5 Replies Latest reply: Dec 15, 2011 9:27 AM by entcrs
madeinoz67 Level 1 Level 1 (0 points)

G'day one and all,


I have profile manager up and running successfully, devices can be registered profile changes are pushed to the devices, brillant, love it just what the doctor ordered for my management of my iphones and ipadd!  But the crunch comes when I try and log into the device protal for an active directory user, error reported is they don't have permission to do this.


Active directory users can log in locally via the console successfully, so authentication via active directory is working.


Once logged in locally the user then shows up in the local users list and I can assign them permission, but I don't want users to have the ablility to log into our server before they can use profile manager.  The whole idea is remote users will be able to register their devices where ever they are.


If I (as administrator) log into the profile manager no active directory users are displayed in the user list unless they first log in locally and then I give them permission first as mentioned above, all active directory groups ARE being displayed within profile manager,.


Am I doing anything wrong here?  Anyone in a similar situation?



Mac mini, Mac OS X (10.7.1), Lion OSx server