Configuration: Mac OS X 10.7 and 10.8 Active Directory Server 2008 R2 Binding using AD Plugin or dsconfigad -add mydomain -username myuser -ou "OU=Computers,OU=Sites,OU=Mysite,DC=mycompany,DC=com"
Works fine. First login happens fine. Creates mobile account, no issues noticed.
However, after I logout, the next login attempt fails, and after only shaking one time, their AD account is locked out.
opendirectory.log makes a vague mention of account being expired but honestly I don't see much in the logs that pops out as useful.
Any help?
Best Answer
I ended up using the AD plugin from Centrify which worked fine. I have abandoned the Apple plugin until they get their act together. Thanks!