9.81 and El Cap AD Binding

thoule
Valued Contributor II

Recently updated to 9.81 and beginning testing of my El Cap image. While AD binding is working (machine is bound, I can login), the 'Allow Administration by' setting is not taking. User Experience tab is also not being set. Any suggestions?

EDIT: Same AD configuration is working on my 10.10.5 computers just fine..

1 ACCEPTED SOLUTION

ivanlovisi
New Contributor III

i had the same problem, i have disabled the mobile account setting and works fine.

View solution in original post

7 REPLIES 7

mm2270
Legendary Contributor II

Is this when using a built in JSS binding config? If so, does it work if its scripted with dsconfigad?

thoule
Valued Contributor II

The problem is when using the built in binding config. Binding command line or via Directory Utility on the Mac works fine.

davidacland
Honored Contributor II
Honored Contributor II

I haven't tested it but I would probably just work around it with an extra dsconfigad command in the files and processes section of the binding policy.

ivanlovisi
New Contributor III

i had the same problem, i have disabled the mobile account setting and works fine.

View solution in original post

thoule
Valued Contributor II

@ivanbs For me as well, disabling the Create Mobile Account setting allowed the other settings to be applied. I'll ping JAMF and see if they know about this one.

mrhollywoodgate
New Contributor II

I'm experiencing the same thing - my AD configuration works with a Yosemite image configuration, but not El Cap. When I login with a local account, it looks like it's bound, but none of the settings I selected are enabled. Un-binding and using Casper Remote to re-run the same AD binding works - it sets the settings completely correctly, so it seems to just be something about the imaging process.

KCH080208
New Contributor II

Not sure if this means anything but there is a known bug with El Cap and AD Binding in general. I called in a couple weeks back because the few people who had it on our campus could not login to their computer in under 6 minutes. We were able to replicate multiple times.