb:)
*Default user shell: /bin/bash

*Map user GID to attribute: PrimaryGroupID (typed in)

*Allow Administration by: DOMAIN\Domain Admins

I click Bind and point to correct OU where I have the computer account. I am given then a message about it finding the computer (Join Existing account?) and I click OK. I use an account that can join Windows computers (actually tried several accounts)

Then error:
Authentication server failed to complete the requested operation
If the bind even partially worked, unbind it on the Mac. Then go to the Domain Controller in ADUC and remove the computer account from the OU. Then go back and try rebinding the Mac.
I tried that, same problem as before
What AD version are you using... not that that should really make a difference?  

You might look at a third party product. There are several and they all work pretty well. I tried several: Centrify, AdminMac and LikeWise. Probably with a new Mac setup they all work OK. I was attempting to do this on an already established Mac with an AD user and his files and I found out that it appeared that the first two wanted to retool the folder hierarchy for the user which messed things up. LikeWise was the only one that just kind of left it alone.

However, since 10.7, I've gone back to the built-in AD stuff and really haven't had a problem.

I assume that you are using a Domain admin as the user who is logged into the Mac doing the bind or are putting in Domain Admin credentials when prompted?
ASKER CERTIFIED SOLUTION
Avatar of Magnus Bergdahl
Magnus Bergdahl
Flag of Sweden image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
no solution found