AD Bound Network Account Fails AFP Mount

Similar Messages

• Mountain lion server network accounts are not mounting network home directory, rather its creating a blank local directory

  I have set up a scratch mountain lion server with open directory.  copied over old user account directories and added my users that match the directory ids.  Currently if a networked user logs into a networked computer, instead of mounting the network home directory, its creating a local home directory.  suggestions?
  thanks,
  Dave

  Additional info: it appears that certificates are not working either: setting up ical: "the certificate for this server was signed by an unknown certifying authority."...

• Systemd failing to mount a network share

  I just installed systemd and I'm having some problems getting it to reliably mount the network shares I have listed in /etc/fstab.  In case it is relevant, I should note that I have opted to install systemd alongside the usual initscripts.  I've created two different Grub menu entries to select between the two systems during boot.
  The relevant fstab entries are as follows:
  //192.168.1.54/MP3z /mnt/MP3z/ cifs _netdev,password=foo,uid=foo,gid=foo,file_mode=0644,dir_mode=0755 0 0
  //192.168.1.100/share /mnt/share/ cifs _netdev,password=foo,uid=foo,gid=foo,file_mode=0644,dir_mode=0755 0 0
  //192.168.1.100/docs /mnt/docs/ cifs _netdev,password=foo,uid=foo,gid=foo,file_mode=0644,dir_mode=0755 0 0
  This is what I've observed with respect to mount failures:
  The share at 192.168.1.54 mounts every time without fail.
  Usually, one of the other two shares at 192.168.1.100 will fail to mount while the second share at the same ip address will succeed.  Which of the two that fails is apparently random.
  Only very occasionally will both shares at 192.168.1.100 mount successfully.
  So far, I have never seen both of these shares fail to mount on the same test run.
  I have tried changing the order of the fstab entries but it doesn't seem to affect things.
  I've tried adding the "noauto" and "x-systemd.automount" options to my fstab entries.  This seems to make things work although with this setup I think the shares are mounted the first time they are browsed, not during starup.  With these mount options set, the system hangs on shutdown with either the messsage "Unset automount mnt-share.automount" or "Unset automout mnt-docs.automount".
  I thought perhaps that this is happening because my network connection isn't being started in time to mount the shares correctly.  Though, I thought systemd handled these sorts of dependencies without any explicit configuration required.  Perhaps this has something to do with the two shares being on the same host (192.168.1.100)?  I don't have any problems with the third share at 192.168.1.54.
  Can anyone shed some light?
  Last edited by battlepanic (2012-08-15 19:28:05)

  I had the same problem. While logged in as root, I can't use an alias or Cmd+K to connect to a server, but it works fine as any other user. I tried the link above and after reading the mount_afp man page, it describes two steps needed to mount a server. Here's what I had to put in Terminal to mount a share called Installers:
  The root account does not seem to be getting past the first step when using Cmd+K or an alias to a network share, although this worked in previous versions of OSX.
  This problem was not fixed in 10.7.1

• SL bound clients can't logon Lion Server network accounts

  Sorry if this has been covered or resolved elsewhere elsewhere, if so please point me in the right direction!
  I posted this in a different thread and it was suggested this one would be more helpful.
  I've spent all day with a new mac pro with Lion Server installed trying to set up a small network. Created an OD Master (from the Server App) then used WGM to make accounts. From the Server app I'd created sharepoints (where has File Sharing gone in Server Admin?) one of which was enabled to be used as home directories for which I configured back in WGM. I then bound SL clients computers to OD making sure there were no hypens in the computer names and allowed all network users to logon onto the machine as well as adding the Lion servers IP address as a DNS record.
  The problem is, I go to logon with the network account and it starts to logon, i.e the icon expands rather than shakes then stops with the not very informative error  "Cannot log you on because an error occurred".
  The bound clients appear in WGM. The user accounts look ok. I've not enabled SSL on anything. This is really frustrating.
  Any help much appreciated.
  Regards,
  Evan

