Binding to Active Directory Fails - Authentication Errors
I've done two clean installs of 10.5 on two separate 1st gen Macbooks, and Active Directory binding to a 2000 or 2003 Server fails with "Invalid Username/Password" when it asks you for the network administrators credentials. I am the network administrator, so I know that the username and password is correct. My system is seeing the correct DNS server and my system time is exactly the same as my domain controllers. Has anyone had this problem? AD binding worked fine with the AD 1.5.6 plugin that came with 10.4. The AD 1.6 plugin in Directory Services seems broken to me.
Macbook 2Ghz Core Duo,
Mac OS X (10.5),
2GB RAM, 100GB HDD
I'm trying to bind my iMac 10.5.6 to an ActiveDirectory domain hosted by a linux server running samba + kerberos.
The bind failed at step 3 with an authentication error.
In the log file of my kerberos server I can find:
Jan 19 19:51:32 passrlsrv krb5kdc[6457](info): preauth (timestamp) verify failure: No matching key in entry
Jan 19 19:51:32 passrlsrv krb5kdc[6457](info): AS_REQ (3 etypes {23 1 3}) 172.16.0.2: PREAUTH_FAILED: xambrosi@PASSRL.LOCAL for krbtgt/PASSRL.LOCAL@PASSRL.LOCAL, Preauthentication failed
My edu.mit.Kerberos file contains:
# WARNING This file is automatically created by Active Directory
# do not make changes to this file;
# autogenerated from : /Active Directory/PASSRL.LOCAL
# generation_id : 0
[domain_realm]
.passrl.local = PASSRL.LOCAL
Unfortunately all tips haven't work for me. The incorrect user/password error itself is ambiguous since my login works on any other machine. I've specified a DC ip, can ping it, added the computer account in ad making sure my account has permissions to add (Domain admins which I am in the group). I thought it might be worthwhile to re-install the AD client plug-in--does anyone know how to do this?
edit: also the directory folders mentioned do not exist on this workstation.
This was great! We've had probably 20-30 machines do this around our organization over the past six months. The only thing I hadn't tried was deleting the /var/db/dslocal/nodes/Default/config directory, so a file or files there must have been causing the problem. I'm hopeful that this will continue to fix the problems when they pop up.