scutil to fix AD binding issues in OS X
Why scutil? It is not unusual to run into the occasional hiccup when binding Macs to an Active Directory domain. Most of the time, these issues are easily fixed by unbinding and then rebinding using the GUI. Occasionally, you will run into an issue where the HostName causes issues. These cases can be easily identified when using the Directory Utility because the Computer ID (a.k.a. HostName) will contain characters or symbols unrecognized by AD. Parentheses seem to be the most common. Changing the HostName in System Preferences->Sharing doesn’t actually fix the issue. Instead, open the Terminal app and follow the steps outlined below using the scutil command.
#2 is what I use most of the time to fix the issue.
Procedure
Perform the following tasks to change the workstation hostname using the scutil command.
- Open a terminal.
- Type the following command to change the primary hostname of your Mac:
This is your fully qualified hostname, for example myMac.domain.com
sudo scutil –set HostName <new host name> - Type the following command to change the Bonjour hostname of your Mac:
This is the name usable on the local network, for example myMac.local.
sudo scutil –set LocalHostName <new host name> - Optional: If you also want to change the computer name, type the following command:
This is the user-friendly computer name you see in Finder, for example myMac.
sudo scutil –set ComputerName <new name> - Flush the DNS cache by typing:
dscacheutil -flushcache - Restart your Mac.
When you are finished, you should be able to reopen Directory Utility and successfully bind your Mac to Active Directory. Be sure to double check that everything is working in System Preferences -> Users & Groups. Click on Login Options and look for the name of your domain and the green “jelly bean” indicator.
Additional Resources
Type scutil –help for the complete list of parameters.
Reference: AutoDesk Knowledge Network
