Can't login to ML server network user from a client

Hi,
The computer name on my customer's ML server was changed post OD installation. Now I can't login with network user credentials from a MacBook.
I also see the old server/hostname displayed in workgroup manager under "location" (see attached).
I've tried destroying OD by deleting it in Server app then re-adding it again but it still shows the old name in WGM as shown in the screenshot above.
I suspect this is related to authentication problems. Should I be running a utility like changeDirData.pl to update the old values? If so, what is the syntaxt?
Old name was: server1.stmarys.lan
New name is: server1.local
I ran the following: sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/changeDirData.pl -i -s 192.168.2.2 -u diradmin -o server1.stmarys.lan -n server1.local
But got an error: cant contact ldap server to get config info

After contacting Apple server support, I was told there were two issues:
1- ".local" cannot be used in a hostname due to conflict with Bonjour
2- Hostnames must have three parts like "server.company.lan" & "server.lan" cannot be used
I wish Apple would inform users with a pop-up about these rules before they waste a lot of time having to re-do everything from scrath. I was lucky enough to have an export of all users.
If these rules are followed from the begining, DNS would auto-configure itself with the appropriate forward & reverse records.

Similar Messages

Unable to login network user from login windom. SSH login ok.

I have a MacOS 10.6 client and ldap network users server by MacOS 10.4 Server. Trying to login via the login window I get "Logging in..." which tries forever (or until I reboot).
* SSH login works fine with network users.
* Local users can login.
* Network access is allowed by all users (Preferences->Login)
* Removing ~/Library/ from the network user doesn't work.
Logging in via SSH while the login screen is hanging I get:
[mikael@melba ~]$ ps -Umikael
PID TTY TIME CMD
330 ?? 0:00.03 /sbin/launchd
480 ?? 0:00.02 /System/Library/CoreServices/CCacheServer.app/Contents
693 ?? 0:00.00 /usr/sbin/sshd -i
694 ttys000 0:00.12 -bash
730 ttys000 0:00.00 ps -Umikael
Any ideas?

I cannot create the mobile account (real username replaced here with '<username>'). This is true whether I run the command as root or as the user in question (via ssh):
root# /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobilea ccount -n <username>
createmobileaccount built Jul 23 2009 22:14:42
2009-10-05 15:54:41.906 createmobileaccount[41973:903] MCXCCacheMCXRecordAndGraph(): [localNode createRecordWithRecordType:(null) name:"<username>"] == 4100 (Unable to create record <username> in /Local/Default.)
2009-10-05 15:54:41.908 createmobileaccount[41973:903] MCXCCreateMobileAccount(): Failed to create account. Error = 4100 (MCXCCacheMCXRecordAndGraph failed). Cleaning up mobile account record.
2009-10-05 15:54:41.909 createmobileaccount[41973:903] MCXCDeleteAccount(): Trying to delete user id = 0
* mobile account could not be created: 4100 (Unable to create record <username> in /Local/Default.)
Directory services and DNS are set manually.
Message was edited by: BerkeleyAstroBill

How can I share a Tiger server's User database to a Panther server?

I need some help to set this up. Keep in mind I do not have a DNS server.
I have a Tiger server with Xserve and an older Panther server, both on the same local network. I have a whole bunch of users setup on the Tiger server. The Panther server does not have any users setup on it. I do not want to have to type in all the users all over again in the Panther server. What I'd like to be able to do is somehow share and syncronize the user database on the Tiger server with the Panther server.
I looked into the Open Directory settings but I do not understand what to do. How do I configure the Tiger and Panther servers respectively so the Panther server can sync with the Tiger server's users database. Is this possible? It seems like it with Open Directory, one being the Open Directory Master and the other being the Open Directory Replica? But I just don't understand how to set this up. Also the Panther OD settings seem quite different than Tiger's in Open Directory.
Any help would be appreciated.
Message was edited by: robocub1

