This discussion is locked
piperspace
Level 2 (305 points)

Q: System Image Utility 2 - Directory Binding Fails

I am testing the new feature to automatically "Connect Computers to Directory Servers" following an install. I need to bind my clients to a Windows Domain and also to a Mac server. I am running the Version 10.6.2 Server Admin Tools on a laptop under Snow Leopard and then copying the NBI folder to a server running 10.5.x. I have not yet been able to try this with a 10.6 server.

My SIU workflow takes a 10.6 DVD as its source, then it has steps to Add User, Apply System Configuration Settings and finally Create Image. In the Settings I am entering the info for both directory servers. For the Windows AD server I am providing proper admin credentials.

When I install this image everything works as expected except that the client is not connected to the directory servers. This feature does not seem to work under any circumstances. However, I do see the following in the client's system log following first boot:
Dec 7 10:09:40 piperspace-000000000000 /usr/sbin/NetBootClientHelper[27]: bindToServersFromList: Custom call 201 to LDAPv3 failed.
Dec 7 10:09:43 piperspace-000000000000 DirectoryService[15]: Failed to changed computer password in Active Directory domain
Dec 7 10:09:43 piperspace-000000000000 /usr/sbin/NetBootClientHelper[27]: bindToServersFromList: Custom call 80 to Active Directory failed.

Any insight would be helpful.

Mac OS X (10.6.2)

Posted on Dec 8, 2009 9:43 AM

by Brian Nesse,Solvedanswer
Brian Nesse Brian Nesse
Level 4 (3,027 points)
A:
I believe the workaround for this problem would be to pre-install the helper & names files onto the source volume before imaging.

The basic process would be what is (supposed to be) done by the post install script. If you mount the NetInstall image you've created, and look at /Volumes/NetInstall/var/tmp/niu/postinstall/installClientHelper.sh, you'll get the gist of it. All of the necessary files are located on the NetInstall image.

The problem is that you'll probably just run into the other issue which piperspace posted about, which is the race condition that is keeping the tool from executing properly anyway.

Posted on Jan 5, 2010 9:04 AM

Close
piperspace

Q: System Image Utility 2 - Directory Binding Fails

  • All replies
  • Helpful answers

Previous Page 2

  • by John Agapitos,

    John Agapitos John Agapitos Jan 3, 2010 2:07 PM in response to piperspace
    Level 1 (29 points)
    Jan 3, 2010 2:07 PM in response to piperspace
    Sorry for the lack of my knowledge but when I typed this into terminal I got -w argument not found. Am I supposed to do this on the server serving the image?

  • by piperspace,

    piperspace piperspace Jan 3, 2010 2:45 PM in response to John Agapitos
    Level 2 (305 points)
    Jan 3, 2010 2:45 PM in response to John Agapitos
    You should enter it on the target system after doing your NetRestore. In Snow Leopard - System Image Utility arranges for a program called NetBootClientHelper to be carried along with your install image. This is the agent which is supposed to apply a name or names from your input file to the target system on first boot.

    In my experience the helper program does the rename ok if you force it to retry using this launchctl command. You can type "man launchctl" in Terminal for more info on the syntax. (Use Control + Z to exit the man command. Use sudo in front of the command to make it execute with root privilege.)

  • by John Agapitos,

    John Agapitos John Agapitos Jan 4, 2010 12:00 AM in response to piperspace
    Level 1 (29 points)
    Jan 4, 2010 12:00 AM in response to piperspace
    Thanks for your time on this. I typed the command into the restored image machine and got the same result

    launchctl: Couldn't stat("/System/Library/LaunchDaemons/com.apple.NetBootClientHelper.plist"): No such file or directory
    nothing found to load

  • by Brian Nesse,

    Brian Nesse Brian Nesse Jan 4, 2010 9:39 AM in response to John Agapitos
    Level 4 (3,027 points)
    Jan 4, 2010 9:39 AM in response to John Agapitos
    That's an indication that the helper application was never installed on the client. That, along with one of your previous posts seems to indicate that you are doing a NetRestore from an installed volume. For reasons I've noted in a different thread, this is basically broken in Snow Leopard.

  • by John Agapitos,

    John Agapitos John Agapitos Jan 5, 2010 12:22 AM in response to Brian Nesse
    Level 1 (29 points)
    Jan 5, 2010 12:22 AM in response to Brian Nesse
    Thanks again for your reply. Is there anyway I can fix my master computer of which I create the image from?

  • by Brian Nesse,Solvedanswer

    Brian Nesse Brian Nesse Jan 5, 2010 9:04 AM in response to John Agapitos
    Level 4 (3,027 points)
    Jan 5, 2010 9:04 AM in response to John Agapitos
    I believe the workaround for this problem would be to pre-install the helper & names files onto the source volume before imaging.

    The basic process would be what is (supposed to be) done by the post install script. If you mount the NetInstall image you've created, and look at /Volumes/NetInstall/var/tmp/niu/postinstall/installClientHelper.sh, you'll get the gist of it. All of the necessary files are located on the NetInstall image.

    The problem is that you'll probably just run into the other issue which piperspace posted about, which is the race condition that is keeping the tool from executing properly anyway.

  • by piperspace,

    piperspace piperspace Jan 5, 2010 11:07 AM in response to Brian Nesse
    Level 2 (305 points)
    Jan 5, 2010 11:07 AM in response to Brian Nesse
    I made a shell script as a temporary work around for the race issue. From testing it I'm seeing that Snow Leopard seems to need 30 seconds or so after first boot before it knows what its MAC address is. So, the script retries a few times under launchd control before disabling itself.

    The other hurdle is getting the script installed on the source volume. Mine is a read only disk image (dmg). So first I had to convert it to a read write disk image. Then it was possible to inject my shell script and use the modified source volume as input to NetRestore.

    If anyone would like a copy of the shell script feel free to e-mail me directly.

    cheers

  • by Sheri Nikishin,

    Sheri Nikishin Sheri Nikishin Jan 5, 2010 4:15 PM in response to piperspace
    Level 1 (40 points)
    Jan 5, 2010 4:15 PM in response to piperspace
    None of the custom workflow settings seem to work. We've been dealing with this for months. It's a shame that it doesn't do what's advertisied (or what it used to do fine in 10.5). Even more frustrating that it's taking months to fix this issue.

    http://discussions.apple.com/thread.jspa?messageID=10592492#10592492

    Also, Apple is encouraging us to check out Casper Suite, which I'm sure is great, but I just need what we paid for to work.
Previous Page 2