11

I am struggling to bind OSX 10.9 to a 2008 r2 Active Directory. I can join the domain fine when I boot into Windows from the same machine. From OSX I can find the domain controller successfully and have verified consistency of Active Directory service records (using dig -t SRV _service._tcp.fqdn.example.com to check _ldap, _kerberos, _kpasswd or _gc) but I cannot bind to the domain. I am attempting to join a small network with only one DC.

I receive the message: "Authentication Sever could not be contacted. (5200)"

This is the case whatever method I attempt to use (Join from the Users and Groups pref pane, Bind from the Open Directory utility, using dsconfigad from terminal).

I don't think it is a problem with system time as the time on the client and DC are the same.

Any other suggestions as to the problem or direction as to what to look out for in the log files?

Improve this question

3 Answers 3

Reset to default
0

This seem to be an issue with Kerberos, you may check your firewall on the windows machine.

You can run this commands to check whats wrong from the OSX side 

kinit [email protected]

You can also make a trust between OSX Server and Windows AD https://it.uoregon.edu/Magic-Triangle-setup

Improve this answer
0

You can try to use the following software instead, it's free and it works:

PowerBroker Open Project link

PBIS_Mac_OS_X_Administration_Guide Page **9

Download pbis-open for Mac

Improve this answer
1
  • Adam, have you tried the solution I purposed above?
    – Dmitriy Kupch
    Nov 7, 2018 at 20:33
0

most likely a network issue. Anything on OSX that could block traffic? Whole bunch of ports need to be open between client/DC. enter link description here

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .