Can anyone please clarify what permissions are required for the LDAP Server Account?
What functions does it perform aside from user/group lookup and authentication?
TIA
+5@justin_gray It's just read-only lookup and auth
If that's the case, do you know what account is used or what mechanism is responsible for AD joins? If I recall, there was a change with OS X where a regular user account could not join to the domain.
+25If that's the case, do you know what account is used or what mechanism is responsible for AD joins? If I recall, there was a change with OS X where a regular user account could not join to the domain.
@justin_gray The account you use for LDAP lookups should not be the same account you use for AD binding as the latter will definitely require different permissions. You should ask your AD team about that. You should also consider whether or not you actually need to bind your Macs to AD.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.