Cannot bind OSX to AD

active-directoryldaposx-leopardosx-snow-leopard

I'm trying to get an mac mini running snow leopard server to join a windows domain here. The windows domain server is running Windows server 2008.

When I go to "Accounts" in my System Preferences, and lick on "Join", I get this error: "Unable to add server. Node name wasn't found. (2000)"

In my console messages I find this:

10-04-06 11:42:25 AM System
Preferences1452
-[ODCAddServerSheetController handleOtherActionError: gotError:
Error Domain=com.apple.OpenDirectory
Code=2000 UserInfo=0x2004f2f80 "Custom
call 82 to Active Directory failed.",
Node name wasn't found.

I specified a FQDN for the domain server, so I am totally confused as to why it would list "domain = com.apple…." in that error.

I've tried firing up the Directory Utility and trying to join a domain via the Active Directory option there. Again I fill in the FQDN, and the proper administrator/password acount info. Now I get a different error:

"Invalid Domain

An invalid Domain and Forest
combination was specified. You should
enter a fully qualified DNS name for
the domain and forest (e.g.,
ads.company.com)."

If anyone has any pointers or suggestions this would be appreciated.

Best Answer

The AD domains are discovered by looking at DNS. There is a resource record added for _ldap._tcp.dc._msdcs for each domain you have an AD domain.

Make sure your OS X box can resolve these DNS entries.

Related Solutions

How to specify LDAP user name for connecting to Active Directory

Figured out the way: it's not your user log-in. It's an LDAP DN like:

CN=My Name,OU=My Company,DC=server,DC=local

Windows – Lync server 2010 Active Directory Preparation with a Windows Server 2003 DC

To prepare the forest and domain for the installation of the first Windows Server 2008 R2 domain controller please perform these tasks:

Lamer note: The following tasks are required ONLY before adding the first Windows Server 2008 R2 domain controller. If you plan on simply joining a Windows Server 2008 R2 Server to the domain and configuring as a regular member server, none of the following tasks are required.

Another lamer note: Please make sure you read the system requirements for Windows Server 2008 R2. For example, you cannot join a Windows Server 2008 R2 server to a Windows NT 4.0 domain, not can it participate as a domain controller in a mixed domain. If any domain controllers in the forest are running Windows 2000 Server, they must be running Service Pack 4 (SP4).

First, you should review and understand the schema updates and other changes that ADPREP makes as part of the schema management process in Active Directory Domain Services (AD DS). You should test the ADPREP schema updates in a lab environment to ensure that they will not conflict with any applications that run in your environment.

You must make a system state backup for your domain controllers, including the schema master and at least one other domain controller from each domain in the forest (you do have backups, don't you?).

Also, make sure that you can log on to the schema master with an account that has sufficient credentials to run adprep /forestprep. You must be a member of the Schema Admins group, the Enterprise Admins group, and the Domain Admins group of the domain that hosts the schema master, which is, by default, the forest root domain.

Next, insert the Windows Server 2008 R2 DVD media into your DVD drive. Note that if you do not have the media handy, you may use the evaluation version that is available to download from Microsoft's website. You can also use an MSDN or Technet ISO image, if you have a subscription to one of them.

http://www.lepide.com/active-directory-management-and-reporting.html

Related Question

Networking – Windows 10 can’t rejoin domain to Windows Server 2003