  Sorry if this has been covered or resolved elsewhere elsewhere, if so please point me in the right direction!
  I posted this in a different thread and it was suggested this one would be more helpful.
  I've spent all day with a new mac pro with Lion Server installed trying to set up a small network. Created an OD Master (from the Server App) then used WGM to make accounts. From the Server app I'd created sharepoints (where has File Sharing gone in Server Admin?) one of which was enabled to be used as home directories for which I configured back in WGM. I then bound SL clients computers to OD making sure there were no hypens in the computer names and allowed all network users to logon onto the machine as well as adding the Lion servers IP address as a DNS record.
  The problem is, I go to logon with the network account and it starts to logon, i.e the icon expands rather than shakes then stops with the not very informative error  "Cannot log you on because an error occurred".
  The bound clients appear in WGM. The user accounts look ok. I've not enabled SSL on anything. This is really frustrating.
  Any help much appreciated.
  Regards,
  Evan

• Lion Server network accounts not working on some computers.

  Hello all -
  I'm currently having an issue with network accounts working on some Macs but not others. I have a Mac Mini and a MacBook Pro. The Mac Mini works fine and I can login and sync my network account with the server just fine. However, I cannot connect to it from my MBP.
  When I try and connect I get an error that says "You are unable to log in to the user account "xxxx" at this time. Logging in to the account failed because an error occurred."
  If I login through console (by typing in ">console" in the username field) I get an error that says the user does not have a home directory...
  I have searched numourous other forums but I have not found a solution that seems to solve this problem. I have unbound and re-bound my client to the open directory and I have restarted file sharing. Neither has solved the problem. I have a feeling the issue originates somewhere on the MBP since I can log in to the Mac Mini without any problems.
  Anymore suggestions?

  Thanks for your suggestion, SolidWood. Unfortunately it didn't help.
  After a 90 minute phone call with AppleCare, this issue has finally been resolved. Here is what the solution was. Turns out it was pretty simple but it took a while to find it.
  First we created a test user and left the home folder set to Local Only in the Server App. I was successfully able to login with the test user on both clients but since there were no mobility preferences set, it was pretty basic.
  Then, we removed the Users sharepoint from file sharing, turned off file sharing to disconnect any users, and restarted the server. Then we created a new folder on the Server HD with a random name. We chose Darron. We created a new sharepoint in file sharing (with it still turned off), and shared the new folder called Darron. Double click on the sharepoint and scroll to the bottom and check the box that says "Make available for home directories over AFP". Then we restarted file sharing.
  Then we opened Workgroup Manager, clicked on the problem user in the left sidebar, clicked on the Home option at the top, and there were three things listed:
       (None)
       afp://servername.com/Users
       afp://servername.com/Darron
  Then we removed the Darron sharepoint from file sharing, and found that it was still listed as a home directory under the problem user.
  This was the root of the problem. The system didn't know which path to use as the home directory.
  Sooooo...
  In the server app, we opened the Directory Utility (Tools in the menubar, Directory Utility). Clicked on Directory Editor. Authenticate to the directory using the diradmin login. Changed view settings to match this below:
  In the left column, there were two paths listed for home mounts. We deleted both of them, saved changes, and closed directory editor.
  Then, we restarted workgroup manager and both paths had been deleted from the users home listings. This was begining to solve the problem.
  In the Server App, we recreated the users sharepoint, made it available for home directories, and restarted file sharing and workgroup manager. Now only one path is listed for the home folder for all the users.
  This solved my problem of not being able to login on the MBP. The system synced the home folder and all was well. On the Mac Mini, I had to delete the problem account, un-bind from the network server, re-bind, and recreate the account. Now both clients are sycning perfectly and all is well.
  Thank God I bought AppleCare! Thanks to everyone else for their help and suggestions.
  As a recap, the problem of not being able to login to the MacBook Pro was caused by having multiple paths to the multiple home folders. These rogue paths were added somewhere in the troubleshooting process to try and recreate the home directories before I called AppleCare. To solve this, we had to remove the directory listings from accounts using Directory Editor, remove and recreate the users sharepoint in file sharing. The syncing problem on the Mac Mini was also created when multiple paths were introduced. The system didn't know which files to use.
  Taylor

• Cant login multiple network accounts on the same client?

