Symptom: When attempting to bind a Mac (Tiger or Leopard) the bind process fails when it is attempting to verify the username and password used for binding. The error says something like "unable to verify user name or password, check the user name and password are correct and try again."
Solution:
Make sure you have a modified edu.mit.kerberos file which has been configured for the site you are at.
Log in as admin and enable the root user
Delete library/preferences/Directory Services folder
If it exists, delete the edu.mit.kerberos file in library/preferences
Restart the Mac and log in as root
Attempt to bind the Mac manually. This will undoubtedly fail but that's OK, it generates a new edu.mit.kerberos file which we will need in the next steps
Go to /library/preferences and open up the edu.mit.kerberso file using text edit
The file will be very sparse. What you are looking for is the line that says [libdefaults]. Probably the only thing under it will be "dns_fallback = no". Cut and paste from your modified edu.mit.kerberos file everything under [libedfaults]. DO NOT SIMPLY REPLACE THE KERBEROS FILE! Save your changes and attempt to bind again- it SHOULD work this time.
Once the Mac has bound, go back to /library/preferences and open the edu.mit.kerberos file. Chances are it has changed again. As before, replace everything under [libdefaults] with the entries from the modified kerberos file.
Open a Terminal window and type "id [user name]" and make sure it returns the user's info (a bunch of group memberships and GIDs)
Log out and log back in as the user.
No comments:
Post a Comment