Question : Mac AD logins

I have a problem with Mac clients that are bound to Active Directory where they intermittently give the error "You are unable to login to the user account "username" at this time. Logging in to the account failed because an error occurred."

Accounts that login perfectly will generate this error a few hours later and then a few hours after that, magically start working again.

I'll include the relevant info below from the logs. It sounds like some sort of DNS issue or something to do with the search path for the AD domains.

6/29/10 9:40:27 AM      com.apple.loginwindow[433]
Tue Jun 29 09:40:27 dss-sscf-macbook.xxx.edu loginwindow[433] <Warning>: CGSShutdownServerConnections: Detaching application from window server

6/29/10 9:40:27 AM      com.apple.ScreenSharing.server[610]
Tue Jun 29 09:40:27 dss-sscf-macbook.xxx.edu AppleVNCServer[610] <Warning>: CGSShutdownServerConnections: Detaching application from window server

6/29/10 9:40:27 AM      com.apple.ScreenSharing.server[610]      Tue Jun 29 09:40:27 dss-sscf-macbook.xxx.edu AppleVNCServer[610] <Warning>: CGSDisplayServerShutdown: Detaching display subsystem from window server

6/29/10 9:40:27 AM      com.apple.loginwindow[433]      Tue Jun 29 09:40:27 dss-sscf-macbook.xxx.edu loginwindow[433] <Error>: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.

6/29/10 9:40:27 AM      com.apple.loginwindow[433]      Tue Jun 29 09:40:27 dss-sscf-macbook.ucsd.edu loginwindow[433] <Warning>: CGSDisplayServerShutdown: Detaching display subsystem from window server

6/29/10 9:40:29 AM      com.apple.WindowServer[659]      Tue Jun 29 09:40:29 dss-sscf-macbook.xxx.edu WindowServer[659] <Error>: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.

6/29/10 10:12:16 AM      com.apple.DirectoryServices[11]      Enter machine password:

6/29/10 10:12:18 AM      com.apple.DirectoryServices[11]      DNS update failed!

6/29/10 10:12:20 AM      com.apple.DirectoryServices[11]      Enter machine password:

6/29/10 10:12:22 AM      com.apple.DirectoryServices[11]      DNS update failed!

6/29/10 10:12:38 AM      com.apple.DirectoryServices[11]      Enter machine password:

6/29/10 10:12:39 AM      com.apple.DirectoryServices[11]      DNS update failed!

6/29/10 10:16:28 AM      edu.mit.Kerberos.CCacheServer[590]      launchctl start error: No such process

6/29/10 10:16:33 AM      com.apple.launchd.peruser.1215583987[588]      (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
6/29/10 10:16:41 AM      com.apple.launchd.peruser.1215583987[588]      (com.apple.Kerberos.renew.plist[738]) Exited with exit code: 1

6/29/10 10:16:41 AM      ServerScanner[734]      Not scanning because node /Active Directory/All Domains is in searchPath

Answer : Mac AD logins

Whoa, sorry about that. Here is the relevant portion.

I resolved the issue by editing the following files as described:

/etc/automount

[[Note: another readers says the above file should be /etc/hostconfig -Ed.]]

Replace AUTOMOUNT=-YES- with AUTOMOUNT=-NO-

/etc/auto_master

Hash out the following lines:

#/net -hosts -nobrowse,nosuid
#/home auto_home -nobrowse
#/Network/Servers -fstab

Basically, as far as I can see this disables all automount features which is fine for AD Integrated setups which don't use any automount features and that have home directories stored on the Windows Servers.

Random Solutions

Automatically do a release build

Roaming Profiles in Windows 7 Pro and SBS 2008

Intel Sata RAID controller on RHEL 4 problem

Rejected emails that were not really sent

Windows XP does not see other computers on the workgroup

How to read a CSV using Windows Command Line

Get earliest and latest dates in a Listview

I need to change the color of a DataGridView scrollbar in C# WinForms

How do I change the style.css with Javascript?

Group Policy - domain controllers