- Jamf Nation Community
- Products
- Jamf Pro
- Bind to AD issues
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Bind to AD issues
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-21-2015 05:39 AM
I know we are not the only ones who have experienced issues with the AD occasionally dropping if you use the built-in bind utility on the JSS. I was wondering what others are using that is more reliable but won't break the bank. We are a school that has about 1500+ machines, so money is always a consideration.
The machines are split between Yosemite and Mountain Lion
Thanks
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-21-2015 06:13 AM
We wrote a perl script that runs as a launch daemon at boot and ensures binding is happy, if not it rebinds automatically for me. I believe that if you search the archives of JAMFNation you can find many binding script examples and launch daemons to run them.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-22-2015 08:15 AM
@drioux The JSS's AD Binding leverages dsconfigad & tbh has been rock solid for me.
On the rarity I have had issues, it's AD related. So might be AD that needs to be looked at?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-24-2015 05:42 AM
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-24-2015 07:52 AM
We're using the built-in binding that is supposed to happen upon enrollment. It works perfectly under OSX 10.9 but it is hit or miss with 10.10. Sometimes it will bind to AD exactly as it's supposed to during enrollment. Sometimes it won't bind to AD until after 2 or 3 reboots or an indeterminate about of time has passed. Other times it absolutely will not bind on its own no matter how many reboots we do or how long we wait. In those cases I use Casper Remote to send the command to join AD and that works every time. Once a machine has joined AD (whether automatically or forced), we never have any problems with them disconnecting.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2016 08:20 AM
Did you get this going reliably?
We have a lot of 10.8 student machines that are exhibiting these symptoms. Oddly enough though, if we take them off of our Cisco AP's and put them on a open AP with a different SSID the binding works perfectly. Then we put them back on our network again and its still broken. We have to re-bind them to fix it.....strange...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2016 08:33 AM
@cortday This works pretty reliably for us. Only real issue we've had recently was 10.10.0-2 and crashing on startup.
It sounds like a network communication issue, either something is being blocked (global catalog possibly) or the traffic is being filtered somehow between the device, cisco ap / network and the AD domain controllers.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2016 10:12 AM
For us, the binding delays seem to have resolved themselves. I don't know if it was from an update to 10.10.2 or 3 or 4.... or if it was a Windows server update that fixed it, but it works. All our Macs bind to AD using the built-in tools triggered via JSS policy.
