Created
June 14, 2013 20:31
-
-
Save triti/5785033 to your computer and use it in GitHub Desktop.
Fixes AD logins in Snow Leopard when userPrincipalNames have changed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ADPLIST=/Library/Preferences/DirectoryService/ActiveDirectory.plist | |
| PLISTBUDDY=/usr/libexec/PlistBuddy | |
| # Backup the Active Directory plist | |
| /bin/cp "$ADPLIST" "$ADPLIST~bak" | |
| # Modify the needed attributes to no longer require the userPrincipalName | |
| "$PLISTBUDDY" -c 'Delete :"AD LDAP Attribs Needed Table":dsAttrTypeNative\:kerberosPrincipal' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeNative\:kerberosPrincipal array' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeNative\:kerberosPrincipal:0 string sAMAccountName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeNative\:kerberosPrincipal:1 string cn' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Delete :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AltSecurityIdentities' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AltSecurityIdentities array' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AltSecurityIdentities:0 string altSecurityIdentities' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AltSecurityIdentities:1 string samAccountName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AltSecurityIdentities:2 string cn' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Delete :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AuthenticationAuthority' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AuthenticationAuthority array' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AuthenticationAuthority:0 string sAMAccountName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:AuthenticationAuthority:1 string objectGUID' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Delete :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:RecordName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:RecordName array' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:RecordName:0 string displayName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:RecordName:1 string samAccountName' "$ADPLIST" | |
| "$PLISTBUDDY" -c 'Add :"AD LDAP Attribs Needed Table":dsAttrTypeStandard\:RecordName:2 string cn' "$ADPLIST" | |
| /usr/bin/killall -KILL DirectoryService |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment