Jamf Nation Community

tomt · ‎04-21-2011

We are getting ready for a domain migration of our Active Directory. I've built a policy that uses the unbindAD script from the Resource Kit and then binds the machine to the new domain. The policy is set up as a self service for our techs only.

The issue I am having is that after the un/rebind there are duplicate entries for Active Directory/All Domains in the Search Policy section of the Directory Utility. They appear under both the Authentication and Contacts tabs.

My thought is to create another script that will run before the rebind to reset the search policy settings to factory (only /Local/Default and /BSD/local). Can anyone point me towards the appropriate terminal command or have any thoughts on this?

Thanks for any help,
Tom
------------------------------
Tom Tubbiola
Design IT
Ttubbiola at oakley.com
949.900.7705

jarednichols · ‎04-21-2011

There's a specific plist that contains this info. If you kill the plist you should be ok. It's in /Library/Preferences/DirectoryService/SearchNodeConfig.plist

YMMV, test test test, I am not a lawyer… Etc…

j
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

tlarkin · ‎04-21-2011

dsconfigldap -r myserver.com

should remove all bindings

jonscott · ‎04-21-2011

I've also used:
dscl /Search/Contacts –delete / CSPSearchPath /whatever
dscl /Seach –delete / CSPSearchPath /whatever

to clear those settings from Contacts and Authentication…

tomt · ‎04-21-2011

Thanks guys, I'll do some testing right now.

Tom
------------------------------
Tom Tubbiola
Design IT
Ttubbiola at oakley.com
949.900.7705

Jamf Nation Community

Command to clear custom paths from Search Policy in Directory Utility?