Skip navigation

10.7.3 AD binding still an issue?

12433 Views 22 Replies Latest reply: May 9, 2012 8:41 AM by kenetic111 RSS
  • Strontium90 Level 4 Level 4 (2,895 points)
    Currently Being Moderated
    Feb 9, 2012 3:02 PM (in response to Antonio Rocco)

    So start with the basics.  AD binds are all about DNS and time.  If you don't have these guys in place, then everything falls apart. 


    In the log file you posted, there are a lot of permission denied issues also and the most interesting is the final one that suggests your name servers are down.  About those permission issues.  Have you run a diskutil repairPermissions?  Worth a short.  You should not be seeing all those events in the log.



    09/02/2012 09:17:45.181 rpcsvchost      failed to create secure channel: STATUS_ACCESS_DENIED (0xC0000022)

    09/02/2012 09:17:45.182 authorizationhost      Failed to authenticate user <lsatriano> (error: 9).

    09/02/2012 09:25:29.028 netbiosd         name servers down?


    So, let's try this.  On your Mac, run these commands and make sure you are getting results from your DNS server.  Replace the domain with your actual domain. 


    # LDAP port 389

    host -t SRV


    # Kerberos port 88 TCP

    host -t SRV

    # Kerberos port 88 UDP

    host -t SRV


    # Kpasswd port 464 TCP

    host -t SRV

    # Kpasswd port 464 UDP

    host -t SRV


    # gc (AD Global Catalog) port 3268

    host -t SRV


    If you do not get the DC as a result of any of these, contact your DNS admin to correct.


    Next, are you using round robin DNS?  I've seen issues where OS X will get really annoyed when multiple DNS servers keep responding.


    @Tony, freezing over here also.  Snow, ice, the usual NJ junk for Feb. 


    And yes, I am still crying in my beer over the OS X Server/Final Cut/Final Cut Server/Xsan/Xserve/etc announcments.  Has changed our business dramatically and we've lost just about every pro video shop back to Avid on PCs.  I've grown to accept Lion server since I was doing most everything command line anyway.  But the anemic hardware choices have chased us out of corporate data centers.  It is the worse part of my week (and it is happening each week) to tell a group of designers that their data is moving to Windows servers and we need to rename everything, cause everything to relink, and no longer be able to search reliably. 


    Ah, but Angry Birds now works on the desktop.  I am so excited!

  • Shodan Calculating status...
    Currently Being Moderated
    Mar 30, 2012 6:31 AM (in response to Sinerg1)

    Recently, I've been having the same issues. This is particularly problematic when the drop occurs during an rsync or cron job. have you had any success fixing the issue?



  • derbystar1630 Calculating status...
    Currently Being Moderated
    Apr 9, 2012 6:50 AM (in response to Sinerg1)

    I'm having the exact same issue. I'm testing a 10.7.3 machine in one of our labs. I can bind it to AD without an issue and logins are working fine. But when I come in the next day, network users can't login without restarting the machine.


    Any movement on this? If this isn't fixed by Summer, I'm leaving all of our multi-user, lab machines, on 10.6.8.

  • wintermaul Calculating status...
    Currently Being Moderated
    May 2, 2012 9:21 AM (in response to Sinerg1)



    I am having trouble binding my Lion 10.7.3 to the AD, everytime that I try to contact the AD I have either :


    "Authentication server could not be contacted" or "The daemon encountered an error processing request." and it appears that in the logs you can see :

 [1] ([719]): Job appears to have crashed: Segmentation fault: 11


    Everytime I am trying to bind.


    I check all the DNS requests that you wrote and everything is answering perfectly.


    Anyone having the same issue and solved it ?



  • all-mac Calculating status...
    Currently Being Moderated
    May 4, 2012 6:46 AM (in response to Strontium90)

    Yes... cii.local.


  • kenetic111 Calculating status...
    Currently Being Moderated
    May 9, 2012 8:41 AM (in response to Sinerg1)

    I have a couple of users having the same issue.  They have to reboot their Mac machine every morning inorder to login to their profile. 

1 2 Previous Next


More Like This

  • Retrieving data ...

Bookmarked By (3)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.