  Setup:
  I have created a simple Lion Server on a new i7 Mac Mini. I have configured Open Directory in Master mode and have setup 4 user accounts. I have enabled the File Sharing service and checked the "Make available for home directories" option on the "Users" file share. I have configured each of the 4 user accounts to use this location as the home folder. I have connected my client machines (all OSX Lion) to the Network Account Server.
  Problem:
  I can log one user into the client machine, but when using "Fast User Switching" and logging on as the second user I get the following error:
  "You are unable to log in to the user account "guestaccount" at this time. Loggin to the account failed because an error occured"
  In the console if I search for that user account the related error message is:
  11-07-31 12:30:54.993 PM authorizationhost: ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:username:] | PremountHomeDirectoryWithAuthentication( url=afp://inntaserver01.local/Users, homedir=/Network/Servers/inntaserver01.local/Users/guestaccount, name=guestaccount ) returned 16
  Any thoughts as to why the Home Folder "mounter" failed in this scenario?

  Historically you have never been allowed to use Fast User Switching to log in multiple network logins on the same client machine. This certainly applied with Tiger, Leopard, and Snow Leopard. I have not yet personally tried this with Lion.
  I believe that the underlying reason for this not being allowed is down to how AFP volumes are mounted. The AFP mount becomes 'owned' by the user that triggers the login. With a network login the first user becomes the owner and this means subsequent attempted network logins are denied access to that share and hence cannot access their home directories.
  With Tiger, Leopard, and Snow Leopard servers, one could configure network home directories to be shared via NFS instead of AFP. NFS gets treated a lot different in terms of mounting, and is done more at a system level than a user level. While again I have not personally tried Fast User Switching with NFS shared home directories, this approach is specifically recommended by the authors of AquaConnect (a Macintosh Terminal Server solution) in order to allow multiple logins on the same Terminal Server. This seems to be for the same underlying reason. Using NFS does certainly work for use with AquaConnect and also works for the competing iRAPP Terminal Server product as well.
  Unfortunately, Lion Server while it can be made to run an NFS server, will not let you configure using NFS for sharing home directories. I have actually reported this as a 'bug' in Lion server.
  Neither the authors of AquaConnect or iRAPP have actually tested this scenario with Lion server yet, but AquaConnect do plan to investigate it. It could make it considerably more difficult to use their products.
  So in summary, using NFS to share network home directories in theory would avoid the problem and can be done with a Tiger/Leopard/Snow Leopard server, but cannot be done with a Lion server. It is possible however to mix Lion with older server versions. This might for some people be a possible workaround.
  PS. A bonus side-effect of using NFS shared home directories was that this allowed badly written software like Adobe's applications which are otherwise notorious for having major issues with network logins and home directories to work without errors. As an example Adobe Acrobat Pro introduced a bug in version 7.0 which prevented it being able to print-to-PDF (one of the major reasons to buy Acrobat Pro). It tooks two years for them to eventually fix this in Acrobat Pro 8.1 (I know because I spent that two years nagging them to fix it and was a beta tester). Unfortunately they then reintroduced the bug in Acrobat Pro 9.0. Fortunately I discovered this side-effect got round the issue although a clunkier workaround was also possible for Snow Leopard clients by redirecting certain folder paths.

• Error message: "Logging into the account failed because an error occurred."

  Hello,
  We had an XServe G5 2.0 DP 5GB/80/2x250 running Mac OS X 10.3.9 Server with all updates as a main server for a school. The server provides Open Directory Master as well as File-Sharing (AFP and SMB) and e-mail services to about 30 teachers and 300 students. The user home directories reside on the server. A web server also runs on the machine. The students use a pool of laptops, which are configured with a local guest and admin account as well as access to the server-based home directories with Directory Access. The server had the OS running on the 80 GB hard drive and all data (Home directories, mail database, website, etc. were on the two mirrored 250 GB drives.) All was working well until...
  A few weeks ago, one of the two 250 GB died. We decided to use the opportunity to upgrade the server and set it up with 3 x 750 GB, two drives running as a mirrored pair to hold OS AND Data, the other as a stand-by unit to help replace a failing drive.
  We migrated the OS and all data from the previous drives without a problem. Since now, all data is residing on one pair of drives, we put the data from the old "Data" drive in a folder on the root level of the new HD pair. We wrote a script that launches at startup which creates the symlink in /Volumes/Data to link to /Data. We thought that with this, all would be well.
  However: When any user tries to log into his account from any iBook (10.3.9 or 10.4.11) (wirelessly), he gets the message:
  "Logging into the account failed because an error occurred. The home folder for the user account is located on an afp or smb server. contact your system administrator for help"
  If the user logs in to the guest account on the iBook, then accesses his home directory via file-sharing, he can see (read/write) all his data. So, the data and privileges seem to be OK, as well as Open Directory working correctly. Mail and the web work well also, as does logging in to a user account from one of the PC's (wired).
  Can anyone make any suggestions as to how to fix the situation? Currently, the users are using the guest accounts and accessing their data via filesharing, as well as using webmail for their e-mail, but this is a major nuisance.
  Any help will be greatly appreciated.
  Best regards,
  Alain Chammas
  A user trying to access his account from a PC (wired) has no problems.

