Help

Broken AD + Lion

Matt
Valued Contributor

Posted on ‎08-29-2011 08:17 AM

So 10.7.1 fixes the issues (you have to fix your search policies manually though!) Here is the caveat… the dots don't show up! I had a yellow dot and then fixed the search policies, restarted, no dot, network logged in for the first time… SUCCESS!!!!

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

0 Kudos
4 REPLIES 4

jarednichols
Honored Contributor

Posted on ‎08-29-2011 10:48 AM

How does your manual fix look?

j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

0 Kudos

Matt
Valued Contributor

Posted on ‎08-29-2011 01:03 PM

I spoke to soon. Restarted and it was broken again. Went in an enabled "Allow From Any Domain" and it worked all the sudden (With a red dot!) This is a circus!

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

0 Kudos

jarednichols
Honored Contributor

Posted on ‎08-30-2011 05:19 AM

Interesting. I've not been able to get any logins to work with "allow from any domain." 10.7.1 did give me some improvement, though it still isn't issuing a Kerberos ticket, which is the root of the cached user issue from what I can discern.

j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

0 Kudos

bentoms
Release Candidate Programs Tester

Posted on ‎08-30-2011 05:25 AM

maybe this will fix kerb issue:

http://support.apple.com/kb/HT4100

or as  MIT Kerberos has been replaced with Heimdal, maybe the bel;ow will work??

http://linsec.ca/blog/2011/07/26/kerberos-on-os-x-10-7-lion/

0 Kudos