Hi,
I know there is a large number of topics about AD binding, but I couldn't find a solution for my issue.
Long story short, what was working with El Capitan isn't working with Sierra anymore and that is specifying a DC to bind against.
Our organisation has an external data centre and a number of branch offices, which are all connected via VPNs. The only writable domain controllers are in the data centre, and in the branch offices we have read-only controllers. I was using configuration profile for AD binding where I specified a writable DC which was located in the data centre and all was working fine - computer object was created automatically in AD, and mac computer binded.
This doesn't work with Sierra. Same config, and I get an error. Tried directly with dsconfigad - and nothing.
If I create a computer object prior to binding, mac shows that it's binded, but the computer object isn't updated with computer info and dns, and 801.x profile for wifi isn't installed as a result of this.
For binding tests I am using domain admin account, so all is good with permissions.
Currently the only option for binding a mac to AD is to connect the computer via VPN to the data centre and do the binding, but I need it to work directly from a branch local network.
Anyone has came across such issue and resolved this?
Thanks!