AD and LDAP: Cant see groups?

in Genius Bar edited January 2014
I have 200 Macs running 10.3.4 that all authenticate to AD. For the most part, Apple's AD plug-in works fine.

We just migrated our email server from Domino (POP) to Exchange 2003 (IMAP). The AD plug-in in OS X is now providing all of the user LDAP info needed for and Address Book. I haven't had to configure any special LDAP stuff so far. The AD plug-in is providing both the AD authentication info needed for my Macs to log into my Domain and also the contact info needed for email now that we are using Exchange for email.

Except one problem has reared its ugly head:

We just realized that AD email groups do NOT show up in Mail or Address Book. User objects show up fine, but Groups do not. (Example: "" shows up in LDAP, but "" doesn't show up) After calling Microsoft and doing testing, we realized that its NOT a Microsoft issue. For some reason, Apples AD plug-in is filtering out Groups.

Can someone help me figure this out? I am hoping someone else out these is running OS X Macs in an AD environment and also using Exchange 2003 for email services.

I suspect I need to make a modification to the AD plug-in (either in the GUI "Directory Access" app or using the "dsconfigad" command tools). I'm sure I just probably need to make a new entry or pointer to a specific AD object or schema entry in the plug-in. Our AD environment is fairly plain vanilla.

I can expand on this issue with great detail if interested.
Sign In or Register to comment.