Post(s) tagged with "Lion"

Fix for missing AD security groups in Lion

A few weeks ago i ran into a weird issue on some of our Mac OS X Lion (10.7) machines. For some reason they weren’t able to see all of our security groups under the Network Groups section. I’ve verified that this issue isn’t present in Leopard (10.5) or Snow Leopard (10.6) so i’m assuming this is a “new feature” of Lion. (As of 10.7.3 at least) 

Anyways, when you open “Get Info” for any file or folder and click the plus (+) sign in the Sharing & Permissions section you’ll see what i’m talking about. Select “Network Groups” and scroll through the list:

Missing a few groups, eh?

Here’s the problem. For some reason Lion only displays security groups from Active Directory that contain the “displayName” attribute. Newly created security groups, by default, do not contain this attribute. In order to get the security group to show up properly in Lion you need to fill in this attribute with the security group’s name. 

Here’s how you fix it. Open up the security group in your favorite Active Directory editor. (I prefer to use the one built into ADUC. You’ll need to check the “Advanced Features” option under the View menu to see it.) You will find that the “displayName” attribute is set to <not set>. Let’s fix that. Select the attribute and hit the Edit button and type in the name. 

Hit okay and then apply. BAM! Go to your nearest Lion machine and you’ll find that the security now shows up properly. 

As always, I contacted Apple regarding this bug “new feature” and have yet to hear back from them. I’ve combed through Lion looking for any hints as to why this is happening. For now you’ll just have to manually set this attribute for security groups you need on Lion until Apple releases a fix. If it really bugs you i bet you could write a powershell script to set the displayName attribute of all security groups in your domain. Just keep in mind that you’ll have to set this attribute by hand for any new security groups you create. 

Update: I just confirmed that new distribution groups created from within Exchange (2010 in my case) actually do have the “displayName” attribute corretly populated. So this may just be limited to security groups created from ADUC. (2003/2008/2008r2) 

18 February Permalink
AppleLion10.7Active DirectoryMicrosoftMicrosoft ExchangeNetwork GroupsSecurity GroupsPermissionsBugs

TIL Apple removed support for exporting uncompressed AVIs from OS X Lion (10.7)

We’ve been struggling with Lion ever since it landed on our machines. From the first day we’ve had nothing but problems with it. First we couldn’t get it bind to our Active Directory correctly, then we ran into issues with it not binding when on DHCP, then it started screwing with DNS (E.g. removing A records for our domain controllers), then we found that there was no support for some of the software we need, and now we find that Apple has, in its infinite wisdom, REMOVED the ability to export videos as uncompressed AVIs. And on top of that, no one at Apple knows ANYTHING about this or WHY it was done. The best answer i got, after spending hours of searching online and talking with Apple tech support reps, was that it was a “Quicktime engineering decision” and that “they aren’t privy to that information.” Give me a fu@%!ng break. Apple’s best suggestion was that we export the projects as a .mov files and then find a 3rd party tool to convert .mov files to .avi files. 

Anyways, the short of the long story is that Apple OS X Lion (10.7) no longer supports exporting anything as an uncompressed AVI. This goes for pretty much any application. We confirmed this for Final Cut Pro 7, all of the final cut studio apps, and all of the adobe creative suite apps. I’m not really an expert with Apple products (Though I’m slowly becoming one…) but it appears that all of these apps (FCS and Adobe CS) use the same underlying functionality to export AVIs. The interface that comes up when you actually go to configure the AVI settings is identical across all of these apps. The Apple tech support rep i spoke with confirmed that the interface used to configure these codec settings was indeed an operating system component and not something specific to the application.

This just confirms what i’ve always thought of Apple. They make beautiful well designed products that computer-illiterate people can use and they also push the industry forward by continually innovating. But they do all of this without the slightest concern or care for how it will affect their customers. While this may work in the consumer world, it won’t last long in the business world. Businesses can’t afford to invest in a platform which will continually force them to alter their business processes and spend money just because the vendor decides it doesn’t want to support certain features anymore. In today’s business world, supporting legacy features is a must. And if Apple refuses to do so, they will eventually lose business to friendlier competitors who will. 

And if you don’t believe me, just look at the Final Cut Pro X iMovie Pro X debacle and the major push back Apple received from the industry. You can’t just go cutting out this and that because you don’t think anyone needs it anymore. That’s not how businesses work. 

Now, if i could just find that damn stress ball… 

And yes, i ripped off the TIL (Today I Learned) idea from Reddit… along with the rage meme.  

6 September 6 Permalink
AppleOS X10.7LionFinal Cut ProAdobeTech

Matt Keller

Network and Systems Administrator / Geek / Gamer / Anime Enthusiast / Dubstep Fanatic / Amateur Radio Operator / A/V Nerd


Ask me anything

Follow Me

Lynx theme created by Andrew Stichbury for Tumblr.