search

dayglojesus / managedmac

Comprehensive Puppet module for OS X.
http://dayglojesus.github.io/managedmac/
Apache License 2.0
62 stars 21 forks source link

Active Directory profile not applied until after a local user logs in. #29

Closed groob closed 10 years ago

groob commented 10 years ago

My AD settings:

managedmac::activedirectory::enable: true
managedmac::activedirectory::hostname: ad1.school.net
managedmac::activedirectory::username: Administrator
managedmac::activedirectory::password: password
managedmac::activedirectory::create_mobile_account_at_login: true
managedmac::activedirectory::warn_user_before_creating_ma: false
managedmac::activedirectory::force_home_local: true
managedmac::activedirectory::organizational_unit: "CN=Computers,DC=school,DC=net"

I imaged a laptop today and was not able to log in as a AD user, however when I logged in as the local admin, the profile showed up as verified, and the computer was in fact bound to AD. Logging out of the local admin account and logging in as the AD user worked.

dayglojesus commented 10 years ago

Mavericks? Did the machine go to sleep at all?

https://jamfnation.jamfsoftware.com/discussion.html?id=9689

We are having this exact same issue and we are not even using profiles to bind to AD, yet. I do not suspect it to be the fault of the profile, but even if it were at fault, it would not be the fault of the managedmac module, but Apple's own implementation.

groob commented 10 years ago

Yes you are correct. I did the process again, this time rebooting the laptop before attempting to login and was successful.

dayglojesus commented 10 years ago

I highly recommend opening an AppleCare Enterprise support case regarding this issue.

Apple is not giving it the attention it deserves and it likely won't change until they are convinced it impacts enough computers.