Revisiting Active Directory

Discussion in 'OS X and OS X Apps' started by paparazzi, May 7, 2009.

  1. paparazzi

    paparazzi Well-Known Member

    Joined:
    Nov 4, 2004
    Messages:
    272
    Likes Received:
    31
    I did a search on this topic but found the threads rather outdated. I'm facing quite a challenge today and this is the scenario...

    I am on an enterprise LAN running Active Directory. There is a Windows PC beside me and I can login without any problems to the LAN using the AD login credentials given to me by the company's IT group.

    I am using an MBP on OS X 10.5.6 and I am logged into the MBP using a local account (not an AD account). I have already setup Directory Utility and am connected to the company's Active Directory. This is confirmed in Directory Utility - I have a green light beside the Active Directory Domain and opposite it is the phrase "The server is responding normally." I have also set Kerberos up and I have an active ticket to the AD domain.

    I then log-off and try to log into the MBP using my AD credentials but it just gives me the shake. My username and password are not accepted - thing is, these are the same credentials I use to log into the Windows PC beside me.

    Since I am in a forest, I have already tried to logon using "DOMAIN\USERNAME" as my username to no avail.

    I have played around with the check boxes in the Active Directory advanced settings in Directory Utility but I still cannot login using my AD credentials.

    I really don'y care about LDAP right now I just need to log into the AD domain using this MBP.

    Can anyone help?

    TIA.
     
  2. arelcee

    arelcee Active Member

    Joined:
    Jan 17, 2007
    Messages:
    215
    Likes Received:
    1
    Gender:
    Male
    Location:
    Philippines
    Okay, I don't have any experience with connecting a Mac to an AD domain, but have you tried creating a local account on your MBP with the same username and password as your AD credentials?

    I remember this is how I setup a Linux machine in order for me to be able to connect to AD. That was years ago though, so I can't be sure.
     
  3. paparazzi

    paparazzi Well-Known Member

    Joined:
    Nov 4, 2004
    Messages:
    272
    Likes Received:
    31
    Thanks, Revi - but if I do that I will be using the local user account and not the AD user account.
     
  4. arelcee

    arelcee Active Member

    Joined:
    Jan 17, 2007
    Messages:
    215
    Likes Received:
    1
    Gender:
    Male
    Location:
    Philippines
  5. paparazzi

    paparazzi Well-Known Member

    Joined:
    Nov 4, 2004
    Messages:
    272
    Likes Received:
    31
    Thanks Revi. Tried them already still to no avail. I appreciate the help.
     
  6. arelcee

    arelcee Active Member

    Joined:
    Jan 17, 2007
    Messages:
    215
    Likes Received:
    1
    Gender:
    Male
    Location:
    Philippines
    You're welcome. I wish I could give you more inputs. BTW, its ReiVi (there is an 'i' between the 'e' and the 'v'). :)
     
  7. paparazzi

    paparazzi Well-Known Member

    Joined:
    Nov 4, 2004
    Messages:
    272
    Likes Received:
    31
    Sorry about that, thanks again. =)
     
  8. zChris

    zChris Active Member

    Joined:
    Jun 11, 2004
    Messages:
    348
    Likes Received:
    75
    Location:
    Manila
    Why do you need to login to the AD? I am in the same setup at work and I dont login to the AD upon startup. I am still able to browse the internet using the company network but just need to enter the proxy settings on the browser and need to login with my AD userid and pw everytime I open the browser. I am able to browse both intranet and internet sites.

    I use entourage for my email using exchange 2003 and I just put in the name of the local exchange server and my AD userid and pw and everything seems to work fine.

    However, when my pw expires and i need to change it, I need to do it on a windows machine.
     
  9. paparazzi

    paparazzi Well-Known Member

    Joined:
    Nov 4, 2004
    Messages:
    272
    Likes Received:
    31
    zChris - the only reason I need to log into AD is for that precise reason - password expiration. I don't want to be doing it from a windows machine anymore haha.

    Thanks.
     
  10. mikeygar

    mikeygar Member

    Joined:
    Jun 8, 2004
    Messages:
    28
    Likes Received:
    0
    had this problem before authenticating against a Windows 2000 server. What I did was a combination of adding the computer to the domain using 'AD users and computers' tool then I was allowed to authenticate and use of the 'bind' function of directory utility that wouldn't add it to the AD forest on the first try so your luck may vary.
     

Share This Page

  • About PhilMUG

    Since the mid-1990s, PhilMUG (formerly the Philippine Macintosh Users Group) has grown to become not just the Philippines’ but one of the world’s foremost Apple user groups. Our online community brings together thousands of members from the Philippines and around the world for the latest news and discussions covering all Apple products and related hardware and software. Anyone can join PhilMUG, from newbies to experts, subject to our membership rules and guidelines.
  • Like us on Facebook

  • Buy us a beer!

    The staff works very hard to make sure that PhilMUG is running 24/7. Care to buy us a beer or help out with our hosting fees? We'd really appreciate it!

    Donate to us!