Help

AD password not syncing on a Mac restored through Time Machine

clearyma
New Contributor III

Posted on ‎09-24-2019 09:02 AM

Bit of an odd issue. I have 2 Macs that were set up within the last year. In each case, the end-user backed up the old one with time machine, we brought the new ones in, and restored using the time machine snapshot. Our Macs are bound to Active Directory and set to create a mobile account at login, and AD passwords must be changed every 120 days. In the case of these two users, when they change their AD passwords, it syncs everywhere except on the Mac. We have to manually reset it to the new password in users & groups. I've rebound the Macs to AD, but they still won't sync. Has anyone seen an issue like this before? Could the time machine restore be affecting the password synchronization for these users?

0 Kudos
1 REPLY 1

edickson
Contributor

Posted on ‎09-24-2019 09:30 AM

From what I've heard/seen in an enterprise environment where Macs are bound to AD, time machine backups kinda screw things up because it is literally a snap shot of the users' account. I think this account doesn't fully authenticate with AD so AD (or at least the domain controllers) don't trust the account, hence, needing to manually change their passwords.

If you can, try going with a solution that doesn't require binding to AD, it will make everyone's day a little easier.

For these users, you may end up needing to wipe the Macs and re-set them up from scratch, including a bind to AD to get them happy with each other again.

Good luck! :-)