Archive for January, 2009
So, here at CIAS we have been having problems with our Leopard Active Directory machines losing their knowledge of the directory. We would try to unbind the machines, which would fail and require us to do a force unbind. Then, when we go and try to rebind the machines to the directory we would always get the following message.
“Unable to add the domain. An unexpected error of type -14090 (eDSAuthFailed) occurred.” Wonderful….
After numerous attempts at trying to figure out what was going on, our only solution was to reimage the machine. Not really a good solution.
Well, today I had finally decided to spend some time on this problem and try to figure out what was going on. With some help from our local Software Engineering team I noticed that the following directory had a zero byte size file, Mainly the Kerberos plist file for our Active Directory. Hmm, that does not sound right.
directory to look in: /var/db/dslocal/nodes/Default/config/
So, I removed the file with the zero size and then tried another rebind to the directory and it worked. Yes! Everything is now happy.
Command to fix (at RIT): sudo rm /var/db/dslocal/nodes/Default/config/Kerberos:MAIN.AD.RIT.EDU.plist