Profile Manager Embedded AD User Groups Payloads not applying
| Originator: | sims.stu | ||
| Number: | rdar://15220681 | Date Originated: | 14/09/2013 |
| Status: | Open | Resolved: | No |
| Product: | OS X Mavericks Server | Product Version: | GM |
| Classification: | OS X Server | Reproducible: | Yes |
Summary:
If you embed an Windows AD Group within an Open Directory User Group and then add payloads to the OD Group in Apple Profile Manager the payloads are not applied to the AD users when logging onto a Mac Client.
Steps to Reproduce:
1. Add AD Plugin to Apple Server.
2. Setup Open Directory.
3. Setup Profile Manager.
3. Create an OD Group.
4. Add a Windows User Group that has members to the OD Group created in step 3.
5. Find the OD Group created in step 3 in Apple Profile Manager and set some payloads.
6. Logon to a client that is bound to the AD and OD directories as a Windows Users that is a member of the group added in step 4.
Expected Results:
All the payloads that are set in step 5 are applied to the user at logon to a Mac Client that is bound to the AD and OD directories.
Actual Results:
None of the payloads that were set in step 5 are applied when logging on as a Windows User that is a member of the Windows Group.
A repeated error that is seen is : mdmclient[2189]: *** ERROR *** [Agent:1322734990] Unable to proceed with connection to: https://{apple server}/devicemanagement/api/device/connect (com.apple.mdmconfig.mdm) because don't have valid MDM AuthToken
Version:
OS X Server 10.9 preview 9 (13S411) and OS X Server 10.9 GM
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!