|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hi all, I am trying to get some 10.5 OD servers integrated into a Windows AD infrastructure at a school district. There will be an OD master, a replica, and a deployment server. The only services they will provide is NetBoot/NetInstall, SW Update, and MCX. The school's existing AD domain is called SCHOOL.LOCAL, which is obviously not ideal, but cannot be changed. I have added the Leopard servers to the domain in the following manner: 1. Verify DNS forward & reverse (e.g. macserver1.school.local) 2. Install Leopard Server in Advanced config 3. Update to 10.5.2 4. While still in Standalone mode, bind to AD using Directory Utility 5. Change server role to OD master The result appears to be a working AD-OD triangle, in that Mac clients bound to both will get MCX policies applied. I'm also able to add the OD replica without any apparent problems. My concern is that Kerberos is stopped on the OD master. Is this normal for a subordinate directory server? I have read the newly updated Open Directory Admin guide, but it doesn't answer this question. On page 69 it says "The subordinate server automatically determines that it is subordinate to an Active Directory or Open Directory server and configures itself accordingly." Does "accordingly" mean no Kerberos KDC? Or is this a byproduct of a .local AD domain? I have added both school.local and .local to the DNS search policy in Network Preferences but it makes no difference. If this is not normal, is the solution to create a separate DNS domain for the OD servers, and if so could it be OD.SCHOOL.LOCAL? I don't think I can persuade the district's IT department to add another TLD such as .private. Thanks, Ian _______________________________________________ Do not post admin requests to the list. They will be ignored. Macos-x-server mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
Visit the Apple Store online or at retail locations.
Copyright © 2011 Apple Inc. All rights reserved.