BTW.. My spell check changed HIPAA to HIPPO, my apologies for not catching that I hope I do not sound to illiterate.
Jose -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Medeiros, Jose Sent: Thursday, July 21, 2005 10:19 AM To: [email protected] Subject: RE: [ActiveDir] OT: Macintoshes in AD not updating account password Hi Thomas, I like MAC's and Windows and Linux, I am not a bigot. However I have not had an opportunity to join MAC OS 10.4 to Active Directory yet. I have joined 10.2 and 10.3, and used a product called Admit Mac by Thurbsy software http://www.thursby.com/. I did not experience the errors that you are seeing. A word of advice, I am not sure if Tiger yet supports NTLMv2 and SMB signing ( Admit Mac does ) and if you decide to raise your Active Directory Domain level to 2003 Native you may break your Mac's SMB connectivity. Since you seem to be using government email address I am sure that your superiors would want to use the highest level domain security as possible to meet the new Sarbanes-Oxley and or HIPAA law requirements, just keep in mind that your password authentication is probably still using LAN Manager based authentication. Have a great day Jose Medeiros Former Vice President and Postmaster NTEA MCP+I, MCSE, NT4 MCT www.ntea.net www.tvnug.org www.sfntug.org " Why can't we all just get along? " :-) ------------------------------------------------------------------------------ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Thommes, Michael M. Sent: Thursday, July 21, 2005 9:15 AM To: [email protected] Subject: [ActiveDir] OT: Macintoshes in AD not updating account password We have been joining MacIntosh computers running the Tiger OS to Active Directory. One problem that I see is that these computers generate a Security Log Eventid 675 Account Authentication failure record on the domain controllers. Some research shows that the "pwdLastSet" attribute value for the computer account is the date they were first joined to AD. They don't seem to be renewing their computer account password at either the 7 day (NT) or 30 day (W2K, WXP) timeframes like out Windows OS workstations do. Has anyone else experienced this behavior? Bug? Workaround? Thoughts (besides get rid of the Macs, LOL!)? Thanks! Mike Thommes List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
