Search base for AD is wrong for MCX
| Originator: | Arjen.van.Bochoven | ||
| Number: | rdar://11720422 | Date Originated: | 21-Jun-2012 09:15 PM |
| Status: | Open | Resolved: | |
| Product: | Mac OS X | Product Version: | 10.7.x |
| Classification: | UI/Usability | Reproducible: | Yes |
21-Jun-2012 09:15 PM Arjen van Bochoven: Summary: Using AD to store MCX policies requires that the correct items are found in AD. In Lion the search base changed to CN=MAC OS X, domain root. As it was never required to store things like ComputerLists in this root container, our AD has these stored somewhere else. Steps to Reproduce: Extend AD with Apple schema as outlined in http://www.seminars.apple.com/contactme/pdf/L334436B_ActiveDirect_WP.pdf Create a container like OU=OSX, dc=domain, dc=tld, create a computerist in this container, add some preferences to this list using WGM Bind a 10.7 OSX client to AD, add the client to the above ComputerList using WGM, log into the client, check MCX using mcxquery Expected Results: The user should see the prefs set through wgm Actual Results: 'no data found' Regression: 10.6.x clients see the ComputerlLists and act on them normally Notes: The problem is the Search Base key in /System/Library/OpenDirectory/Templates/Active\ Directory.plist changing the key to "%!" restores the required behaviour
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!