Posted on 10-01-2020 05:18 AM
I've installed BigSur on physical machine and bind it to remote LDAP server which reside behind vpn server.
The bind itself went just fine, but when I try to login or fetch any of the AD users, it fails and although the LDAP seems bounded, the AD nodes cannot be connected (all are offline)
Name State Refs Type External Locked Hidden
/Active Directory 2 X X
/Active Directory/MYSERVERDEV 11
/Active Directory/MYSERVERDEV/All Domains Offline 2 Virtual node
/Active Directory/MYSERVERDEV/Global Catalog 2 Virtual node X
/Active Directory/MYSERVERDEV/myserverdev.com Offline 16 Virtual node X
/Configure 1 X X
/Contacts Online 3
/LDAPv3 1 X X
/Local Online 2 X X
/Local/Default Online 6 X
/Search Online 5
from the logs I could see that the opendirectoryd keep trying to connect the nodes but they remain offline. I wonder if there's any timeout for the connection or anything else that can effect the connection, since the bind itself did work successfully. any ideas ?
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/All Domains nodestate:
starting check
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/All Domains nodestate:
failed to create connection
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/All Domains nodestate:
failed to create connection
opendirectoryd: [com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/All Domains
nodestate: next check in 30 seconds
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/All Domains
nodestate: is still offline
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/myserverdev.com
nodestate: starting check
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/myserverdev.com
service discovery: timed out after 5 seconds
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/myserverdev.com
nodestate: next check in 15 seconds
[com.apple.opendirectoryd:session] /Active Directory/MYSERVERDEV/myserverdev.com
nodestate: is still offline
Posted on 10-01-2020 05:36 AM
As it is still in beta you should post things like this to the developer forum. To add, I believe Apple has a disclosure in the developer agreement that findings and such won't be discussed outside of their developer forums/channels.