Solved

Macbok Pro OSx version 10.8.5 - Network accounts unavailable error message

Posted on 2016-11-03
4
74 Views
Last Modified: 2016-11-04
Hi Experts,

I have an Apple Macbok Pro running OSx version 10.8.5 connected to an Active directory domain and now when the user powers on the mac at the login promt screen an error message says: "Network accounts unavailable" are a red dot is next to the username. Its only possible to login with a local account.

Any ideas what may have caused this and how to fix?
0
Comment
Question by:sherlock1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 29

Expert Comment

by:serialband
ID: 41873200
If you set the AD account as a mobile account, you can log in with the cached account credentials.  Until you get a network connection, new AD accounts can not log in.

To enable, or force AD accounts to be Mobile Accounts,
   Open Directory Utility
   Unlock the interface, by clicking on the padlock.
   Select Active Directory, then Click on the pen/pencil icon to edit
   Expand the interface by clicking on the triangle near the bottom left.
   Check the box "Create mobile account at login"

You will always need to be connected to the network for a new AD account to log in.  The simplest thing to do is to plug in an ethernet cable.

Another way is to log in to an admin account that has Wifi enabled, then use manually create an entry for the mobile account first.
    Open Terminal.app
    /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n new_mobile_account_name

Once the account is created, you can switch users while logged into an account with Wifi enabled.  (You may have to log out and log back in for it to show up.)  The first time you switch users, you need the WiFi network, so that you can authenticate.  Once authenticated, the mobile account will be created and the credentials will be cached.  You will be able to log in again even when you have the red dot.
0
 

Author Comment

by:sherlock1
ID: 41873808
Thanks for your suggestions - I have checked the "Create mobile account at login" in Directory utility for AD and this setting is already ticked/enabled.

I have tried to login to the Mac with a AD user account that has never logged in before and this does work either.
An ethernet cable is plugged into the mac and I have verified the network connection is working by plugging the same network patch cable into a few other computers and they have network access

not to sure what you mean by login to an admin account that has Wifi enabled,
Maybe the mac is not correctly seen in AD - Any other suggestions?
0
 
LVL 29

Accepted Solution

by:
serialband earned 500 total points
ID: 41874137
Try rejoining the AD.  I find that laptops are taken home will eventually need to rejoin to fix some authentication issues.  Half the users I have have to rejoin to change passwords from their Macs.
0
 

Author Closing Comment

by:sherlock1
ID: 41874470
Thanks for your further help - unbind and rebind (rejoin to AD as suggested) resolved this. I had to do a force unbind.

The user can now log back in. Sounds like this issue will crop up again at some point in the future in that case.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question