Active directory login breaks after one day
Hello,
i've got a problem with a new macbook pro running 10.6.5 and active directory.
we run a windows 2003 native domain and i want to authentificate against the
domain and allow domain users to log into the mac.
Binding to the domain is no problem, everything looks fine until the next day, when the login screen just shakes the login off...
With the local account, everything still seems fine, the Account utility still tells me bound to the domain (green dot). oThe checkbox for allowing domain memeber to log in is still checked. With dscl i can browse the domain and the see all user accounts and computers.
The one thind that's not working ist "id".
If i try id <domainuser> i only get what seems to be local groups, no group memeberships of the active directory.
The other strange thing is, in the authentificatio options, where i can choose witch domain members should be allowed to log into the mac, it does not show any users....
Stuff that i already looked at is time is in sync, active diretory does not give me errors in the eventlog when i try to log on. I checked the domain with the ms tools and they came back fine. I tried different domain users and they all could not log in, while they are working fine on non mac computers. Also, if i unbind from the domain the ad account of the mac is deleted, so it communicates with the ad.
It seems to me that the macs isn't even trying to authentificate against the ad.
Has any one ever had a problem like this?
Apple support tells me itś a problem with the domain, but if i format and reinstall it works again. The next day, no more login for domain users...
Are there any meaningful logs on the mac that i can check?
At one point i had "domain not in search path" (in german "Domäne nicht im Suchpfad") in the Active Directory tool, but it was only once and disappeared after unbind / bind.
i've got a problem with a new macbook pro running 10.6.5 and active directory.
we run a windows 2003 native domain and i want to authentificate against the
domain and allow domain users to log into the mac.
Binding to the domain is no problem, everything looks fine until the next day, when the login screen just shakes the login off...
With the local account, everything still seems fine, the Account utility still tells me bound to the domain (green dot). oThe checkbox for allowing domain memeber to log in is still checked. With dscl i can browse the domain and the see all user accounts and computers.
The one thind that's not working ist "id".
If i try id <domainuser> i only get what seems to be local groups, no group memeberships of the active directory.
The other strange thing is, in the authentificatio options, where i can choose witch domain members should be allowed to log into the mac, it does not show any users....
Stuff that i already looked at is time is in sync, active diretory does not give me errors in the eventlog when i try to log on. I checked the domain with the ms tools and they came back fine. I tried different domain users and they all could not log in, while they are working fine on non mac computers. Also, if i unbind from the domain the ad account of the mac is deleted, so it communicates with the ad.
It seems to me that the macs isn't even trying to authentificate against the ad.
Has any one ever had a problem like this?
Apple support tells me itś a problem with the domain, but if i format and reinstall it works again. The next day, no more login for domain users...
Are there any meaningful logs on the mac that i can check?
At one point i had "domain not in search path" (in german "Domäne nicht im Suchpfad") in the Active Directory tool, but it was only once and disappeared after unbind / bind.
Macbook Pro, Mac OS X (10.6.5)