During login to Active Directory, Mac OS X 10.5 systems search for
information that is not in Active Directory's LDAP. This causes AD to
slow down for every login to Active Direcory (both logins for Windows
clients and logins for Mac OS X clients).
To fix this behavior on Mac OS X 10.5 systems, download and execute the
"fix-AD-LDAP-search" script or do the necessary steps by hand as described
below.
Fix AD LDAP Search Using The Script
IT Services has writtren a script to perform the steps necessary to
disable your Mac OS X system from doing the unneceeary AD LDAP search.
You can download the IT Services' script from
here (12 KB download).
To run this script, follow these steps:
If the "fix-AD-LDAP-search" disk image was not mounted, double-click on
the "fix-AD-LDAP-search.dmg" file to mount it.
Execute the script by double-clicking on the
"fix-AD-LDAP-search.command" file.
Fix AD LDAP Search By Hand
Do these steps:
Remove the ENetAddress mapping from
/Library/Preferences/DirectoryService/ActiveDirectory.plist:
The <key> is the OID for the macAddress attribute in AD.
The <string> value is the mapping to a native Open Directory
attribute, which Apple calls ENetAddress.
Remove the
/Library/Preferences/DirectoryService/ActiveDirectoryDynamicData.plist
file as this file also contains the cached mappings:
