- Jamf Nation Community
- Products
- Jamf Pro
- Directory Services PLIST
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Directory Services PLIST
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 09:40 AM
Im on a roll today.
Would it be possible to deploy the SearchNodeConfig.plist and ContactsNodeConfig.plist as a policy/MCX. For some reason ALL DOMAINS locks out our users and I have to manually add the correct paths. Would it be possible to just deploy this small file during imaging time?
--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 12:36 AM
Works fine for me.
Regards,
Ben.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 09:48 AM
you can't manage this via mcx, though you can package it for install as part of the default image.
check this for a good template: https://github.com/unixorn/luggage-examples/tree/master/configure_ldap
or, make sure you specify the proper details at bind time rather than fixing it later.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 09:54 AM
No matter what I do, I can't get that to work during bind. I use the JAMF Bind and its all set up right, it just never populate the domain corrects in the DirectoryServices plists.
--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:14 AM
for those of you that were not in the seed, there are multitudes of organizations that cannot get AD to work on Lion, it binds but nobody can login, it won't bind, etc, many bug reports filed, no fixes seen.
--
Todd Ness
Technology Consultant/Non-Windows Services
Americas Regional Delivery Engineering
HP Enterprise Services
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:16 AM
That been my experience here so far.
------------------------------
Tom Tubbiola
Design IT
Ttubbiola at oakley.com
949.900.7705
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:19 AM
I found the fix for us. Basically it involves Unchecking "Allow authentication from…" and updating the Directory Domain Paths.
Too bad JAMF doesn't have the option to declare domain paths in the AD Bind option.
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:23 AM
you could use dsconfigad instead and pass all the details you need. the jamf method assumes defaults, for the most part, but it's basically just using dsconfigad anyway.
might as well roll your own to get the results you need.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:26 AM
Im assuming all my old pre-casper bind scripts will work in Lion.
--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:30 AM
check first. there are new options for dsconfigad, among other things, but i haven't checked yet. never assume…
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:34 AM
Was just going to say, use a script with dsconfigldap or dsconfigad to
set your domain and search paths
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-26-2011 10:55 AM
Im going to test the script in a few seconds here. Ill let you all know the result.
--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-27-2011 10:55 AM
AD Binding is still completely and utterly useless it seems. I can't get anything to work concerning binding and dsconfigad. I had a computer bind then it just unbound itself a few days later and now every time I try doing it manually it tells me the server encountered an error. This is frustrating.
--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group