  A good number of folks are having problems with this same error message at login, and nobody seems to have found a fix.
  I believe I have stumbled upon, if not a solution, at least part of the answer. If you're logged into a 10.4 workstation, open a Finder window and click the "Network" icon. The first time you do this, you'll only see "Library" and "Servers" icons, but if you let it sit for a moment, other folders will magically appear. One of these is "My Network" which is the critical part.
  In Workgroup Manager, edit one of your users' home directory configuration. There's a URL piece, usually "afp://server.domain.com/Users" (which is what shows up in the window when you click on the "Home" tab for that user), and then there's a "Home" path that is usually something like "/Network/Servers/servername/Users/username". Trouble is, you've noticed that 10.4 doesn't put servers into the "Servers" path, but rather into the "My Network" path.
  So, if you change that "Home" path to read "/Network/My Network/servername/Users/username", it should work--with one caveat. Apparently 10.4 doesn't create the "My Network" path on a given client until you actually browse the network on that client. If you haven't logged into a 10.4 workstation and browsed the network, the "My Network" path won't be there, and you'll still get the error. Login as a local user, browse the network (so that the "My Network" folder shows up), logout, and then login as an Open Directory user, and it should work.
  I'm betting that 10.3, 10.4, and 10.5 all handle this issue differently, so if you're in a mixed-version situation, you may have to experiment to find a workable fix.
  Derndest thing I ever saw.

