Can connect with Server Admin and Server Prefs, not Screen Sharing or ARD

Just set up 10.5 server on my G5, and trying to connect from 10.5 on my iMac. I have tried both with the server System Preferences set to allow Screen Sharing via VNC, and with Remote Management enabled for ARD. In both cases, I get authentication errors when trying to connect from home. I have tried with both the full username, and with the short name of the only account on the server. My assumption is that, since this is the administrator account, I don't need to setup explicit privs for it on the server.
I can authenticate without any trouble with both Server Admin and Server Preferences.
The Firewall is not enabled on either machine, although I am behind a NAT router at home -- is it necessary to open any special ports to enable screen sharing? Is it possible that having these ports closed would produce an authentication error?
Thanks for any help.

Hi
I'm going to assume you configured your Server in Standard Configuration and not Workgroup or Advanced?
When using Standard in setting up the server DNS is automatically configured for as well as the Server taking an Open Directory Master Role. The admin account created at the beginning is for administering the Open Directory. Unknown to you and not documented at all - as far as I can see - is the 'Local Administrator' (localadmin) account.
You only become aware of this account if for some reason you have a problem with the Server which involves demoting to Standalone (ie not an Open Directory Master) once this happens you find you can't log on to the Server anymore or communicate with any of the Server applications because it won't accept any username or password other than root and localadmin for the name and the password defined for the original admin account you created right at the beginning.
Sometimes it does not even take demotion to find yourself locked out of the Server. Some have experienced this problem when running the Security Update or when some other problem has occured.
Part of the process of creating an Open Directory Master involves the creation of a 'special' directory administrator account. This account is used for administering the LDAP node. If demotion takes place this account gets blown away along with all users and group accounts that exist in the LDAP node, in fact everything to do with Open Directory is destroyed apart from Users' home folders.
Why demote if this happens? Sometimes the LDAP database gets damaged/corrupted beyond a point where normal troubleshooting methods fail. This can happen for a whole variety of reasons but more often than not is due to a poorly configured DNS Service. You basically only have two options once you reach that stage. A server reinstall involving a format and rebuild or a demotion to Standalone. Which option would you choose? Prior to demotion you can (if you have the chance) export users and groups or even archive the LDAP database itself for restoration later on. This is a useful option as everything to do with the LDAP Server is retained - passwords, users, groups etc. The other method of saving users etc does not retain passwords.
As time goes on and you become more familiar with your server you will find more and more of this information out for yourself. Hopefully the simple advice I've given helps you understand Open Directory a little better.
Hope this helps, Tony

Similar Messages

  • Cant Access Server Admin and Server Preferences anymore

    After upgrading to the latest Mac OS X 10.6.5 Version and/or changing Admin Password (I dont know the reason yet) I dont have access to my Server Admin and Server Preferences while I still can use my Workgroup Manager including Directory Admin (driadmin) and System Preferences. My Client Macs cant access Filesharing services and timemachine backup service anymore on the server, too. Other Services like MyEyeTV, Wuala, iTunes are working fine on the server and can be used by my Client MACs in my LAN.
    How could I proceed to fix this issue?
    What I have tried so far:
    I have tried to access my Server Admin thru the Client Mac mini using Server Admin App.
    I checked the OS Version: Mac OS X Server 10.6.5 (10H575)
    I checked the Server Admin Version: 10.6.5 (328.4)
    I also reinstalled the latest MAC OS X Server Update 10.6.5
    I still have root access. (Verified by DataQuest Engineer)
    Used also 127.0.0.1 Address to Access the Server.
    Is there a more elegant way to fix this issue than reinstall the server?

    ... well uninstalling "Hands Off!" Application solved the problem.
    Also if I assumed that i disabled this application, it was still active.

  • Computer's can connect to wireless but I can't connect with e-book and i-pod

    I have a wrt54g I can connect with 3 laptops and 1 desktop but my ebook and ipod connects once and a blue moon please help

    Whats the Wireless settings you have setup on your Router (SSID, Channel, Security Mode)? Are you getting any error message when you are trying to connect to your wireless network?
    If you have setup WEP security on your Router, when you are trying to connect to your wireless network input the "$" sign before the WEP key and then click on connect and then check if you are able to go online or not.

  • I can no longer log into my ichat linked to my gmail.  right after opening up ichat, receive the following message:  lost connection with jabber.  the server has unexpectedly disconnected.

    i can no longer log into my ichat linked to my gmail.  right after opening up ichat, receive the following message:  lost connection with jabber.  the server has unexpectedly disconnected.  how to troubleshoot?  thanks.

    Hi,
    There can be many reasons why the Login is "up the creek".
    Any break in the network at your end whilst logged in will cause  an issue.
    A sort of discrepancy between what iChat thinks the state should be and what the server thinks.
    If they don't agree the server will refuse to accept.
    A Crash at the server end which does not log you out properly will also do it.
    Any file at any time can be come corrupted.
    Luckily with the iChat .plists they are recreated if removed with an iChat Restart.
    If it were AIM you can also get your Account Suspended  and this will not log you in.
    (It tends to happen from Chat rooms where people notify AIM about bad behaviour (as they see it) and you have to apply to get Un-suspended).
    Most of the big IM services use multiple servers.
    Sometimes these go out of Sync.
    In the case of AIM this happens when they remove Old unused Screen Names from people's Buddy List prior to making them available for re-registration.  I am not sure if this happens at Google.
    You seem to be talking about an account that has worked at Work and having new computer at home.
    As I mentioned the Priority thing you have not said that it has coincided with the new computer logging in  (this will kick the work Computer out of Google whether you are logged in  on the Web Mail page or in iChat)
    IN addition to that iChat stays partially logged in for Off Line IMs
    This is done in the background by a support app called iChatAgent
    If your Computer is ON but ichat is not started people can still send you Messages.
    Instead of saving these on the server until you login iChat will start up.
    Depending if the home Mac is effecting the Work Login it may be holding sway over your Login.
    Using your girlfriend's login may have booted her Off Line where she normally uses the name/login.
    The AIM Side can be specifically set to allow Multiple Logins and therefore NOT allow them.  If this happens you get a warning and messages to do something about it.
    You do not get these in any Jabber or Google Login as the Priority setting is supposed to take care of it.
    If the Login works at the Web Mail Login and on one computer then the .plist on the work computer is the most likely issue.
    There is a small chance that a Corrupt Buddy Pic (Home Folder/Library/Caches/com.apple.iChat/Pictures) may be the cause.
    Set this folder to icon view and also use the Finder's View Menu > Show View Options and select icon view.
    This should show all pics as their icon.
    Check that all display properly.
    At this point I would try a COMBO version update install of the last Update you did over what you have.
    This often corrects hard to trace things
    The 10.5.8 COMBO is here
    11:28 PM      Monday; June 20, 2011
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb( 10.6.7)
     Mac OS X (10.6.7),
    "Limit the Logs to the Bits above Binary Images."  No, Seriously

  • Help? New iPad2 exchange email was working. Now won't download email and existing emails disappearing - newest disappearing first.  Can connect to web. And my windows computer connects fine to exchange server.  What's going on?

    Help? New iPad2 exchange email was working. Now won't download email and existing emails disappearing - newest disappearing first.  Can connect to web. And my windows computer connects fine to exchange server.  What's going on?

    Actually all are affected, but i manage to solved it running Virtual test version to trace the issue and finally able to fix it. Thanks for asking.
    IT Technician

  • WGM vs Server Admin and Leopard server access

    I am able to access my Leopard xserve through my firewall using Server Admin tool, but not when I try with WGM.Message is..."host unknown" ...."host unreachable." What is the difference? Not a problem with ARD either ....mmmmm. Can someone shed some light on the experience? Thanks, J Langloi

    By filtering, (if I may), he meant restricting. IE: If you're going to do this, you absolutely need to have the Firewall restrict what external IPs are allowed access, rather than making those ports wide open to anyone and everyone.
    But, it's pretty much industry-standard/ standard-practice to disallow connections across a company firewall to internal servers, except via VPN. (And by this I am excluding servers that are intended to be public-facing but are still appropriately firewalled).
    In rare cases where VPN is not a readily-available option, it is possible to connect to both Server Admin and Workgroup Manager over ssh, but I don't suggest going that route without absolutely securing ssh in every possible way (has minor typos I wish I could fix but nothing that confuses the vital info): http://discussions.apple.com/thread.jspa?messageID=7082312

  • Mailman, Server Admin, and mailmanctl launchd item

    I upgraded my Mailman to 2.1.12 today, and I had some of the usual problems, some not so usual. I'm used to seeing that mailing lists are stopped in Server Admin, but I would like to be able to see mailman logs in Server admin, and I would prefer not to have to create my own launchd item to execute the mailmanctl command. Logs are an old problem, but the mailmanctl launchd problem is new. Are there fixes for these two problems? I configured with
    ./configure --prefix=/usr/share/mailman --with-var-prefix=/var/mailman --without-permcheck
    Thanks.

    I tried it, thanks. Mailman didn't like the config, though. It warned me about using group id "_postfix" and wouldn't distribute until I had reconfigured using --with-mail-gid=_mailman instead of --with-mail-gid=_postfix. Plus I still don't get any connectivity out of Server Admin. I had already edited the launchd file for use with my earlier replacement, so I guess I'll go back to that. It works, I just wanted fewer Server Admin orphans. I have to toss things anytime there's a system update, anyway. Thanks again.

