Broken Active Directory in Mac OS X Lion?

[!Shea!]

Mac OS X Lion only installed on a network that authenticates users using Active Directory and displays a red dot that says "Network accounts are not obtainable”. Does anyone have a solution to join Active Directory?

[Aniela]

Also I'm seeing this. Did it on two computers with identical results. When I attempt to bind, and I get "Cannot store password" error message near the end.

[Jezriah]

Same here I'm afraid. Rebinding to my 2003 R2 domain corrected the issue for a while but it is still flaky (I acquire network accounts unavailable or active directory inaccessible from time to time).

Again, rebinding got me past the initial issue where it would not see my Active directory environment whatsoever nevertheless, the troubles are not fixed. Looking at the console while you troubleshoot this may give you some clues. Can't wait for apple to start issuing patches.

[Ooghavanth]

I imagine I fixed my "can't store password" trouble by running fix permissions in disk utility. Also, had to click bind approximately a dozen times before it acquire a reply from the Active Directory in time. I imagine perhaps the timeout is ridiculously short?

[Evoldo]

Try these commands

Code:

dsconfigad -packetsign require
dsconfigad -packetencrypt require

[Dayanidhi]

I just posted comparable query. I have only upgraded one Mac so far as a test. I cannot bind to Active directory at all. I acquire to point where it is "getting AD domain info" and then it ultimately fails with "Authentication server could not be contacted."

I've tried several times. When I look inside the Directory Service directory, there is not anything there. I will attempt some of the suggestions above to see if this helps, nevertheless I am convinced and I am hoping that Apple comes out with a patch as I actually do not want to be eliminate and reading over 400 computers to Active Directory and rebinding them!

[Parnell]

I have effectively added my systems to Active directory with no matter. nevertheless at the login screen I acquire a note bubble with the following error "Network Accounts Unavailable". In System Pref. I have a green dot illustrate Active directory is up and in a row nevertheless at the login display its red with the error note. Anybody else having this issue?

[Phalguni88]

The green light in the window means that the computer can see a domain controller as a valid address. The login screen of active trading.aaron-w is right to point out the need to use Directory Utility to manually add the search path. If you look at the log files open directory console will see waiting times / ALL DOMAINS /.

When you press the + button, you will see your actual domain in place the generic catch-all.It adds that, prioritize, and apply it. Give it a minute for the team to realize what happened. Try a fast user switch and you should be able to authenticate (and find the following error shortly after).

[ZAHAR]

I added the search path, and I have to work. However, the only small problem I found now is that our AD domain administrator accounts can no longer be stewards of the equipment without checking the "Allow management of computer" check box. With Snow Leopard our domain administrator accounts were able to manage computers without further adjustment. This is a small issue and I can avoid that by creating a local administrator account or you enable the root. But if anyone knows a solution please share.

[Sitia]

I've had very good luck to reset the Directory Services. Typically, this involves removing the entire folder Open Directory in / Library / Preferences, restart, and then bind again with Directory dsconfigured or utility. By the technique, the syntax for dsconfigured has distorted a bit in Lion. The benefit of using instead Directory Utility if we are further comprehensive mistake post.

Note that if you run server Lion, you will need to link their shared LDAP (Open Directory master) domain. Your LDAP database, server store the password and the KDC must be very good, but the server will not be able to contact them as it should until rebind.

[Ticod]

Well, once Apple releases 10.7.2 update that should resolve the trouble of forcing Active Directory. It is only in preview ADC members at this time, although I loaded and was capable to generate my domain account and mobile account.Reeboot the system and was capable to log on once more with the identical domain account.

It seems to fix the trouble connected connection SMB share. one more oddity in case you have not noticed, nevertheless in / Users /, the / Library is invisible!