• Logging in to the account failed because an error occurred

  I've been looking after Mac's in an ophthalmologist's office for about 6 years.  We initially used Panther server with networked home directories.  With the large images, slow computers, and slow network we moved about 4 years ago to local accounts and local home directories using a Leopard Server for file sharing and print serving.  About a year ago we moved to a Mac Mini Server but kept local home directories.  We would like to move back to networked home directories and implement group folders for sharing.
  I have another Mac Mini Server at home and am trying to set up a test environment but am having trouble getting networked home directories to work.  I'm trying to log in using my MacBook Pro.  Both machines are at 10.6.8.  I followed the outstanding setup instructions from
           http://www.wazmac.com/servers_network/fileservers/osxserver_setup/osxserver106_s etup.htm
  but omitted the part of setting up the groups.   I just set up an account, Test1 but am unable to log in using it.  I can log into the account and access the home folder through my finder though.  When I try log in I get:
           You are unable to log in to the user account "test1" at this time
            logging in to the account failed because an error occurred.
  I have looked for several days now and have found no answers that have resolved this.
  My DNS tests fine and it appears that my password is working.  I have turned off all the services  except for AFP, DNS, and Open Directory.  The home folder is on the second drive /Volumes/MacHD2/Homes/test1 and it is set for automount and home directories.  I set each of the separately with a save between. The server appears in my /Network/Servers/ directory right down to the Homes directory.
  The following is the only log file that indicates any error.  This is from the most recent reboot:
  Directory Services Error Log:
  2011-07-09 09:19:12 PDT - T[0x00007FFF70C75CC0] - DNSServiceProcessResult returned -65563
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Misconfiguration detected in hash 'Global SID':
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID 3A0E5953-EC2B-4F6E-A929-3B32406A10C3 - SID S-1-5-21-3687144454-2494095375-1043814123-998
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Computer 'MiniServer.tolan.homeip.net$' (/Local/Default) - ID -1 - UUID 87FB76C0-A528-44FC-ADBF-2A7EC7809A9A - SID S-1-5-21-3687144454-2494095375-1043814123-998
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Misconfiguration detected in hash 'Global SID':
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID 3A0E5953-EC2B-4F6E-A929-3B32406A10C3 - SID S-1-5-21-3687144454-2494095375-1043814123-998
  2011-07-09 09:19:45 PDT - T[0x0000000101C8D000] - Computer 'MiniServer.tolan.homeip.net$' (/Local/Default) - ID -1 - UUID 87FB76C0-A528-44FC-ADBF-2A7EC7809A9A - SID S-1-5-21-3687144454-2494095375-1043814123-998
  The following are the relevant messages from the other log files that captured the login attempt:
  AFP Access Log:
  IP 192.168.77.20 - - [09/Jul/2011:11:25:11 -0800] "Login test1" 0 0 0
  IP 192.168.77.20 - - [09/Jul/2011:11:25:11 -0800] "Logout test1" 0 0 0
  DNS Log:
  09-Jul-2011 09:38:09.777 received control channel command 'freeze'
  09-Jul-2011 09:38:09.778 freezing all zones: success
  09-Jul-2011 09:38:09.885 received control channel command 'reload'
  09-Jul-2011 09:38:09.885 loading configuration from '/private/etc/named.conf'
  09-Jul-2011 09:38:09.886 using default UDP/IPv4 port range: [49152, 65535]
  09-Jul-2011 09:38:09.886 using default UDP/IPv6 port range: [49152, 65535]
  09-Jul-2011 09:38:09.888 reloading configuration succeeded
  09-Jul-2011 09:38:09.888 reloading zones succeeded
  09-Jul-2011 09:38:09.889 zone 77.168.192.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011070804
  09-Jul-2011 09:38:09.889 zone tolan.homeip.net/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011070900
  09-Jul-2011 09:38:09.893 received control channel command 'thaw'
  09-Jul-2011 09:38:09.893 thawing all zones: success
  09-Jul-2011 09:38:09.893 zone 77.168.192.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011070804
  09-Jul-2011 09:38:09.893 zone tolan.homeip.net/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011070900
  Kerberos Server Log:
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: NEEDED_PREAUTH: [email protected] for krbtgt/[email protected], Additional pre-authentication required
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: NEEDED_PREAUTH: [email protected] for krbtgt/[email protected], Additional pre-authentication required
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](debug): handling authdata
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](debug): handling authdata
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](debug): .. .. ok
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](debug): .. .. ok
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: ISSUE: authtime 1310235907, etypes {rep=18 tkt=16 ses=18}, [email protected] for krbtgt/[email protected]
  Jul 09 11:25:07 MiniServer.tolan.homeip.net krb5kdc[55](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: ISSUE: authtime 1310235907, etypes {rep=18 tkt=16 ses=18}, [email protected] for krbtgt/[email protected]
  Jul 09 11:25:11 MiniServer.tolan.homeip.net krb5kdc[55](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: ISSUE: authtime 1310235907, etypes {rep=18 tkt=16 ses=18}, [email protected] for afpserver/[email protected]
  Jul 09 11:25:11 MiniServer.tolan.homeip.net krb5kdc[55](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) 192.168.77.20: ISSUE: authtime 1310235907, etypes {rep=18 tkt=16 ses=18}, [email protected] for afpserver/[email protected]
  Password Service Server Log:
  Jul  9 2011 11:25:07    RSAVALIDATE: success.
  Jul  9 2011 11:25:07    AUTH2: {0x4e17e4b75f13dc1d0000000600000006, test1} DHX authentication succeeded.
  Jul  9 2011 11:25:07    KERBEROS-LOGIN-CHECK: user {0x4e17e4b75f13dc1d0000000600000006, test1} is in good standing.
  Jul  9 2011 11:25:07    KERBEROS-LOGIN-CHECK: user {0x4e17e4b75f13dc1d0000000600000006, test1} authentication succeeded.
  Jul  9 2011 11:25:07    GETPOLICY: user {0x4e17e4b75f13dc1d0000000600000006, test1}.
  Jul  9 2011 11:25:07    GETPOLICY: user {0x4e17e4b75f13dc1d0000000600000006, test1}.
  I would appreciate any and all assistance with this.  I've never had a problem in the past with configuring and using networked home directories.  This has me stumped.  This is now my 3rd day working on it.  I've been through numerous discussion groups, googled endlessly, and even re-installed the server software twice to make sure I'm working with a clean current copy.
  Thanks in advance for any advice you can offer....

