Cannot log into AD accounts randomly.

[lotsofjam]

Hey guys, I am looking for a bit of input here. I am ripping my hair out trying to figure out what is going wrong with our macs. We are running 10.6.8
I work at a college that uses Active Directory for all staff and student accounts, but we also have a few hundred macs so we have an Open Directory aswell.

Basically, seemingly randomly, on some macs maybe 1 in 20 just suddenly stop letting anyone log into an AD account. The fix is to take it off AD and OD, delete all Kerberos certificates, delete all files in /db/dslocal/nodes/Default/config, /etc/Krb5.keytab and /Library/Prefernces/DirectoryService then rebind it to AD and OD and that clears the problem.

I have looked in secure.log and it tell me:-
SecurityAgent[146]: Could not get user record for “<user>” from Directory Services
SecurityAgent[146]: User info context values set for “<user>”
SecurityAgent[146]:unknown-user (<user>) login attempt passed for auditing.
We are running osx server 10.6.8 and our AD is 2003
I have looked around but I cannot find an answer. Can anyone here help? Do you need any more information?

What is causing this!?

 

[Kaveman]

I would suggest talking to your Apple Education Reseller, they should have access to the correct Apple support for this.