Problem: A user in EMEA can't log into their AD bound Mac. After investigation it is found that a duplicate name exists in another forest (North America). We have been working around this by renaming one of the accounts.
Possible solution (being tested now): from a command line on the user's machine type disconfigad –namespace domain name and then log in with domain\shortname
See this link for more details: http://archive.netbsd.se/?ml=macos-x-server&a=2008-09&t=8621106
Wednesday, April 29, 2009
Incorrect host names on Mac clients
As many of you are no doubt aware the Mac hostname displayed on the client and in the DNS Name field of ARD are more than likely incorrect. For example, your Mac might be named ldntam-DMX1234 but you get a hostname of OSLggk-DXP5678 or some other random name. This is a problem for applications such as LANDesk which need accurate DNS names associated to IPs.
After much research and many discussions with Apple we have finally received this definitive reply:
“Mac OS X 10.5 clients do not update PTR (reverse) records. The 10.5 Mac
clients will register an A record and the DHCP server must register
the Mac's PTR record. If a PTR record already exists with the IP
address that a Mac has, the Mac will be given the hostname of the
previous PTR record. That is why scavenging and choosing the option
to discard A and PTR records when the lease is deleted is necessary.”
DHCP servers can be configured to either update A and PTR records only if requested by clients or to always update DNS A and PRT records. The problem with the later method is that the server, rather than the client, will own the record and the client’s ACL is not included in the DNS object’s security list. This can cause problems if the client goes to another location, if the DHCP server is changed or if the A and PTR records are not released properly (which happens a lot).
It is also highly recommended that DHCP servers NOT reside on domain controllers. In such a configuration (DHCP and DNS on the same server) MS recommends using an account with DNS credentials to update the DNS records to ensure the integrity of Dynamic DNS updates.
According to Apple, Snow Leopard should have the ability to dynamically update PTR records.
After much research and many discussions with Apple we have finally received this definitive reply:
“Mac OS X 10.5 clients do not update PTR (reverse) records. The 10.5 Mac
clients will register an A record and the DHCP server must register
the Mac's PTR record. If a PTR record already exists with the IP
address that a Mac has, the Mac will be given the hostname of the
previous PTR record. That is why scavenging and choosing the option
to discard A and PTR records when the lease is deleted is necessary.”
DHCP servers can be configured to either update A and PTR records only if requested by clients or to always update DNS A and PRT records. The problem with the later method is that the server, rather than the client, will own the record and the client’s ACL is not included in the DNS object’s security list. This can cause problems if the client goes to another location, if the DHCP server is changed or if the A and PTR records are not released properly (which happens a lot).
It is also highly recommended that DHCP servers NOT reside on domain controllers. In such a configuration (DHCP and DNS on the same server) MS recommends using an account with DNS credentials to update the DNS records to ensure the integrity of Dynamic DNS updates.
According to Apple, Snow Leopard should have the ability to dynamically update PTR records.
Saturday, March 7, 2009
BEUTILITY (BackupExec Utility)
To migrate the BackupExec databases after the server has been migrated to a new domain:
Make sure you change all the BackupExc services so that they launch using a local service account not a domain or local admin account. DO THIS FIRST and then run the beutility.exe app.
The beutility.exe file is located in the in the same folder as the main BE application.
Launch beutility.exe. The option is not so easy to find.. You click on the List of servers, right click on the server name and select "update configuration to reflect new media server name", then fill in the new domain and server name and the old domain and server name.
Make sure you change all the BackupExc services so that they launch using a local service account not a domain or local admin account. DO THIS FIRST and then run the beutility.exe app.
The beutility.exe file is located in the in the same folder as the main BE application.
Launch beutility.exe. The option is not so easy to find.. You click on the List of servers, right click on the server name and select "update configuration to reflect new media server name", then fill in the new domain and server name and the old domain and server name.
Friday, February 27, 2009
Enable random signature in Entourage
- Setup your signatures in tools/signatures
- In the signature put a tick in "Include in random list"
- Close the signatures and go to tools/accounts/
- Double click on your mail account and go to the Options tab
- In the "Default signature" pull-down select "Random"
- Click "OK"
Subscribe to:
Posts (Atom)