Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: IamOnline
IamOnline Author
User level: Level 1
0 points

Can't log in to Profile Manager or My Devices with Active Directory logins

I have an OSX Lion 10.7.4 Server set up with Profile Manager and it is joined to AD.


I am able to see AD groups in the Profile Manager groups section.


I can also see and add AD users and groups using the server app.


I have enabled the "Can Enable Remote Management" check box for Domain Users through Profile Manager. I have also added Domain Admins to the Workgroup group in the Server app. I'm not sure that I want or need either of these options, but they were suggestions to try.


I am not able to log on to the Profile Manager or My Devices pages with AD logins.


I found these directions about nested groups in Workgroup Manager http://krypted.com/iphone/integrating-mac-os-x-lion-servers-profile-manager-with -active-directory/ but I don't have a com.apple.access_devicemanagement local group or any groups like are shown in the picture.


Any ideas what I'm missing?


Cheers,


Ian

Mac mini, Mac OS X (10.7.4)

Posted on May 21, 2012 1:12 PM

Reply
Question marked as Best reply
User profile for user: IamOnline
IamOnline Author
User level: Level 1
0 points

Posted on May 22, 2012 1:47 PM

I found the two pieces I was missing:


1) Install the Lion Server Admin Tools

Launch the Server Admin App

Click on the server name in the left pane

Click on the Access button in the upper part of the window

Click on Profile Manager

Either manually add specific groups to the list or if you're feeling brave choose the "Allow all users and groups" radio button


2) Run the command line steps on this page to change the authentication to plain text to support AD authentication:

http://support.apple.com/kb/HT4837


Voila!

View in context
3 replies
Question marked as Best reply
User profile for user: IamOnline
IamOnline Author
User level: Level 1
0 points

May 22, 2012 1:47 PM in response to IamOnline

I found the two pieces I was missing:


1) Install the Lion Server Admin Tools

Launch the Server Admin App

Click on the server name in the left pane

Click on the Access button in the upper part of the window

Click on Profile Manager

Either manually add specific groups to the list or if you're feeling brave choose the "Allow all users and groups" radio button


2) Run the command line steps on this page to change the authentication to plain text to support AD authentication:

http://support.apple.com/kb/HT4837


Voila!

Reply

Can't log in to Profile Manager or My Devices with Active Directory logins

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up