  • How to establish connection with the outgoing email server?

    Cannot set up Lightroom 5 email capability with Google Mail. Have confirmed proper smpt address, email and password and error message still comes up:
    "eFailed to establish connection with the outgoing email server. Please make sure you have entered the email account and password correctly."
    How can I clear this up. Help, Adobe!

    Have you checked your Gmail in-box? See if this helps:
    https://forums.adobe.com/thread/1642613

  • Exporting server admin and service preferences for backup

    I have never used this feature and would like to know if there is any problem using these exported files to reinstall the server admin and service preferences?
    .............Thanks in advance for any thoughts....Ray

    AFAIK, yes.
    Best answer: try it yourself.
    Testing your own full recovery path is a Good Thing.
    I tend to use the export and import knobs when I'm going to go mess with stuff in a test configuration, and I want a path back and a way to restore the previous settings. (Though because the services can be reconfigured and modify files elsewhere on the disk and entirely dependent on what I'm testing in SA, this isn't necessarily a good global solution. Which gets back to recovery testing. And occasional full disk backups with Disk Utility or analogous.)

  • Connection between SDM client and server is broken

    Dear All,
    First of all this is what I have
    -NW04 SPS 17
    -NWDS Version: 7.0.09 Build id: 200608262203
    -using VPN connection
    -telnet on port 57018 is succesfull
    I can login to SDM server (from NWDS and from SDM GUI) I can see the state of SDM(green light), restart it, can navigate through tabs in GUI, but every time I am trying to deploy an ear i have this error:
    Deployment exception : Filetransfer failed: Error received from server: Connection between SDM client and server is broken
    Inner exception was :
    Filetransfer failed: Error received from server: Connection between SDM client and server is broken
    I have already read a lot of topics,blogs,notes but didn't find the solution.
    Can anybody help me?
    Best Regards

    Having same issue. Nothing helped so far... Using NWDS 7.0 SP18.
    I have turned SDM tracing on and this is what I see on client side after sending first data package:
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: debug "20120224140253 0280/17 Client: finished sending string part"
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: debug "20120224140253 0280/0 Client: receive String part from Server"
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl.receiveFromServer(NetComm ..): Entering method
    com.sap.bc.cts.tp.net.NetComm.receive(): Entering method
    com.sap.bc.cts.tp.net.NetComm: debug "Method "receive(char[])" could not read all requested bytes. There are still 12 bytes to read"
    com.sap.bc.cts.tp.net.NetComm: debug "Caught IOException during read of header bytes (-1,          43):Connection reset"
    com.sap.bc.cts.tp.net.NetComm: debug "  throwing IOException(net.id_000001)"
    com.sap.bc.cts.tp.net.NetComm.receive(): Exiting method
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: Exiting method
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: debug "20120224140253 0281/1 Client: connection was broken"
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: Exiting method
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: debug "20120224140253 0281/0 Client: finshed sendAndReceive"
    com.sap.sdm.is.cs.cmd.client.impl.CmdClientImpl: Exiting method
    My connection on server is still active so I have to restart SDM server to reset and try it again.
    Anyone have idea whats happening?
    Edited by: skyrma on Feb 24, 2012 2:46 PM
    Edited by: skyrma on Feb 24, 2012 2:47 PM
    Edited by: skyrma on Feb 24, 2012 2:47 PM

  • How to establish a trusted connection with JDBC for SQL SERVER 2000

    Hi!I am using jdk 1.4 and eclipse 3.3.
    I create a servlet in eclipse with in-build tomcat.
    When I run it ,it was working perfectlly has it was suppose to work.
    In this servlet I connect to a sql 2000 database using jdbc-odbc bridge driver.
    But when I tried to deploy the servlet on tomcat 5.5 manully on the same machine ,it gave me error saying
    [Microsoft][SQLServer JDBC Driver][SQLServer]Login failed
    for user 'sa'
    I searched around some post and found that ok ,I need trusted connection
    But I have 2 Questions
    1). Why was in eclipse I was able to connect to the SQL server and why not in the servlet which I deployed manully on tomcat.
    2). How do I create a trusted connection with JDBC for SQL server 2000
    Thnaks for your help in advance.