Hi
It may be best to set up your 10.4 Server as an Open Directory Master first and then use Directory Access on your 10.3 Server to connect to the Tiger Server so as it can use the same User Database. This should be possible. OD Master/Replica relationships are not possible if the OS versions are different, even if the Master was 10.4.11 and the Replica was 10.4.10. You have no chance when its 10.4 and 10.3.
http://images.apple.com/server/macosx/docs/OpenDirectory_Adminv10.5.pdf
The link is for 10.5 but the basics are the same. This is a recent post that describes how to set up an OD Master:
http://discussions.apple.com/thread.jspa?threadID=1377046&tstart=0
I'm guessing that your 10.4 Server is Standalone and is serving simple file services only (AFP and possibly SMB/Windows). If this is the case (and I can't see how it can't be) then your users will be in the local NetInfo node. This will be the default node that is presented to you in WorkGroup Manager. You always get a warning that your are working in an invisible node (if you have not disabled this) when working in the Server's local node. Don't worry there is nothing wrong with the warning. WorkGroup Manager on Panther (10.3) Server works the same way.
You could if you wanted to simply export the Users and Groups from WGM in 10.4 and import them into WGM on 10.3. This should save you having to key them all in again. If the prospect of configuring internal DNS Services and all that goes with it seems to much for you then this is probably the simplest option. How do you do this? Launch WGM (its the same for both versions), select the Server Menu and select Export after first selecting desired users. Do the same for Groups. Use the same procedure in reverse. The Users and Groups files are not very big and can easily be transferred using a memory stick etc.
There are differences between the two versions which are mostly to do with Server Admin. In 10.4 Server there are more services. One of the Services will be Open Directory. In 10.4 Open Directory will only show a green light by the side of the service if it is in any role other than Standalone. Server Admin on 10.3 Server will always show the green light by the side of the Open Directory Service. This does not mean that it is an OD Master, you have to click on Settings and inspect the Role to see what it actually is.
You should be able to connect to a 10.3 Server with 10.4's Admin tools but don't be tempted to use Server Admin to configure/change anything on the 10.3 Server. You should not be able to go the other way 10.3 > 10.4 using the same tools.
Internal DNS Services are a requirement for LDAP Services (and pretty much everything else) on Servers generally, although for simple file services not absolutely necessary. Internal DNS Services do not have to be configured on the Server itself just as long as they are configured on another server, for example, on the same network. If these are the only two servers on the network then you will have to configure DNS Services on either one or both of them depending on what you want.
Not available on your 10.3 Server but is on your 10.4 Server are Access Control Lists (ACLs). This is a permissions model that is in addition to the standard POSIX permissions. Think carefully about how you provide permissions to your network clients if there is a mix of client OS, 10.3, 10.4 etc.
Hope this helps, Tony

I can't login to solaris server using ssh(putty).

Hi,
I can't login to solaris server using ssh(putty).
However I am able to login to that server using telnet.
# pkginfo | grep -i ssh
system SUNWsshcu SSH Common, (Usr)
system SUNWsshdr SSH Server, (Root)
system SUNWsshdu SSH Server, (Usr)
system SUNWsshr SSH Client and utilities, (Root)
system SUNWsshu SSH Client and utilities, (Usr)
I see that ssh is running. Please suggest.
# ps -ef | grep ssh
root 392 1 0 Feb 27 ? 0:00 /usr/lib/ssh/sshd
root 12523 392 0 Mar 03 ? 0:00 /usr/lib/ssh/sshd
sbasha 12526 12523 0 Mar 03 ? 0:07 /usr/lib/ssh/sshd
sbasha 10957 10954 0 Mar 03 ? 0:05 /usr/lib/ssh/sshd
root 16495 16491 0 10:46:54 pts/2 0:00 grep ssh
root 10954 392 0 Mar 03 ? 0:00 /usr/lib/ssh/sshd
Thanks & Regards,
-Gnanashekar-

Hi,
I found solution to the problem. By default sshd in solars 10 does not permit root logins.
We need to edit /etc/ssh/sshd_config file as follows:
PermitRootLogin yes
and restart the sshd.
#svcadm restart ssh
Thanks & Regards,
-GnanaShekar-

