Able to manage user groups, but not computer groups

Question

Able to manage user groups, but not computer groups

We finally got Dual Directory up and running. I am able to fully manage groups of users, but when I try and configure groups of computers, they do not work. The basic test was changing the login screen to show directory status and the college name. None of these settings apply.

Are you supposed to add computers to computer groups from the AD realm or the local LDAPv3 realm? During the test, I added the computer from AD by clicking the realm globe and then searching.

Thanks

Mac Mini Server, Mac OS X (10.6.6), Server

Posted on Mar 1, 2011 8:04 AM

Reply

Answer 1

Mar 1, 2011 11:24 AM in response to timcappalli_lsc

Hi

Trying to manage added Computer OUs from AD to OD won't work.

Using WorkGroup Manager click the Computer Group and select the Members tab. Click the three dots icon. Mac workstations joined to OD should be listed. Occasionally managed Computer Groups may not have the MCX applied. This could be due to a number of reasons. One is an applied Power Management Policy. Disable this and use a Local Policy instead. Another possible reason - depends on your structure - is the MCX Compositor may reference the Computer OU from AD as it's listed first in the Search Policy. Make the LDAPv3 directory be the first directory to be searched.

Tony

Reply

Answer 2

Mar 2, 2011 10:09 AM in response to Antonio Rocco

My issue seems to be that no computers other than the OD server are showing up in that list. When I join clients, I first join then to OD then join them to AD.

I'm not sure why they are not showing up in Workgroup Manager.

Reply

Answer 3

Mar 10, 2011 7:54 AM in response to timcappalli_lsc

Are the Mac clients on the same subnet as the server?

Reply

Answer 4

Madmin

Level 1

10 points

Mar 14, 2011 2:19 AM in response to timcappalli_lsc

You can also manually add them.
All you need is the hardware UUID and the Hardware address of the network interface.
If you don't have to many clients this can be an easy solution...

Reply

Answer 5

Mar 30, 2011 3:17 AM in response to timcappalli_lsc

Did you perform an authenticated BIND? If not, that's your problem. The UUID and Ethernet ID are needed or it'll be temperamental at best. You can put them in manually but it's very time consuming if you have more than 10 or so Macs.

Reply