  Thanks for your comments, and particularly for confirming that the Kerberos and AFP logs indicated success.   I did have my sharing set properly as you describe however checking that I had set sharing appropriately it led me to the answer to my problem...
  You were right about the location of Test1's home directory and it is on the second disk.   I have always had a level of discomfort setting up the Home URL under 'Home' when setting up a home directory.  I thought I had to put the fully qualified directory name, in this case:
        afp://miniserver.tolan.homeip.net/Volumes/MacHD2/Homes
  After turning sharing off and on for the Homes directory, just to ensure, I saw that WGM had inserted another, more abbreviated URL for me to select:
        afp://MiniServer.tolan.homeip.net/Homes
  When I selected this URL all started working.   I guess I've been outsmarting myself over the years by overthinking what I had to do.
  So, while your suggestion was correct, that wasn't my problem, but checking to ensure that I'd done it right did lead me to the solution.   Hence, a helpful answer, rather than a correct one even though you are correct.
  This issue of what the URL should look like has always bothered me but now I know.  I guess I've just been lucky up until now and in this business good luck doesn't teach you anything...   :-)
  Cheers, and thanks for this...   

• TS3090 Is there any good way for using a network account locally on the server?

  We have a bunch of macs at home. I want to be able to login to a laptop and have my account (home dir) in sync with de desktop account in a noninvasive way. 
  For achieving this I thought  promoting one imac to be a network profile server would be a good solution.
  This way we can work on any machine and sync portable home directories (phd) with our laptops.
  The server should also be usable as a workstation.
  One problem is: is possible to login on the server (locally) and work in a network account?
  I know it is possible, but this article describes issues.
  Also i am concerned about perfomance because files wil be mounted over afp rather than being on the harddisk. (one workaround would be to have a phd on the desktop, this would however not be possible on the server itsself (unless you have two copies of the home directory there))
  Does anyone have any experience with a simular situation or perhaps some other helpfull insights.

  Sorry, you must have edited your message. When I saw it, only the title showed .
  Embedded is what you want. You can change the windows apperance (e.g. hide the scroll bars) by changing the VI properties.
  Uncheck "request control" in the web publishing wizard, and it will be read only.
  Works fine here in LabVIEW 7.1. I don't remember if 6.1 had any limitations.
  LabVIEW Champion . Do more with less code and in less time .

• Network Accounts and mapping a unique IP per machine

  Ok guys, I have an interesting question and hopefully someone can help me out.
  I have a 10.7 Server that I would like to use to manage network accounts for a few of my users. We have 3 MacPro desktops that are our production machines. Each of these machines has a unique IP that they use to connect via fiber to a NAS unit. Each of these machines are currently set up and running, and all the users share the same username and password.
  We would like them to be able to sign in on each machine but we also need the machine specific AFP mounts to work, and work across all 3 machines.  We also need to do this in a way that doesn't involve us wiping each machine becuase the process to reload some of this software is a nightmare.
  Any thoughts or ideas?

  Ok, well since I'm not getting much feedback here I'll bring you all up to date. I have the Profile Manager setup and added the server IPs to the Machine Profile. I log in and it isn't always consistant. Some times the AFP share mounts, sometimes it does not. Any ideas?

