Mac OS X Active Directory Binding issues

I think it’s pretty common knowledge that Macs in an Active Directory environment tend to run into binding issues. In our environment we have issues attempting to bind, as well as already bound macs losing binding.

Recently the problem got a lot worse in our AD environment. It’s a rare occasion that I can get a Mac to bind to the domain on the first attempt. Usually I get an error message “Authentication Server cannot be contacted”. If I’m using the Directory Services GUI, I will have to sit at the computer and repeatedly enter the user name and password to keep attempting to bind computer. Sadly, I’ve counted and it’s taken over 30 attempts in some cases to get a computer to bind. Many of my fellow SA’s experience the same problems.

The other problem is that we are a large organization with sites all across the country. The binding issues seems to be isolated to our center. I’ve opened up several tickets with the network and domain controller team, but they can’t replicate the problem on their end. At this point we are stuck in a finger pointing game.

The following commands can help you troubleshoot Active Directory issues with your Mac. Continue reading