Q: OS X 10.7.3 Server update - single sign no longer works
Hello,
I recently updated my Server running 10.7.0 to version 10.7.3 and single-sign-on no longer works for my users. The 10.7.3 Lion Server System is bound to our Active Directory Server running on Win2003 R2 Server.
I tried un-binding and rebinding the system but.. no luck.
When a user now tries to login to our shares via AFP with SSO credentials they recieve the message
I can run the id command from terminal on the OS X server and it is seeing AD users. Unfortunately, no one can log into the server shares via AFP with an AD user.
Any help or input would be greatly appreciated!!!
Thank you,
Ray
Xserve, Mac OS X (10.6.6)
Posted on Feb 9, 2012 1:09 PM
Thank you Apple for figuring this out!!!
I called AppleCare and it turns out one of the Apple updates turned on Service ACLs. So only local administrators were able to log in via AFP. Once I opened Server Admin and set the AFP Service URL to accept other users, Single Sign On works again.
Hope this helps another user...
Posted on Mar 5, 2012 8:51 AM