• [SOLVED] netfs fails to mount samba mountpoint in fstab

  Answer:  netfs fails to mount my samba mountpoint because eventhough
  network is before netfs, and network is not started in the background, it
  still seems to take a while to complete, but it doesn't block netfs from running.
  If I put some stalling code in /etc/rc.d/network, and make it wait, then netfs
  will mount the shares, because network was allowed to start and netfs can
  it can find the servers.
  Now, what I want to know is why my network starts up so slowly.
  ----------------------- Read thread for details ----------------------
  This similar setup is working on my old Gentoo setup.
  fstab
  //tib/public /mnt/network/tib smbfs rw,user,auto,guest 0 0
  tib resolves to a server on my LAN.
  When I boot my ARCH system, it gets to netfs daemon, and times out trying to
  access the server.  I get the message
  5711: Connection to tib failed
  SMB connection failed
  The boot completes, and I log in and get the following
  $ ping tib
  PING tiburon.mill (192.168.0.36) 56(84) bytes of data.
  64 bytes from tiburon.mill (192.168.0.36): icmp_seq=1 ttl=64 time=0.354 ms
  64 bytes from tiburon.mill (192.168.0.36): icmp_seq=2 ttl=64 time=0.371 ms
  and, I can mount it like this (which reads /etc/fstab)
  $ mount //tib/public
  $ ls /mnt/network/tib/ | wc -l
  11
  It seems like ARCH isn't able to use the network until sometime after this point in the boot.  Here's my rc.conf daemons
  DAEMONS=(syslog-ng network netfs crond sshd alsa)
  I tried putting netfs last, but that made no difference.  I also tried to load netfs in the background without benefit.
  Note:  cifs doesn't work either; and I get more descriptive errors
  :: Mounting Network Filesystems
  mount error: count not find target server. TCP name tib/public not found
  No ip address specified and hostname not found.
  OK, that clear enough.  But, the hostname is found right when the boot process finishes and I get a prompt.
  And, I've tried the ip address, and FQDN too.
  Any ideas?
  Last edited by ristretto (2007-07-24 05:04:57)

  ok, gave it a try.
  //tib/public /mnt/network/tib cifs rw,user,noauto,guest 0 0
  $ cat /etc/rc.d/local
  #!/bin/bash
  mount //tib/public
  $ grep DAE /etc/rc.conf
  # DAEMONS
  DAEMONS=(syslog-ng network netfs crond sshd alsa local)
  Note local at the end.
  Now, all the daemons load up quick, and then local goes and times out, and I
  get the same error.
  mount error: count not find target server. TCP name tib/public not found
  No ip address specified and hostname not found.
  putting mount in .bash_profile is a bit of a security issue (though not really on my setup)
  but, more importantly, it mounts each time I log in to that account (say each ssh window to the box.)
  I'm thinking it's a bug in the initialization process somewhere?  I've never had this problem on other distros.
  What thinks you?

• Network accounts on OS X 10.6.8 experience bookmark issues with Firefox 9

  We run OS X Snow Leopard (10.6.8) with network accounts, home directories being mounted by AFP from a Snow Leopard server with attached XServe RAID.
  Since 9.0.1 (possibly earlier) bookmark management has become impossible. Added bookmarks sometimes don't survive after logout/login. Delete bookmarks sometimes reappear.
  A more elegant demonstration of the problem involves creating a new account. On the first run of Firefox, attempting to add a bookmark gives you an empty "Add Boomark" dialogue. "Show All Bookmarks" reveals that you have three bookmarks called "(no title)" that you can't edit or delete. It is impossible to add additional bookmarks.
  I've tried delete and recreating profiles, and checking the places.sqlite file for corruption with no joy. This looks like a fundamental issue with the way Firefox deals with bookmarks.
  Can anyone shed any light on this issue? I doubt if anyone is crazy enough to have a setup like ours, but any help would be appreciated.

  That still sounds as there are access problems to the places.sqlite database file, so you need to check that out another time.
  *http://kb.mozillazine.org/Bookmarks_history_and_toolbar_buttons_not_working_-_Firefox

• Issue with AFP Mounts

  I am migrating the user homes from a Linux server to a 10.5.8 Xserve.
  The users are all setup in an LDAP environment.
  The homes are currently on an NFS server running Linux. All users login to network accounts and are automatically connected to their NFS homes upon login.
  I would like to start only migrating the files and thereby changed the users homes to something like this:
  /Network/Servers/<afs server>/Volumes/NetworkFolder/testuser
  The user testuser has the same uid, user, pwd in the LDAP as on the new Xserve. The Xserve volume is finally mounted and I can login with my network home as testuser. However, the files are all read only. I cannot change anything in the new home files.
  The access log on the AFS server says I'm logged in as Guest
  I'm sure its a simple option I'm forgetting either in the LDAP config or on the AFS - I just seem to be stuck.
  Any idea on how to get this to work would be greatly appreciated.
  - Thanks, Peter

