Unduly Noted

I noticed this problem soon after one of the 10.5 upgrades. Running deepfreze on the macs that were bound to a 2003 AD server. These macs were also dual boot with XP but it doesn’t matter if you have a single boot setup the problem still occurs. After a few days the mac would unbind its self from Active Directory (or Open Directory if you are running 10.5 server). Apparently the mac needs to update the trust account password with the server. So every few days it changes it, but after a reboot deepfreeze of course reverts to the old file making it a bad trust and forcing you to rebind.

Without further ado….

on the UNTHAWED macs….

1. login locally

2. unbind from the directory (you have to unbind or it won’t work)

open terminal and type the following (hit return at the end of each line)

sudo rm -R /Library/Preferences/DirectoryService

sudo dsconfigad -passinterval 0

3. rebind to the directory

4. in the terminal again  (hit return at the end of each line):

sudo cp /Library/Preferences/DirectoryService/ActiveDirectory.plist ~/Desktop

sudo chmod 777 ~/Desktop/ActiveDirectory.plist

4. now open the new file on your desktop in textedit called ActiveDirectory.plist

look for this…

<key>Password Change Interval</key>

<integer>0</integer>

Make sure it reads 0  <—yes that is a zero

if it does……

5. freeze and reboot

this essentially is telling the mac never to change the trust account password.

remember…when you run some of the commands you might not get a confirmation

This was a bear with my macs and an 10.5 open directory server with deep freeze on the clients. I finally removed DF and just used proper group policy restrictions (which I recommend over deep freeze for a lab setting any day). But i revisited the problem when a colleague had the same problem.