MAC book access to AD

One of a MAC book can't login to the AD. Try to compare the setting with an option that works and I find that a option "Allow network users to log in at login window". Both version is Yosemite 10.10.5. Any idea ? Will that be a potential problem for not able to login ? Tks
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It may have lost its binding.  Unbind the domain and rejoin.
AXISHKAuthor Commented:
Tks, It works and how does the binding doesn't work accidentally ? I have notified that that a setting in Login Option "Allow network users to login at login window" is missing in the problematic MacBook. Delete unbind and remove the computer name in AD, this setting reappear again.

I was told that this setting is missing if the network connection is poor. Is that true and it
is caused by other reason.
Macs have issues.  They will lose binding.  It may be because they are remote laptops.
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

AXISHKAuthor Commented:
So, can't find it permanently ? Tks
If you take it away from the AD, it will occasionally lose partial binding on the Mac side, but it will still show as bound to AD.  I've seen it happen too often when remote users need to change their passwords and they get access denied.  It's still mostly bound to AD and has access to file shares, but it loses access to change passwords until you rejoin it to AD.

The other thing with remote Mac systems on AD is that you need to make sure you enable Create Mobile Account at login.  Otherwise AD accounts will always need to be connected to the network to log in.  It basically caches login credentials on the Mac.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AXISHKAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Mac OS X

From novice to tech pro — start learning today.