[Casper] AD binding issues

Jeff Strauss jstrauss at loyolahs.edu
Thu Oct 2 08:36:00 PDT 2008 

Actually, I'm using the domain admin account to perform the binding.
Late last night I resolved this by appending a dscl command to remove
Authentication search policy entries to my unbind script. I don't know
why it wasn't working, but it is now. :)

Sent from my iPhone 3G

On Oct 2, 2008, at 8:24 AM, "Brenner, John" <john.brenner at merrillcorp.com
 > wrote:

> Let me see if I understand You get a duplicate machine acct in AD
> after you have bound?  If so it sounds like the acct used to bind
> does not have delete permissions to the machine acct object OR
> ownership of the object is taken by a privileged acct.  Our AD guys
> have give us pretty much God like privileges to the Computers
> container (with the exception of move).  This makes life a lot easier.
>
>
> On 10/1/08 2:45 PM, "Jeff Strauss" <jstrauss at loyolahs.edu> wrote:
>
> OK, so this time it’s an AD binding issue:
>
> Can I delete the /Active Directory/All Domains entry from my
> Authentication and Contacts search policies in Directory Utility
> with Casper? Every time I test my binding procedure, duplicate AD
> entries are displayed. I want to delete the existing one before
> creating a new one with a new bind.
>
> Also, I can’t seem to change the preferred order of the directories
> in the search policies. I want AD to appear before OD, but the dscl
> changei command to change the index doesn’t like me. Can Casper hand
> le this, too?
>
> I have a feeling this should be easier than it’s been and I’m
> doing something wrong...
>
> Jeffrey A. Strauss
> Department of Educational Technology
> Systems Administrator
> Loyola High School of Los Angeles
> 1901 Venice Blvd.
> Los Angeles, Ca 90006
> (213) 381-5121
> [cid:3305787696_247114]
>
>
> ________________________________
> _______________________________________________
> Casper mailing list
> Casper at list.jamfsoftware.com
> http://list.jamfsoftware.com/mailman/listinfo/casper
>
> ________________________________
> John Brenner    |   Merrill Corporation     |   IOG IT   |  651-632-4072
>
> ________________________________
>
>
> <image.gif>
> <ATT00001>

More information about the Casper mailing list