Skip to main content
Question

Active Directory Bound Macs UNC issue


Forum|alt.badge.img+3

Has anyone updated active directory bound Macs past Mojave?

I have tried updating to Catalina and newer but every time after logging in to a domain account it just sits there spinning.

The setup is:

  • Active Directory bound,
  • Jamf enrolled,
  • Mobile accounts turned off,
  • Local library folder turned off,
  • UNC Path enabled - So the library should generate on the network folder

Checking /library/logs/DiagnosticsReports/ from a Windows 10 station I can see reoccurring CRASH files relating to accountsd happening between 6-7 times a minute (please see a copy of one of them below). As of typing this up, the client computer is still at the pinwheel stage after 22 minutes and the logs are still reporting the same thing.

Process: accountsd [1987] Path: /System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd Identifier: accountsd Version: 113 (113) Code Type: X86-64 (Native) Parent Process: ??? [1] Responsible: accountsd [1987] User ID: 795780844

Has anyone came accross a similar issue and resolved it?

5 replies

Forum|alt.badge.img+11
  • Contributor
  • 126 replies
  • November 14, 2023

I used to have network based library folders setup in the past. My experience was that they were very sensitive to permissions issues; eventually got away from them, because the permission issues were so pervasive.


Forum|alt.badge.img+3
  • Author
  • New Contributor
  • 3 replies
  • November 14, 2023
mschlosser wrote:

I used to have network based library folders setup in the past. My experience was that they were very sensitive to permissions issues; eventually got away from them, because the permission issues were so pervasive.


What did you go to? Did you just move back to local library folders?


AJPinto
Forum|alt.badge.img+26
  • Legendary Contributor
  • 2725 replies
  • November 14, 2023

We had domain devices until macOS 12, when we finally retired that workflow. There were no issues at the time of retirement. I would suggest starting your testing with macOS 14. Apple is actively moving away from domain binding, look into Platform SSO if you can to replace domain binding.

 

Honestly, I would suggest looking at your domain controllers and the PAC enforcement configuration. Microsoft does not test changes against domain bound macOS devices. In 2021 MS made changes that broke macOS domain binding for about 6 months before finally patching and fixing it. 

KB5008380—Authentication updates (CVE-2021-42287) - Microsoft Support

 

 


Forum|alt.badge.img+11
  • Contributor
  • 126 replies
  • November 14, 2023
lavenderk wrote:

What did you go to? Did you just move back to local library folders?


yea, that is correct; given the other management tools within the mdm; it wasn't as painful as it sounds.


Ismere
Forum|alt.badge.img+7
  • Contributor
  • 66 replies
  • November 15, 2023

We also had issues with the UNC Path. Our Solution was to just not use UNC Paths anymore. For the Network Shares of our Users we wrote a small App that is Mounting there shares based on the Username they logged in with.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings