Solved

Macbok Pro OSx version 10.8.5 - Network accounts unavailable error message

Posted on 2016-11-03
4
58 Views
Last Modified: 2016-11-04
Hi Experts,

I have an Apple Macbok Pro running OSx version 10.8.5 connected to an Active directory domain and now when the user powers on the mac at the login promt screen an error message says: "Network accounts unavailable" are a red dot is next to the username. Its only possible to login with a local account.

Any ideas what may have caused this and how to fix?
0
Comment
Question by:sherlock1
  • 2
  • 2
4 Comments
 
LVL 29

Expert Comment

by:serialband
ID: 41873200
If you set the AD account as a mobile account, you can log in with the cached account credentials.  Until you get a network connection, new AD accounts can not log in.

To enable, or force AD accounts to be Mobile Accounts,
   Open Directory Utility
   Unlock the interface, by clicking on the padlock.
   Select Active Directory, then Click on the pen/pencil icon to edit
   Expand the interface by clicking on the triangle near the bottom left.
   Check the box "Create mobile account at login"

You will always need to be connected to the network for a new AD account to log in.  The simplest thing to do is to plug in an ethernet cable.

Another way is to log in to an admin account that has Wifi enabled, then use manually create an entry for the mobile account first.
    Open Terminal.app
    /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n new_mobile_account_name

Once the account is created, you can switch users while logged into an account with Wifi enabled.  (You may have to log out and log back in for it to show up.)  The first time you switch users, you need the WiFi network, so that you can authenticate.  Once authenticated, the mobile account will be created and the credentials will be cached.  You will be able to log in again even when you have the red dot.
0
 

Author Comment

by:sherlock1
ID: 41873808
Thanks for your suggestions - I have checked the "Create mobile account at login" in Directory utility for AD and this setting is already ticked/enabled.

I have tried to login to the Mac with a AD user account that has never logged in before and this does work either.
An ethernet cable is plugged into the mac and I have verified the network connection is working by plugging the same network patch cable into a few other computers and they have network access

not to sure what you mean by login to an admin account that has Wifi enabled,
Maybe the mac is not correctly seen in AD - Any other suggestions?
0
 
LVL 29

Accepted Solution

by:
serialband earned 500 total points
ID: 41874137
Try rejoining the AD.  I find that laptops are taken home will eventually need to rejoin to fix some authentication issues.  Half the users I have have to rejoin to change passwords from their Macs.
0
 

Author Closing Comment

by:sherlock1
ID: 41874470
Thanks for your further help - unbind and rebind (rejoin to AD as suggested) resolved this. I had to do a force unbind.

The user can now log back in. Sounds like this issue will crop up again at some point in the future in that case.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question