Cannot Join OS X Lion to Active Directory 2003

I have this problem too

how fix it?

I've been wrestling with this all morning.

I've seen various suggested fixes, but what's (partially) worked for me is repairing disk permissions in Disk Utility. I was then able to bind to the Active Directory domain. Network browsing still seems a little hit and miss, but I'm now able to access shares and the like and my AD permissions seem correct.

I also ran into this issue but managed to get around it.

Normally in Directory Utility you would bind to the domain: e.g company.com.au

When I was binding to my OD server I thought, what the heck, I'll try binding directly to a domain CONTROLLER and it worked like a charm. Obviously far from ideal but at least now I can login with my AD credentials and test things properly.

I bound to the domain through System Preferences rather than Directory Utility. System Preferences -> Login Options -> Network Account Server "Join" button.

I successfully connnected to server.company.com.au (which is a 2003 Domain Controller)

Hope this helps some people.

It seems you are not the only one that cannot join to a Active Directory Domain. I am having the same issues. I have tried all of the usual -- reset file permissions from Command-R at startup, etc. I know the settings work as I have Snow Leopard working just fine. Lion simply doesn't want to play nice. This is the error I am getting:

Aug 23 01:16:24 mysystem System Preferences[544]: -[ODCAddServerSheetController handleOtherActionError: gotError: Error Domain=com.apple.OpenDirectory Code=5202 "Authentication server encountered an error while attempting the requested operation." UserInfo=0x000000000 {NSLocalizedDescription=Authentication server encountered an error while attempting the requested operation., NSLocalizedFailureReason=Authentication server encountered an error while attempting the requested operation.}, Authentication server encountered an error while attempting the requested operation.

I have used the same settings as use with SnowLeopard to no avail. I've even turned the OpenDirectory logging output to debug and nothing is jumping out as to what is going on. Has anyone else has success bypassing this error?

I am getting this same issue - every time I try to bind I get the "Authentication Server encountered an error while attempting the requested operation." error - I have tried different apsswords etc with no joy - I tried rebooting and repairing permissions as well, still with no joy.

We have also tried binding using the System Preferences method (though login items), Using Directory Utility and via Terminal.

I should also mention we tried binding directly to the domain controller and it still did not work.

same here, unable to join any lion machines to my 2008R2 AD - SL still works just fine - tired all thing in this thread as well

I have got to the bottom of the issue at my location - unfotunatley, I don't think it will help many people. The issue we were experiencing is because we where running a script to set the computer name, using the scutil command to rename the system - this was the issue.

Same for me.

dsconfigad syntax has changed somewhat so i had to adjust that in the script... also the searchpath.

My script gives error 5202 initially, but if I reboot, and run it again, it works. Seems like scutil is to blame as I need some user input in order to rename my systems prior to binding them. But for whatever reason the new name is not in effect when dsconfigad is run in the script, and doesn't work until the system is rebooted.

Ok Apple are you going to address the issue???

Oh good! Its not just me....

I raised this issue months ago when the version changed to 10.6.x and was told by Apple Lion would fix it...

It didnt, it fact it made it work... the version of Snow Leopard on the mac mini worked perfectly!

I have had mixed results so far... Initially binding to my 2008 mixed mode domain only worked if we specificed a specific Domain Controller and that has worked with a number of machines, our initial fleet of 5 machines for instance

A few weeks ago my lion client was rebooted and on power up it ahd lost its domain binding and nothing would work to get it back on. Im now stuck using a mobile account version of my account...

My new Lion Server just arrived and im following the same procedure and it doesn't work either giving me fairly generic error messages like the one you initially mentioned that leave me confused... In the middle of this project we upraded to 2008 DCs but are still running in 2000 mode...

We are looking at swapping to mac hard ware for our client base and if this issue isnt resolved I cannot move forward; joining a domain is step 1 of a Windows Install usually...

Thanks

Andrew

I've found the source of this problem for me, and have been able to bind without further issue. Even though I'm connected to the internet, and using the Apple time server, the time on machines is not at all correct, which prevents the machines from binding to AD. I perform the below steps:

1. Change the date and time to the correct values (or within the acceptable threshold of your AD).
2. Restart the machine (will not work if you do not restart).

My machines are now happily binding to AD. 🙂

Josh