Solved

Certain iMac's now can't log in to mixed environment

Posted on 2013-06-29
12
290 Views
Last Modified: 2013-07-25
Hi,

I have recently inherited a client that has a mixed environment.

They have 2 locations connected by a IPSEC VPN.

2 IBM Windows Server 2008 r2 mirrored in each location with six 2008+ iMac's in one location and 4 in the other.

In each of the locations we cannot log onto the network on 2 machines. We can log on using local admin accounts; access the internet and low security shared resources. I can even log in via remote desktop to the servers.

I found that the clocks on the iMac's are about 5-6 minutes slower than the server. Looking at this I thought this possibly was the cause with Active Directory not authenticating the machines.

I have looked at the servers time server and it is time.microsoft.com and when I try to amend the ntp.conf file on the iMac's to represent this and have them sync up nothing changes.

I have been working on this for a few days and am really banging my head against a wall now.

Any ideas would be greatly appreciated.
0
Comment
Question by:SharkNorris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 53

Expert Comment

by:strung
ID: 39287171
By "nothing changes", do you mean that the Macs' clocks are still 5 - 6 minutes slow, or do you mean that the Macs' clocks now show the same time as the servers' but you still can't log in?
0
 
LVL 53

Expert Comment

by:strung
ID: 39287175
0
 
LVL 53

Expert Comment

by:strung
ID: 39287180
Alternatively, is the server clock wrong? 5 to 6 minutes is a lot. It ought to be easy to tell whether the clocks on the servers or the Macs are wrong.
0
Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

 

Author Comment

by:SharkNorris
ID: 39287327
Nothing changes in that the clocks are still slower than the server and logging on to the network is still not possible from those machines

I have tried the method found on http://www.macinstruct.com/node/92 with no luck.

Now I am wondering if the server time is off; but then the other 9 or so machines are fine...
0
 
LVL 53

Expert Comment

by:strung
ID: 39287329
My guess is the sever is off. The other 9 machines may be picking up their time from the server. You can set PC's to pick up their time from the server.

Should be easy to tell which is right. Compare the time to the time on your smart phone.
0
 
LVL 53

Expert Comment

by:strung
ID: 39287332
If your server is set up as in this KB:  http://support.microsoft.com/kb/816042 then your Windows computers are probably picking up their time by sync with the server, whereas the Macs are synching with the Apple Time Server. If your server's time is wrong, then that would account for your problem.
0
 
LVL 53

Expert Comment

by:strung
ID: 39287334
The link in the previous message will tell you how to sync the server to an external time server.
0
 

Author Comment

by:SharkNorris
ID: 39287366
I'll report back when on-site tomorrow with more info or hopefully a "hoorah!" and its working.

Thanks for the help strung.
0
 

Author Comment

by:SharkNorris
ID: 39287964
Also I must not have been clear enough, the only Windows environments on the network are the two mirrored servers - otherwise its all iMac's. Some work, and some do not.
0
 
LVL 11

Expert Comment

by:naderz
ID: 39303322
Are your Windows servers running NTP server? They should be. If yes, try using them as the NTP server for the Macs and run two tests:

1. use the Windows server's IP address.
2. use the Windows server's FQDN.
0
 

Accepted Solution

by:
SharkNorris earned 0 total points
ID: 39342125
Manually setting the time on 3 of the 4 iMacs was the only thing that resolved the issue.

On the 4th I logged in as local admin and then removed from AD and reconnected to AD.

All working.
0
 

Author Closing Comment

by:SharkNorris
ID: 39354031
The suggestions of other people were unsuccessful but further testing myself resolved the issue.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question