What's everyone doing for AD binding execution frequency? I was thinking of setting it to weekly to just rebind every computer using the default JSS Directory Binding.
Does anyone have a script to determine if the trust is broken?
Thanks!
What's everyone doing for AD binding execution frequency? I was thinking of setting it to weekly to just rebind every computer using the default JSS Directory Binding.
Does anyone have a script to determine if the trust is broken?
Thanks!
Best answer by spraguga
@mm2270][/url][/url][/url Yes, I am aware of all that, just didn't realize you can set the pass to not update.
Any who I put this script together pretty quickly to test the current account binding authentication/trust. If anyone wants to use it you'll need to adjust for your environment.
#!/bin/bash
MYDOMAIN='YOURDOMAIN.COM'
COMPNAME=`scutil --get ComputerName | tr '[:upper:]' '[:lower:]'`
SERVICEACCOUNTPASS=`security 2>&1 >/dev/null find-generic-password -ga $COMPNAME$ | cut -d'"' -f2`
echo $SERVICEACCOUNTPASS | kinit --password-file=STDIN $COMPNAME$@$MYDOMAIN
if [[ $? != 0 ]]
then
echo "fail"
else
echo "pass"
fi
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.