Help

Active Directory Woes on 10.5 Server

noah_swanson
New Contributor

Posted on ‎07-27-2010 07:43 AM

Yesterday our Mac Server lost partial DNS. I can still access it through its IP and DNS name, but when I tag our domain onto it <server>.<domain>.<company>.com I get no response. I went to unbind and rebind to the domain and Directory Utility locked up the server and required a force reboot. If I open Directory Utility it says the connection is good however, there's no computer account in AD anymore. I then tried to use the dsconfigad command in Terminal only to have Terminal lock up.

Has anyone seen this or know of a way I can unbind without locking up again?

Noah Swanson
Imaging Specialist
Enterprise Desktop Services
Phone: 309-765-3153
SwansonNoah at johndeere.com

0 Kudos
7 REPLIES 7

Kedgar
Contributor

Posted on ‎07-27-2010 07:48 AM

Try daconfigad -rf

This should force a removal from the domain.

Sent from Ken's iPhone

0 Kudos

noah_swanson
New Contributor

Posted on ‎07-27-2010 10:24 AM

Worked great. However, when I tried to rebind, it locked up again. I’m guessing there’s a corrupt plist or cache somewhere…Anyone know the exact files I should trash before attempting to rebind?

0 Kudos

Not applicable

Posted on ‎07-27-2010 10:27 AM

When this happens to one of my Mac servers I delete the Directory Service folder, empty trash and reboot then rebind:

MacHD > Library > Preferences> DirectoryService

0 Kudos

tlarkin
Honored Contributor

Posted on ‎07-27-2010 10:30 AM

Did you fully unbind first?

0 Kudos

noah_swanson
New Contributor

Posted on ‎07-27-2010 10:30 AM

Yep. Full unbind, removed the account from AD even.

0 Kudos

tlarkin
Honored Contributor

Posted on ‎07-27-2010 10:37 AM

Look at the dsconfigldap command to fully force unbind and to clear all
caches

0 Kudos

Not applicable

Posted on ‎07-27-2010 05:02 PM

If you just can't get the server to bind, create the computer object in AD first (with the server's name) and rebind.

Tony S. Wu
tonyswu.mac at gmail.com

0 Kudos