How to know login history/events of Sap user from server

how to know login history/events of Sap user from server without operating users computer.
Am using B1 2007A PL47 Forthshift(FSE version 8.5 SP03PL05)

Hi,
Check the thread
Re: User login history SAP Business One
*Close the thread if issue solved.
Regards
Jambulingam.P

How can I move particular users from one client to another client

Hi, I am trying to find a way to move few or many user from one client to another. Is there a transaction available or program to move them. e.g. there is a SCC1 available to move transport only from one client to another without going through TMS.
Is there any trick available ?
thnx in advance

closing this one. thnx

Run a report in reports server calling it from a client/server form

How can I run a report in reports server calling it from a client/server form ?
Thanks

In client server mode you can use RUN_PRODUCT built-in. Lookup help for this built-in for more details.
Best of luck!

Mac OSX Lion Server Network User Login Issue

We have in the office a server running Mac OSX Lion, and several network users who've all been running happily for quite a will.
About a month ago I was added to the system, and initially we had a few issues relating to the home directory, but we changed 'something' and it all worked.
Fast forward to now, and we've added a new user - Hannah - to our system.
I've added her in the Workgroup Manager, and set her up everywhere I can find on the server. Her home directory creates on the server fine.
She appears in the Logon list on the client machines, and here's where the trouble starts...
Every time she tries to log on, it fails. The logon box just bounces or wobbles as though the password is incorrect. We've tried changing the password, to no avail. We've tried adding new test users - same problem.
We've tried sudo kinet on the Terminal as a local user, with variable results.
I'm at my wits end, and really hoping someone here can help offer some suggestions or advice we can work through to get to the bottom of this.
Thanks in advance!

Your problems are likely occurring because you added her to the directory with Workgroup Manager.
You should really start avoiding WGM when at all possible as Apple is clearly moving away from it. Because of this, things don't always work as expected when using 'legacy' tools like WGM.
My guess as to what your problem is: When you create a new user in Server.app, two things happen for you automatically that WILL NOT HAPPEN if done from WGM.
First the user is added to the default "Workgroup" group.
More importantly (and the source of much confusion), the user is automatically added to SACLs.
Check the SACL for the user in Server.app, I bet you'll notice that they aren't a member of the File Sharing group like they should be. To solve this problem, you can either delete the user and recreate them in Server.app, or manually add them to the appropriate SACL.
I would opt for recreating them in Server.app if I were you, as I don't trust user accounts that originate in WGM on Lion Server.

Can't login to new open directory users

I have a Mac Mini Server running 10.8.2 Server. I have existing users, most with no home directory and a couple with network home directories.
However, any NEW users I add (in LDAPv3), they aren't able to login. When I create the user, the "access account" option is checked and stays checked after the user is configured & saved, and stays that way when I relauch Workgroup Manager.
However, when I attempt to login to this user from a network comptuer, the "access account" checkbox gets unchecked. I can check it again and save the account, but when I reopen Workgroup Manager, it's unchecked.
Help???

