Cannot Join OS X Lion to Active Directory 2003

I'm having the same problem in 10.7.3. I cannot bind using either command line nor GUI. Command line (dsconfigad) keeps giving me "No operation specified nor update requested" for every command. GUI gives me "authentication server encountered an error while attempting the requested operation". I can bind 10.6.8 without problem using the same credentials and commands/methods. So something's going on in Lion... would be nice to know what. (It's not the clock; it's correct and synched.)

https://discussions.apple.com/static/apple/tutorial/tou.html

Nicola: What does that have to do with the discussion?

Kurt Tappe wrote:

Nicola: What does that have to do with the discussion?

Good, it wasn't just ME. I couldn't figure it out either 😕

Sorry guys, I was only answering to the third post of ragenkagen, but without quoting his post it's difficult to see it :-)

I had also binding problems between 10.7.3 and a 2008 r2 AD, with an 'unable to find authenticating server'...but Kaox Krul post (adding the AD server IP address into the DNS and the domain in the search domains) solved my problem :-)

Regards,

Nicola

This could also be a time issue. Workstation time should be within 5 minute range of time set on AD domain controller. Set both AD and workstation to use same NTP server or change time on client/s. If you change policy on time threshold (GPO) and do gpupdate, it did not work. Best bet is to set NTP for both clients and DC to use the same.

Millions Thanks to Kaox Krul. It solved my problem.

Thank you so much ! !

Great didn't look at the clock it worked for me. Thanks!🙂

ℹRemenber ... when you go to put your Mac in Active Directory ⚠THE TIME IS VERY IMPORTANT⚠. I had many problems so when active mine.

ℹMac TIME = Server whit Active directory TIME

I'm having this issue on 10.7.4 in binding to Active Directory. This is working fine on another Mac in the office and all other Macs in the enterprise. It is Active Directory 2003, and binding does not work. The system is up-to-date, and the time is set properly. On the machine that can connect, the time is further off than it is on the problematic machine, so I would say it is safe to rule that out as the problem. Any help would be much appreciated. Thank you.

Hi,

By getting your time from the Active Directory domain controller you will be able to keep your Mac's in sync with AD. In the date & time prefrences just add the IP or Name of your domain controler.

Set Date & Time Automatically just clear what is there and add your domian controller IP addess or server name example.

If any machines ar 5 minutes out in time they will fail to connect...

You are a star. Why did I not think of that?🙂

Try the following, it fixed this issue for me.

First make sure your network settings are using your Active Directory DNS server address.

Next

Open the Directory Utility

HT1194 where can i find the Directory Utility

It's in /Applications/Utilities/ in Mac OS X 10.5 and /System/Library/CoreServices/ in Mac OS X 10.6 and newer. (Response by Niel)

Once open, follow these steps:

1. Unlock so you can make changes and select Active Directory and click on the pencil to edit.

2. The Bind view is now visible

3. Click on the arrow to the left of the words "Show Advanced Options"

4. The User Experience tab is currently selected

5. Click on the tab "Administrative"

6. Check the option "Prefer this domain server" and fill in the fully qualified name of your preferred AD domain controller (thisADservername.mydomainname...)

7. Now above this section, fill in the Active Directory Domain name (mydomainname...)

8. Click the Bind button

9. you are now being prompted for your domain administrators username and password, fill it in (mydomainname\Administrator or some other administrative user)

10. Authenticate.

a message should quickly appear and disappear stating that the prefered domain server is being added to your search path.

Once I did this my machine was added to the domain.

Hope this does it for you as well.

I've been troubleshooting this same symptom on a new Mac with Yosemite 10.10.2.

The problem was indeed that the time was set incorrectly, partly because our firewall blocks outbound NTP connections.

Changing the date & time preference pane to point to our domain controller fixed the problem.