    Hi! duffymo ,QussayNajjar ,dvohra09 .
    Thank for help.
    The ideas are really great.
    I am trying generate reports for my company.
    When I used eclipse the code worked perfectly.
    below is code which I used
    out.println("Calling For Class Name<br>");
    Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
    out.println("Calling For Class Name success Now calling database <br>");
    1). jdbcConnection = DriverManager.getConnection("jdbc:odbc:SQLJasper");
    2). jdbcConnection = DriverManager.getConnection("jdbc:odbc:Driver={SQL Server};Server=ServerName;Database=tempdb");
    3). jdbcConnection = DriverManager.getConnection("jdbc:odbc:Driver={SQL Server};Server=ServerName;Database=tempdb","UID=UserName","Password=Password");
    out.println("connecting to database success<br>");
    I had tried to connect the database using this three way.
    In 1st I tried using DSN name .
    Next 2 self explainer for expert like you.
    I used to 2nd variant to connect in eclipse and it worked fine.
    I not an expert in java ,I just doing some research on jasperReport.
    My best guest is that eclipse is using some library files of which I have no clue.
    Thank's for your help,I appretiate it.
    Once again thank a billion.
    Sorry for the messy righting.

  • VPN Issue:  Could not Negotiate a connection with the remote PPP server

    Hello Folks,
    I setup VPN on Windows Server 2003 Enterprise R2. I am successfully able to connect to VPN via laptop internally and externally. However, on my iPhone I am not able to connect and receiving the following error "Could not Negotiate a connection with the remote PPP server".
    There doesnt seem to be a lot of documentation regarding this on Apple and or throughout the web.
    Anyone resolve this issue?
    Peace
    Phil C.

    I am not entirely sure my full setup. I had a friend help me set it up. Now for some reason when on WIFI on my own network I am able to connect to VPN ( I wasnt able to before), but when I switch to edge there is still no response for the PPP server. I even messed around with the PPP options still no response. Unfortunately I am not extremely server literate so my troubleshooting is limited. However it is now working via my own WIFI and will try it on another WIFI network tomorrow. I am wondering though if it connecting had to do with any updates from microsoft. Since this is a newly installed server 2003 it has been running updates. Some food for thought.
    Peace
    Phil

  • HT2688 Working on a single computer with multiple users, I have set things up to allow each user to view and listen to the others' music libraries under the "Shared Library" function.  Can you then connect an iPod touch and copy music from a shared librar

    Working on a single computer with multiple users, I have set things up to allow each user to view and listen to the others' music libraries under the "Shared Library" function.  Can you then connect an iPod touch and copy music from a shared library?

    Was your wife logged into the libray at the time you tried to log in? I have had a similar problem and it was because another user was logged into the library when I attempted to. I got the permission denied banner.

  • I have an account for apple but this is not acceptable for i cloud. It say it is correct ID and password but this is not icloud account. So my phone can not connect with my computer and not synchronization too

    I have an account for apple but this is not acceptable for i cloud. It say it is correct ID and password but this is not icloud account. So my phone can not connect with my computer and not synchronization too. Last a few months i have not use this phone. Just i start to use again. So most probably i gave my old mail address as a ID or password. So how can i clearing this subject. regards

    ErolSinan wrote:
    ... there is no button for update between the About and Usage buttons in the General. ...
    Correct. That is only a feature of iOS 5 or later...
    ErolSinan wrote:
    ... yes my phone is 3G.
    then it can only go as far as iOS 4.2.1

  • Any suggestions on how to get wifi to work?  I have a multitech router and can connect with a computer wirelessly but not the ipad.

    Any suggestions on how to get wifi to work?  I have a multitech router and can connect with a computer wirelessly but not the ipad.

    iOS: Troubleshooting Wi-Fi networks and connections
    http://support.apple.com/kb/TS1398

Maybe you are looking for

  • I'm getting strange files on my desktop "0A75SC100" & "0CFSC100" when I use Firefox. Can't open or trash them..

    I'm getting strange files on my desktop when I use Firefox. They have no extensions, won't open, & can't be trashed. File names such as 0A75SC100 & 0CFSC100. When I restart my computer they disappear. There does not seem to be a correlation between a

  • ALV layout in selection criteria

    Dear Friends, I have created a webdynpro report with 2 views. 1st view contains all selction criteria and 2nd view contains ALV. I have created couple of layouts for ALV using settings option. By default we will have [Standard View]. Every thing work

  • My JVC HDD camcorder works with iDVD and iMovie

    HOOOORAAAYYY, With the help of people on this discussion list, I have able to convert my movies from MPG2, which is the format of my JVR HDD camcorder to DV which is used by iMovie and iDVD. It was pretty easy, basically one needs to get Quicktime MP

  • Invalid account assignment category for Service order

    Hi Experts, We upgrade in ECC. I suppose this topic is linked to this one. See more detail below. On a repairing flow, central alerts by a complaint from customer. Operator creates a Repair request, next receive the broken machine (VRRE + VL02N). A i

  • How to revert to a previous version of premiere pro cc

      I udpadeted my premiere pro cc to the 7.2.1 version and premiere is not working for me at all. I was wondering if there is a way to revert back to a previous version I really need to finish a project for a client andI am not able to do that right n