  I was looking for something like this. I have just bought a WD My Book World NAS drive. I connected it to my old router (G) and discovered it was too slow to wirelessly stream high bitrate music or movies. I then bought a Belkin N+ router which resolved this issue. However I have trouble with the mounts. When I wake my MacBook from sleep I can normally see the drive under Shares in Finder, but after some minutes it disappears. If I Go -> Network in Finder it turns up, but will not connect. The funny thing is I can be streaming music from the darn thing without interruption! The network shares on the desktop also turns on/off erratically. I can still access the folder contents from these even that the drive is not visible in Finder.
  The NAS is set up for AFP on all shares which should be ok. I have tried both dynamic and fixed IP address on the NAS, but my Mac gets it dynamically. I'll try a fixed IP for this.
  People are talking about automatic mount of network resources on start up. I came from Windblows and do not know all the fancy Unix commands and config files stuff. So how do you folks do this?
  Will be much appreciated, thanks!

• How do I remove an non-existent AFP mount from user's Home listing?

  Hello.
  I was testing setting up a user with a Network Home Folder and everything was working fine until the external drive that was housing the Share Point (automountable, set to be used for user home folders) went down and became corrupt. As this drive was just being used for testing purposes, there was no backup and it wasn't a big deal (or so I thought). My problem now though — I have a "ghost" entry in the Workgroup Manager/Accounts/User (any user)/Home listing for the afp network home mount. If I select it, the option to remove it is grayed out, so I have no way to remove it from the listing.
  Does anyone know how I can remove it from the listed? I've tried mounting a new drive, naming it the same as the old drive, and creating the Share Point again in the hopes that it would "relink". But, that didn't seem to work and I still can't remove it from the listing.
  I'm hoping there's something I can edit somewhere that'll make Workgroup Manager "forget" this afp mount?
  Any advice would be appreciated!
  Thanks,
  Kristin.

  OK, I sorted this out.
  First step is to recreate the folders and Share Points exactly as per the originals. Then, Instead of disabling auto-mount and unsharing all in one go, break it up into two steps as follow:
  - disbaled auto-mount and clicked save
  - unshared and clicked save
  Doing it as a single step (ie. disbaled auto-mount, unshare and save) doesn't work. You need to do it in two separate steps (disable auto-mount & save + unshare & save). I don't know if this is just something weird with my install or what, but it totally solved the problem, and now the AFP ghosts are all gone.
  Thanks,
  Kristin.

• Time Machine failing to mount backup volume

  Hi
  I set up a network shared drive (afp) and successfully used it for Time Machine backup from one of my Macs.
  However, from my other Mac, when I turn on TM and choose the network drive, nothing happens -- in the TM preference pane the disk doesn't get selected and the message remains "Choose Backup Disk...". In the console I get the following:
  20/5/08 4:39:13 PM System Preferences[185] FSMountServerVolumeSync received error: -36
  20/5/08 4:39:13 PM System Preferences[185] Failed to mount url: afp://;AUTH=No%20User%[email protected]/500GB%20Network%20Storage
  Any ideas?
  Thanks!

  Here's the solution:
  During the backup attempt Time Machine creates the bundle image on the share. This is called <computer’s name>_<string>.sparsebundle (by the way, string is the MAC address of the local en0 device without colons). You should keep the exact name in mind (e.g. by copy & paste or by looking in Console or by constructing it yourself from computer’s name and MAC address).
  Afterwards you start Disk Utility and create another “sparse bundle disk image” on your local drive. Volume Size should be the designated maximum size of the Time Machine backup (don’t be afraid, only by using the image it will increase in size). Further parameters: Volume Format - Mac OS Extended (Journaled); Partitions - No partition map.
  After this use the exact name Time Machine assigned to its bundle image to rename your newly created image (if not already done while creating your own image). Finally you copy the image on the share and manually start a backup via menu bar.
  Voilà. Afterwards Time Machine should start the tedious initial backup.
  from http://www.flokru.org/2008/02/29/time-machine-backups-on-network-shares-in-leopa rd/