Problem logging on to AD Domain on OS X 10.9.5 devices over WiFi

cdyson
New Contributor

There seems to have been a problem develop today that the Macbook Pro (Mid 2012) with OS X 10.9.5 will not login to my school domain over WiFi.

When I log in as a local admin on the Macbook a splash screen appears with the body displaying '<HTML><HEAD><TITLE>Success</TITLE></HEAD><BODY>Success</BODY></HTML>' which is the Apple Captive Portal landing page when connecting to a WiFi network. This shouldn't appear every time you connect to a WiFi network. The URL is displayed at the bottom of the splash screen. 'apple.com/library/test/success.html'. This splash screen appears every time I disconnect then connect to a WiFi network. I have attached an image of the splash screen.

When I log out from the local admin account and return to the login screen the WiFi connection is dropped and no domain users can login unless I hard wire the Macbook to a network point.

I have done some research on this and it is affecting a lot of people around the world on different devices and operating systems but with Apple products it looks like it is just affecting iOS devices pre iOS 7 and OS X devices on 10.9.5.

Have Apple flipped a switch in the last 24 hours to make this happen?

c8d6f4d776114f80882d01aebefea1f8

4 REPLIES 4

Aziz
Valued Contributor

Apple messed up

https://www.reddit.com/r/sysadmin/comments/3dd11m/psa_htmlheadtitlesuccesstitle/

cdyson
New Contributor

Still having this problem today.

qhle373
Contributor

We have a popup in our environment, but that's due to Lightspeed on our network. It looks as though your pop-up is a less formatted version of the Lightspeed popup we have. It comes up as it passes the user credentials through to Lightspeed to authenticate it. We do not use the useragent on our macs currently since we have so many other securities on our network to filter.

If you have a Network payload config deployed to the computers, you might want to revisit the certificates on it. It generally needs all the certificates for authentication in order to pass through.

We actually don't run that payload on our small number of macs, and it allows domain users to connect after sleep/wake or logout without having to be plugged in. I have been testing with the network payload / useragent combo without much luck (same issues that other users are reporting on 10.9+). Its not terribly pressing for our environment to have, I have just been working on it to get rid of the Lightspeed pop-up.

cdyson
New Contributor

Hmmmm interesting.

We also have a Lightspeed Rocket web filter and we use the User Agent to authenticate with the Rocket.

I have noticed this window pop up before this incident but only when we have restricted a user's internet access. The Rocket must store something in the User's local profile folder as if some is banned from the internet on a certain Mac then logs off, no users can then login to that Mac unless I delete the banned user's local profile from the Mac's hard drive.

I have tried this already with this problem but to no avail.

We don't deploy any kind of Network Payload config to our Macs through JSS/Casper.