Active Directory password update not recognized on OS X 10.7.3?

active-directory mac-osx osx-lion

How long has the Mac been bound to your AD environment? If its been a while, and by a while I mean the time it takes for your AD computer objects to negotiate the password change of the computer object. I think on OS X the default is 14 days.

Set how often the computer trust account password should be changed

$ dsconfigad -passinterval 0

I remember this causing some problems for us.


I tried both setting the interval to zero and setting a preferred domain controller, neither of which seemed to have any effect. I also (each time) deleted the "login" keychain and any reference to ActiveDirectory under the "System" keychain. And lots of rebooting. Nada.

Unbinding and rebinding was the only way I could get the login password to take, and it took as soon as I sent my credentials to rebind--in the middle of the session as that user (I was doing this on my own box because I could test different methods with impunity).

I would love to have a less intrusive solution (especially one I could manage via a terminal over ssh), but this is what I have for now.

Related

How can I configure an ASA such that I can use a sub-priviledge 15 user to download the current config from http?
Adding ssh key results in "Connection closed by "
How to disable version 1 and version 2c in snmpd?
Excessive Outbound DNS Traffic
How do I optimize TCP stack for HTTP server?
Options for PCI-DSS on AWS - file integrity monitoring and intrusion detection
Deploy an AWS Auto Scaling groups using Chef Server
Can I re-use IP address of a failed Domain Controller for a new Domain Controller
How to not move permissions on fileserver file move
maintenance/installation of ruby gems/ruby on rails on Linux in general and Gentoo
Can I buy an IP address range without buying from or becoming a member of my regional NIC?
Best way to backup MySQL database server running in Hyper-V