On 11/16/07 12:21 PM, "Stranathan, Dan" <email@hidden> wrote:
> I have a test server up running Leopard Server 10.5.1. I have the server bound
> to an AD 2003 domain. It is providing SMB (Samba), AFP, and iChat (XMPP
> "Jabber") services. My server is also an OD master (this won't happen is my
> "real" production environment, but for testing I have several services on the
> same server to save money). The iChat server is not a KDC. It is using the AD
> Kerberos realm from my AD domain (and I am not using Kerberos for iChat
> anyway, so Kerberos is a moot point)
Well, I could be mistaken, but isn't any type of authentication between your
Mac OS X server and Active Directory using Kerberos? Active Directory users
that need to connect to the iChat server are going to be doing this through
your Kerberos/AD settings on the server.
>
> Is my problem related to have an OD Master on the same server as an iChat
> server (i.e; search policy problem, etc)? SMB and AFP services are
> authenticating AD users fine for file services (both manually and with
> Kerberos SSO), but I cant log into the iChat server with an AD account at all.
> I can, however, log into the iChat server using a *local* account on the iChat
> Server. All my test clients are 10.5.1 Macs running iChat 4.0 (Leopard). The
> local account that connects successfully is not in AD or OD - its a local
> account which exists on the server itself. Forward and Reverse DNS is working.
> The server has a static IP address. The server is an Intel Xserve with 4 GB
> RAM. All my test clients and my server are on the same LAN. This is the only
> message I see from from my jabberd log in Server Admin (Im attempting to log
> in as a valid AD user named "AD_User" to the server named "ichat_server"
Apple has updated their knowledge base extensively since Leopard Server's
release. I have the feeling this article applies to your situation:
http://docs.info.apple.com/article.html?artnum=306749
There are several other Active Directory/Leopard Server related articles
here:
http://search.info.apple.com/index.html?search=Go&lr=lang_en&kword=kmosxserv
er105&&news&q=&type=ktech+OR+klearn
If that doesn't work, I'd suggest changing the Open Directory role from "OD
Master" to "Connected to a directory system". I have iChat working with a
combination of the article I listed above and the OD configuration I just
suggested.
Good luck,
--
Ted August
Macintosh Technical Specialist
University Computer Labs
Salve Regina University
100 Ochre Point Ave
Newport, RI 02840
(401) 341-2499 | email@hidden
http://macsupport.salve.edu [On Campus Only]
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
