Skip navigation

Augmented records disappear

895 Views 3 Replies Latest reply: Jul 27, 2012 3:16 AM by _Dom_. RSS
Wundorsmith Calculating status...
Currently Being Moderated
Nov 22, 2011 11:41 AM

I am trying to integrate Lion Server Open Directory with Active Directory.

 

I can create augmented records in /LDAPv3/127.0.0.1/Augments, either directly using dscl or through Server.app's function to import users from another directory.

 

However, after I reboot the server, all augmented records disappear.

 

I've been going after this simple goal for many hours, without success. I've gone so far as to do a clean reinstall of Lion Server. But nothing I have been able to do will change the fact that augment records do not persist through reboots.

 

I wonder if this is a bug in my procedure, or in Lion Server. Can anyone confirm that persistent augmented records can be created in Lion Server?

  • Malcolm Rikeur Calculating status...
    Currently Being Moderated
    Jan 25, 2012 5:27 AM (in response to Wundorsmith)

    I too have experienced disappearing augments, with 10.7.2. On my last attempt however, I made a brand new NetInstall of 10.7.2 (as outlined here) and the augments seemed to persist.

     

    However, augments, although still supported by Apple, seem to work very differently in Lion.

    The scenario we have is that we need to log in with AD credentials, and if you're on a Mac, the home folder is mounted from a Lion Server via AFP (we leave the original AD home folder in their profile in Windows untouched, so they can happily go back to Windows) Essentially two home folders.

     

    This was all fine under 10.6 but the "merge" that used to happen on Snow Leopard (i.e. seeing your augments from a dscl search on a boound client) doesn't work as intended, at least not yet.

     

    From Apple's official documentation you can create an augment on a server and connect to that server with credentials on the "master" server. This has to be done now in order to become a member server in an AD domain. Simple example would be... I have a Windows AD user called "bobjones" if I try to access an AFP share on a Lion server using bobjones, it doesn't work, even if the server is bound to AD. You have to create the augment first, then you can access the AFP share.

     

    What I was expecting from augments is a way to "bolt on" various attributes, which would allow me to access my Lion server with AD credentials, this is essentially what Apple say in the on-line guides. First thing I want to do is "bolt on" a Mac home folder, like we did in 10.6 server... that worked great.

     

    Anyway sorry to hijack your thread slightly, but I seemed to have solved the disappearing augments problem by doing a clean install, but I wish to expand upon this to create proper augments which would be great when integrating your Macs into large Windows systems...

  • Alfista_SK Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 16, 2012 7:48 AM (in response to Malcolm Rikeur)

    Hi,

     

    I have a similar problem. I have the macs OD server (Lion) bound to the wins AD server (win 2003). I augment a user, but I can't change the home dir. I try anything on the net but all is for Snow Leopard, and won't work on Lion. And when I try to log from a client mac i have only the shaking.

     

    Please can you tell me how can I change in Lion augmented user the home folder to have it on OD server and other nesesery seting that are needed that can some AD users connect from client macs.

     

    Thanks.

  • _Dom_. Calculating status...
    Currently Being Moderated
    Jul 27, 2012 3:16 AM (in response to Malcolm Rikeur)

    Hi,

     

    Has anyone had any success getting augmented records (magic triangle with homes on a mac server) working yet with Lion?

     

    Thanks

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.