Hello all,
I was wondering whether someone could give me some help with troubleshooting a Mac issue. With the help of Novell, I have created a new DSfW domain on SLES 11 SP2 OES SP1. It seems to be working and all of the post install checks were successful.
I can join Windows-based computers to the domain, but no Mac computers. The same Macs will join a regular AD domain successfully.

When I try to join the DSfW domain on the Mac, I receive a "The daemon encountered an error processing request" and then the Directory Utility hangs. I have to Force Quit the program. A lot of the discussions on the Web mention using Centrify to join the Mac to a domain. I installed the Express version of the program and ran the AD Check program. It is successful. Results pasted below:

SPACECHK : Check if there is enough disk space in /var /usr /tmp : Pass
HOSTNAME : Verify hostname setting : Pass
DNSPROBE : Probe DNS server xxx.xxx.x.xx : Pass
DNSCHECK : Analyze basic health of DNS servers : Warning
: Only one DNS server was found in /etc/resolv.conf.
: At least one backup DNS server is recommended for
: enterprise installations.
: Only one good DNS server was found
: You might be able to continue but it is likely that you
: will have problems.
: Add more good DNS servers into /etc/resolv.conf.

WHATSSH : Is this an SSH that DirectControl works well with : Note
: No SSH daemon running on this computer.

DOMNAME : Check that the domain name is reasonable : Pass
ADDC : Find domain controllers in DNS : Pass
ADDNS : DNS lookup of DC dsfw.example.com : Pass
ADPORT : Port scan of DC dsfw.example.com : Pass
ADDC : Check Domain Controllers : Pass
ADDNS : DNS lookup of DC dsfw.example.com : Pass
GCPORT : Port scan of GC dsfw.example.com : Pass
ADGC : Check Global Catalog servers : Pass
DCUP : Check for operational DCs in example.com : Pass
SITEUP : Check DCs for example.com in our site : Pass
DNSSYM : Check DNS server symmetry : Pass
ADSITE : Check that this machine's subnet is in a site known by AD : Pass
GSITE : See if we think this is the correct site : Pass
TIME : Check clock synchronization : Pass
ADSYNC : Check domains all synchronized : Pass
1 warning was encountered during check. We recommend checking this before proceeding

When I run the AD Join assistant, it fails with the following error:

Using domain controller: dsfw.example.com writable=true
Null adobject
due to unexpected configuration or network error.
Please try the --verbose option or run 'adinfo --diag' to diagnose the problem.
Join to domain 'example.com', zone 'Auto Zone' failed.

When I run the domain diagnostics, the results appear to be correct:

Domain Diagnostics
Domain: example.com
Subnet site: default-first-site-name
DNS query for: _ldap._tcp.example.com
Found SRV records:
dsfw.example.com:389
Testing Active Directory connectivity:
Domain Controller: dsfw.example.com
ldap: 389/tcp - good
ldap: 389/udp - good
smb: 445/tcp - good
kdc: 88/tcp - good
kpasswd: 464/tcp - good
ntp: 123/udp - good
Domain Controller: dsfw.example.com:389
Domain controller type: Windows 2003
Domain Name: EXAMPLE.COM
isGlobalCatalogReady: TRUE
domainFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
forestFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
Forest Name: EXAMPLE.COM
DNS query for: _gc._tcp.EXAMPLE.COM
Testing Active Directory connectivity:
Global Catalog: dsfw.example.com
gc: 3268/tcp - good
Domain Controller: dsfw.example.com:3268
Domain controller type: Windows 2003
Domain Name: EXAMPLE.COM
isGlobalCatalogReady: TRUE
domainFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
forestFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
domainControllerFunctionality: 2 = (DS_BEHAVIOR_WIN2003)
Forest Name: EXAMPLE.COM
Machine is not yet joined.

Other information that I have read seems to indicate that the Mac is looking for the Logon Hours attribute to be set. However, this information all appears to be set.
Any troubleshooting help that you may have would be very welcome at this point.

Thank you very much!

Dennis