Help

Gather AD Information

noah_swanson
New Contributor

Posted on ‎08-22-2011 10:31 AM

So in my experience, when binding to AD, duplicate Search Policies get created both in the Authentication section and the Contacts section. By leaving these duplicates in, authentication will often fail, or take forever to get logged in.

Open Directory Utility, Click "Search Policy". Under "Authentication", (after a fresh join) I'll have "/Active Directory/All Domains" listed several times; Same thing under "contacts".

What I'm wondering is if I can gather this information using a script. This way I can monitor if someone's system gets biffed. Better yet, If I could use a script to remove the duplicates or set only one.

Thanks all,
Noah Swanson
Imaging Specialist
Enterprise Desktop Services
Phone: 309-765-3153
SwansonNoah at johndeere.com

0 Kudos
Reply
2 REPLIES 2

bentoms
Release Candidate Programs Tester

Posted on ‎08-22-2011 12:31 AM

I've been seeing this issue in SL.

You get the red dot if an old or "faulty" search policy precedes a working one.

Not sure how to correct other than remove all & readd.

Regards,

Ben.

0 Kudos
Reply

Matt
Valued Contributor

Posted on ‎08-22-2011 10:47 AM

Im getting the same issues however in SL it causes no harm, in Lion is causes red dots.

--
Matt Lee, CCA/ACMT/ACPT/ACDT
Senior IT Analyst / Desktop Architecture Team / Apple S.M.E / JAMF Casper Administrator
Fox Networks Group

0 Kudos
Reply