Active Directory bound Macs give users the 'shake-off'
I have my server running as an OD master bound to AD. Most of my clients are working fine, but I recently built a new image and with the clients using that image, AD users are unable to log in after about 12-24 hours (hard to say), if I log in locally and rebind to AD then it all works again.
I use dscl in the terminal to determine whether the AD directory information can be reached, usually I'm able to navigate to:
/Active Directory/All Domains/Users >
and list all the AD users. When this problem has occurred it has been known for a:
DS Error: -14987 (eUndefinedError)
to pop up instead of the list of users, but this isn't necessarily the case (sometimes even though I can't log in as an AD user I can read the list from the command line).
I have tried, deleting the machines from OD, rebinding to both AD and OD and completely deleting the Directory Service preference folder but the problem still remains.
The failure to log in 'might' coincide with a failure to properly log out (when logged in as an AD user).
All the clients are running 10.5.6 and so is the server.
I'd be grateful if anyone had any idea where I should start looking to resolve this issue,
Thanks
Mac OS X (10.5.5)