Jamf Nation Community

noah_swanson · ‎09-19-2011

We're having authentication issues at the login screen. Basically, if AD isn't found, the request isn't timing out for at least 10 minutes and some people report waiting "at least an hour." One resolution I've found is to have the airport off at shutdown, then it doesn't have any networks to ping at all.

Does this sound like a reasonable fix? How do I go about using casper to add a logout script to disable the airport? I'm planning on using networksetup to set the airport power to 'off'.

Thanks!
Noah Swanson
Imaging Specialist
Enterprise Desktop Services
Phone: 309-765-3153
SwansonNoah at johndeere.com

Jak · ‎09-19-2011

When users have this issue, is the traffic light on the login screen green?

Not sure if this will help at login, but it definitely helps with the screensaver / wake when resolving AD

sudo /usr/libexec/PlistBuddy -c 'Set :mdns_timeout 5' /System/Library/SystemConfiguration/IPMonitor.bundle/Contents/Info.plist

http://support.apple.com/kb/ts3248

Note, we don't have .local.

Jak.

bentoms · ‎09-19-2011

I found the same, & posted it: http://macmule.com/2011/03/11/slow-login-for-ad-mobile-accounts-when-off-the-office-lan/.

The issue doesn't exist if you AD is externally resolvable (even if it's just a DNS entry).

noah_swanson · ‎09-19-2011

Traffic light is red on all that I've tested. I'll give this a whirl.

Thanks!

noah_swanson · ‎09-19-2011

Perfect!

Thanks!!

Jak · ‎09-19-2011

FYI,

Our AD is internal only and we don't have issues with mobile accounts logging in while off the network.

It should use cached credentials.

bentoms · ‎09-19-2011

Yes, but if you're domain is the same as your In your e-mail. (burberry.com), it will work as it resolves externally.

Even though it's not resolving to AD, it's the lookup & resolution that causes the delay.

Regards,

Ben.

Jamf Nation Community

Adding a logoff script