There are many new features in Leopard that have the Mac faithful excited. Time Machine, Core Animation, changes in iChat and Mail, rumors of ZFS support. However, there is one thing, one fix that I really want. It’s an issue I’ve been dealing with since Mac OS X 10.2: The broken state of Directory Services and Laptops.
All of you reading this fall into two camps: 1) You know what I’m talking about because you have felt this pain before, and are slamming your foreheads against your desk in your furious nodding, or 2) you have no idea what I’m talking about. If you don’t, then I can safely say you don’t often have PowerBooks or MacBooks that are bound to a directory service and boot when that network is not visible.
The basic problem is this. You have a directory service, say either Open Directory or Active Directory. You bind your machines to these services, because they are rather handy. Some of these machines are laptops, and of course they travel. You have a laptop with an active network connection, but your Directory Service is not visible. You hear the tone, and then you wait.
And wait.
And wait.
In some cases, you will wait forever for your laptop to get to the login screen. In others, you will take ten or more minutes even to successfully enter your login credentials, or get to a desktop. Still others will get to the desktop, then watch their machines lock up or simply bog down and never come back. Rebooting won’t fix it, that’s the cause of the problem.
What is the problem? Well there’s two. The first is that, no matter how you adjust timeouts in the various .plist files in /Library/Preferences/DirectoryService, the OS will, rather regularly, decide to never stop looking for your directory service domain controller. The symptoms are easy to spot. Look in system.log. If you see this:
Related Articles |
|
Parallels: Still More Windows on the Mac Apple Adds Automation to Aperture Using Vista and Linux on a Mac Using Vista and Linux on a Mac, Part One
|
machinename / System/Library / CoreServices / mcxd.app / Contents / MacOS / mcxd: DSOpenNode(): dsOpenDirNode(” / LDAPv3 / open directory master DNS name “) == -14002, then you’re in the special section of Hades reserved for booting Mac OS X bound to a directory service with an active network connection off your directory service network.
There are three options here to deal with this. From worse to only somewhat tedious:
1) Never, ever boot your machine when it can’t reach your directory service. Of course, this effectively means “no mobile use.” It will make the problem go away, but it’s not really practical.
2) Always shut down all wireless connections, (i.e. Turn Airport OFF), and disconnect all wired connections before rebooting. This works most of the time, although it has its own attendant problem, which we’ll get to in a minute, and if you have a lockup or kernel panic, well, you can’t really turn off your Airport connection.
3) Once you’ve bound your machine to the network and set up your accounts, delete everything in /Library/Preferences/DirectoryService. This works quite well. You don’t actually need that data most of the time, but I’d keep a copy around for when you do. It’s tedious, but effective.
Next page: a Related Issue
Related Articles |
|
Parallels: Still More Windows on the Mac Apple Adds Automation to Aperture Using Vista and Linux on a Mac Using Vista and Linux on a Mac, Part One
|
Dec 29 15:48:02
Dec 29 15:48:02
Dec 29 15:48:02
If you see this message, then you’re hitting the automount bug, too. The only thing you can do, if you’re fast enough before your machine completely locks up, is to kill all your network connections. That beats automount until it realizes there’s nothing TO automount, and it stops driving your machine into the ground. Here’s an Apple KBase article that sometimes can help: Mac OS X: Resolving login issues with Active Directory plug-in.
However, that’s not a consistent fix. The truth is, using Directory Services in Mac OS X on a mobile machine is really not a great idea without some form of manual intervention on the user’s part. To be more blunt: If you have a laptop in a highly mobile situation, Mac OS X’s Directory Services is broken.
That is the one thing I want fixed, as a laptop user and a Directory Services user, in Leopard: I want Directory Services to no longer be a pain point. If they fix that, the rest will be gravy.