I am trying to bind a Lion 10.7 mac to Active Directory

Reviving this thread for input/comments on 10.7.4 update? My AD issues had pretty much been resolved with 10.7.3. After applying 10.7.4, I now have a longer delay on the logon screen before AD becomes accessible. Status is red. Anyone else experiencing this issue since 10.7.4?

I've noticed the opposite, since the 10.7.4 update AD logons are the fastest they've been with Lion. I'd say it's almost good enough to put on a business network.

Same thing here. Was working great under 10.7.3 then applied 10.7.4 and was not bound. Will get bound but cannot keep a binding after restarting. Lots of permission like issues - for example couldn't open terminal until I trashed the plist for it. Wish I could go back to 10.7.3 or get a fix to this problem that makes no sense.

I know I am repeating the question, nevertheless it is a little disappointing since based on the test environment( and 10.7.3) I could easily bind to AD( 2008 or 3) and the Other option was available in logonwindows GUI.

Having got that and reading official documentation of Directory binding, it was embaressing to go to a school and see that I cannot bind and even after 10 times trying either Directory Utility or simple join, at last it bind in one and not in another simillar (new)imac.

Now even with the bind successful in one of them there is no"Other" option to logon.

This would not help IT guys recommending or suggesting anything like binding, since I never know what will happen in next patch or update.

Apple realized it when Legacy FileVault was making issues with some apps when new updates were released and apps did not know how to deal with it and Apple introduced FileVault2.

But when I read about the Binding it appears that this is not,

a-properly documented

b-properly given priority

I found that reverting my search paths to "automatic" (ie, nothing shows under search paths) alleviated my issue. Don't understand why but you might try it...

Thank you for suggestion, I will try it.

Hi Fsck,

I have not gone to the school with the iMac, however I did some experiment in test environment.

I did do what you said but it did not make any difference.

My test environment,

WIndows 2008, Domain; home.local

Mac OS X 10.7.4

.I have joined to the domain, but simply using Join in Users and Groups using Server-2008.home.local

.I made sure the NetBios name and Computer name is the same

.I also included the server IP as WINS server

.Also added server IP in search domains( in the same windows where WINS is defined)

I logged out, still no Other option to logon with network account.

However I restarted the Mac and although at logon screen only local users were available to logon initially, after waiting for 30seconds, the Other option appeared.

This happened in several reboot; always Other appeared and I could logon.

However; Not sure if Mac somehow saves password of the logged on user somewhere( cannot be in keychain).

SInce after changing the password, or perhaps if there are similarities in IDs( local and network), it might get confused.

It

If I accept the conclusion of my experiement is indeed a fact( Other option appears after around 30 seconds, all the time), then for my test environment!

1-It might be something to do with connecting to Wireless. A lag or something. But I connected the mac through Ethernet, same result. So it is not Wireless issue.

2-Using the Ethernet I did not add server IP in the Search Domain and still after 30 seconds I had Other Option and could logon.

So I guess the sysytem startup process relating to connect to AD is somehow lagging. Or negotiating through NetBios or WINS could be a parameter to look into.

I have spent all day trying to get OS X 10.8.3 to bind to Server 2003 R2 AD. Two of us have been searching and reading all these posts, best practices, and so on. After 12 hours we seem to have it working but still get the "Red dot - network accounts not available" at the logon prompt after a reboot, however, we can enter an Active Directory user and logon normally with all expected access to network resources, even a new user that has never logged on to this workstation. Frustrating was that no article or post seemed to accurately address the many factors that we attributed to the solution. I know that this particular post is dated but it seems that many are having the same problems and wonder if I just missed the solutions or if this is still an ongoing issue that some may benefit from our findings. I would be happy to share in one place what we had to put together from so many others that shared.

Thank God I just read your post, skirnan. I literally, just minutes ago, did a Time Machine backup and was prepared to install 10.8.3 .

Not being able to bind to AD is my worst nightmare. I have nearly 300 Macs on an AD network! Although, I am now on on Windows 2008 AD. The only 2003 machine I have in service is my DHCP server. The red dot would generate dozens and dozens of phone calls to my office.

I remember when 10.7 came out. What a disaster. Apple did not get AD working until 10.7.3 . I was buying new Macbooks at the time, with Lion on them and I was downgrading them to 10.6.8 just so I could use them.

I just took a brand new, virgin, right out of the box Macbook Pro, upgraded it to 10.8.3, and bound it to Windows 2008 Active Directory no problem. Maybe the issue is only with 2003?

I have no AD binding problems with OS X 10.8. The problems were only in the early versions of 10.7.