Help with Binding OSX 10.7.3 Machines to Microsoft AD

Millertime
New Contributor III

I'm having a terrible time getting my binding package to work.

Background info--
Clients OS = OSX 10.7.3 Computer Names = Made up of 8 characters 2 alpha and 6 numeric
Directory = Microsoft Active Directory
Method = Casper Remote, to kick off binding package.

I have: 1) Made sure the workstation account exists in the location specified in the Binding package 2) Verified the account I'm using has the proper permissions in order to bind a machine. 3) Attempted to delete and recreate the workstation account.

Though I still get this error every time. Any help would be GREATLY appreciated!

Thanks!
Bill

Sending Wake On LAN command...
Opening SSH Connection to 172.25.2.114...
Authenticating...
Successfully authenticated.
Verifying Computer's Identity...
The MAC Address has been verified.
Checking Operating System Version...
Running Mac OS X 10.7.3 (11D50d)
Verifying /usr/sbin/jamf...
/usr/sbin/jamf is current (8.51)
Verifying /usr/sbin/jamfvnc...
/usr/sbin/jamfvnc does not exist.
Verifying /Library/Preferences/com.jamfsoftware.jamf.plist...
Preparing Policy...
Executing Policy 2012-04-27 at 12:50 PM | USERID | 1 Computer...
Binding AB123456 to DOMAIN.COM...
An error occurred binding to Active Directory: dsconfigad: Node name wasn't found. (2000). (Attempt 1)
An error occurred binding to Active Directory: dsconfigad: Node name wasn't found. (2000). (Attempt 2)
An error occurred binding to Active Directory: dsconfigad: Node name wasn't found. (2000). (Attempt 3)
An error occurred binding to Active Directory: dsconfigad: Node name wasn't found. (2000). (Attempt 4)
An error occurred binding to Active Directory: dsconfigad: Node name wasn't found. (2000). (Attempt 5)
Error: Giving up on Active Directory binding after 5 attempts.
Submitting log to SERVER name....
Finished.

1 ACCEPTED SOLUTION

nkalister
Valued Contributor

check the machine's clock. Last time I had the nodename not found (2000) error the mac's clock was off by 2 minutes from the DC's clock.

View solution in original post

10 REPLIES 10

mm2270
Legendary Contributor III

You used the term "package" a few times in your post. Are you using a physical package to deploy this or is it a binding configuration stored in the JSS?

Millertime
New Contributor III

I'm sorry. Guessing that I'm not using the right jargon yet. :)

Here's what I did.

I went into Casper Admin on my JSS. Created a binding configuration
Launched Casper Remote, and attempted to apply that binding config, by checking the name of the Binding under the 'Accounts' tab.

Bill

mm2270
Legendary Contributor III

No prob. That's what I figured you were doing. Just wanted to make sure you weren't building a pkg with a post flight script in it or something. :)

So, the next step I would try is a manual bind in Directory Utility with the same settings, which you may have already tried. If so, try putting a script together using dsconfigad with the same settings and run that manually.
Something else you could try is on one of the affected Macs, use the jamf binary to bind the Mac (type 'jamf help bind' in Terminal for the full rundown of how to use it)

Lastly, I have seen times when Casper Remote does not properly execute scripts or binding configs as opposed to a regular policy. You could optionally try assigning the binding configuration to a policy and scope one Mac to it, use your everyX minutes check in and let it try to run normally to see if there is any difference.

nkalister
Valued Contributor

check the machine's clock. Last time I had the nodename not found (2000) error the mac's clock was off by 2 minutes from the DC's clock.

Millertime
New Contributor III

Awesome info, and suggestions. I'll get working on them!

btw, I did try this through a policy, though forgot to mention it. --That also failed.--

Thanks again!

Millertime
New Contributor III

That was it!!! The system time was 14 minutes off. I changed it to the actual time, used Casper Remote to kick the binding off. BINGO!

Wow, thank you both so much!

mcqdog
New Contributor

Thanks you SOOOOO MUCH! This is the ANSWER!!!!!

rmanly
Contributor III

a little tip if you are setting this by hand first.

you can put this in a preflight script or whatever to have your package do the work for you.

ntpdate -u yourtimserver.domain.com

neherna
New Contributor

I was having the same problem. I tried everything and it was also the time. Thanks!

Sandy
Valued Contributor II

nevermind