Re: [Fed-Talk] Particular user cannot login with AD account on oneMac - ANOTHER POSSIBLE SOLUTION FOR YOU
Re: [Fed-Talk] Particular user cannot login with AD account on oneMac - ANOTHER POSSIBLE SOLUTION FOR YOU
- Subject: Re: [Fed-Talk] Particular user cannot login with AD account on oneMac - ANOTHER POSSIBLE SOLUTION FOR YOU
- From: Mike H <email@hidden>
- Date: Thu, 9 Sep 2010 08:13:56 -0400
It doesn't appear that he has any Kerberos tickets, nor does anyone else. Unless the tickets show up somewhere other than Kerberos.app in CoreServices? Thanks,
-Mike
On Wed, Sep 8, 2010 at 4:08 PM, Traynor, Paul I
<email@hidden> wrote:
Not really sure this will help, but try purging his local Kerberos ticket cache (someone else will have to tell you how). If it is (n-2) where n=current,
AD will not give him a new one. The same thing can happen on a Windows workstation or even a DC.
I am on 10.5.8 and there is only one AD user who cannot login to the Mac. Anyone else can. Additionally I have verified that he CAN login to a different Centrify-bound Mac.
I tried using /system/library/coreservices/Kerberos.app to get him a ticket, and when he tried to login, we got "Client credentials have been revoked" message. His AD account is not locked, nor is his password set to expire. I was able
to get a ticket, no problem.
Thanks for all the suggestions!
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden