Permission Denied logging in as specific AD user

tim_rees
Contributor

Hi All,

I had this problem about 2 years ago, with 10.10, and it went away... however, it is back...

When ever 1 specific AD user account tries to log into a 10.12.5 machine that it has not used before, it fails. The logs show everything as permission denied, and there is a lot of lines, so it is hard to find which one actually makes sense.

An identical account, with every thing but the username works fine.

I don't want to trash the account in AD, as it is created by an IDM system managed by our head office, and will take no end of headaches to get sorted, and secondly, it is my account...

Has anyone else seen this? and was there another solution apart from destroying the AD account?

Thanks.
Tim

2 REPLIES 2

davidacland
Honored Contributor II
Honored Contributor II

I've seen this occasionally related to mobile account or home folder creation. Are you using mobile accounts on the Macs your signing into?

tim_rees
Contributor

Hi David,

Sorry had not got back to this for a week or 3... Interestingly, it does it on both Mobile, and non Mobile accounts. I have also joined a brand new installed machine to the domain, with out any JAMF binary on it, etc, and the account works fine... I'm guessing there is something caught in one of my policies which is destroying it...

Looks like its my problem!