|
#1
May 16th, 2007, 12:19 PM
| |||
| |||
| Question about connections to AD Was about to test this but was thinking maybe someone else might have tried this already..... We have AD/OD setup working and the question came up "What happens if our WAN connection is dropped and we cannot get to one of the Domain Controllers?". Setup Remote site has a Xserver that is bound to AD severing files over AFP. Clients at this site are setup bound to both OD and AD and login is done with AD accounts, the shares on the xserve is setup with OD groups that have AD members, the site has no local DC so if the WAN link is dropped there is no connection to AD. On the clients the accounts are setup as mobile so if the WAN connection is dropped they can still login to the Macs, but the question is will they still be able to mount the shares since the rights are setup with OD groups with AD members?  |
|
#2
May 19th, 2007, 02:48 AM
| |||
| |||
| OD isn't storing the authentication authority information for the AD users in the OD groups - it is only really holding onto the LDAP info such as UID and location of the account. The server will still need the AD for authenticating the user that resides in AD as their true "home" in your domain. They have permissions to the data via OD, but not the ability to login to the server itself without the AD connection. With the mobile user, they'll simply be using the local directory node to authenticate, so they won't have a Kerberos TGT either to access the AFP service on the Xserve on top of it. Michael |
 |
« is this a more reliable solution? OD on OSX Server vs AD on MS SBS 2003?? HELP
|
network booting non-apple OS »
| Thread Tools | |
|
|
All times are GMT -5. The time now is 07:00 AM.