Good tip from Francis.
Last night I finaly was able to get things back to semi normal to summarise here are some tips that worked for me.
Things first went wrong when I tried to add a new user in work group manager. After doing this I got some quite strange behaviour.
The server appeared to hang when loggin on with the new user. but ssh to the server was working. Finally after about 10 minutes I hit the reset button on the server it appeared to go into sleep mode then automagically it logged in the user. Wow did it work .... no, Bad news other users could no longer ssh to the server... Arrrr. Cause tracked down to Kerberous reported as no longer running... Clients (my family ) startign to report cant access services like email ... help...
Rather than all the pain of tryig to fix that this is what I did.
1) Back up OD in Server Admin ( not Server.app) OD dosent show up there dont know why ??
2) Make sure the DNS is working
nslookup, dig, hostname commands ... all reported correctly forward and reverse MYSERVER.MYDOMAIN.COM. domain and IP address. I even re-ordered the DNS name so that the local address 192.168.10.X was reported first on my local netwrok before the external ip of the server.
3) Create a completly new OD by deleatign the old one by setting is as a stand alone then re-creating is as a new master ( use Server Admin tool )
Finally Kerbrous all reported as runnig ... Try again to add a user...
4) Add new user in Workgroup manager open on server not remotly this didnt work.
5) set home account with apf://fqd.name/Users/
6) make sure home account is accessable on network.
6) set shell
7) in Server Admin give all permissions to services new user will need. such as ssh login as required.
8) in Server.app ( not Server Admin or workgroup manager )
check that new user appears. The local OD must be in the Directory Exployer search path for this to happen
and the server must be binded to this path.
I added both /Ldap3/127.0.0.1 but also importantly /ldap3/MYSERVER.MYDOMAIN.COM
9) in Server app click on the user then select the Advanced settings. Make sure user has home dir selectd as the correct /Users folder on the server
( this was not set at first and had the value of 99 no idea why ) there are also other important settings here.
10) Finally restore OD with perevious backup to add back the rest of the users.
Apparantly this actually does a merge not a overwrite.
End state every thign finaly working .....
except the iChat/jabber server for some reasion wont accept authanicate users.... rrrr.
Bonjour works on the local network but well the point of havign a jabber server was for family in countary A to talk to grandparents and have private secure video phone with country B so would have been nice if that worked
Good luck
Hope that helps

Mountain Lion Server: Network users Home directory mount problems

I am having several problems with my server after a latest name change of the server via Server.app. (A first name change made problems, after that I have been trying to repair, changing the name a few times more. With latest name change, I also changed the server name itself from Foo to Bar while changing domain name from domain.com to bar.domain.com after which I repaired DNS so it covers the whole domain.com domain).
The users in the Network directory think their home directory is on afp://domain.com/Users, but the server is now called bar.domain.com. /Network/Servers/bar.domain.com does not exist on the server. Client machines (with mobile home directories) are now able to sync, because I added an A record for domain.com to DNS (not nice, but does the job, or more specifically that job). Also on the clients, I can go to a SHARED folder in Finder with the name Bar and go to Users and see al the home directories there. But:
bash-3.2# ls -l /Network/Servers/
total 4
dr-xr-xr-x 2 root wheel 1 Apr 14 11:14 domain.com
dr-xr-xr-x 2 root wheel 1 Apr 14 11:14 foo.domain.com
bash-3.2# ls -l /Network/Servers/*
/Network/Servers/domain.com:
total 2
dr-xr-xr-x 2 root wheel 1 Apr 14 11:14 Users
/Network/Servers/foo.domain.com:
total 2
dr-xr-xr-x 2 root wheel 1 Apr 14 11:14 Users
bash-3.2# ls -l /Network/Servers/*/Users
/Network/Servers/domain.com/Users:
ls: Users: Input/output error
/Network/Servers/foo.domain.com/Users:
ls: Users: Input/output error
So, on the server looking for folder ~user does not work. It wants to go to afp://domain.com/Users/user but that is unreachable.
Any tips on what I can do except do a clean rebuild of the server (again)?
(One of the obvious problems is that the Realm of OD is still called foo.domain.com, the origin of my problems has been that the first name change from foo.domain.com to domain.com (ill-advised, I know) failed — partly).
What I'd like to know is:
- where is it determined which servers end up in /Network/Servers?

Som additional info:
Other machines can mount afp://foo.domain.com/, afp://domain.com/ and afp://bar.domain.com/, but the server itself cannot mount them via Finder.

How can i change a password for network users?

Good day. I have a problem with changing passwords on server Yosemite. As i understand there is no way to change password for the network users remotely. I mean, when for example someone will change his password and then will forgot it how can i change it? When i open a server manage program and go to the "Users" and than open a setting for the user - "Change Password..." is not clickable.

Hi Dcp24,
If you are having issues resetting a user's account password on your server, you may find the information in the following article helpful (article is aimed at Mavericks, but the steps should be similar in Yosemite):
Mavericks Server Admin: Reset a user’s password
Regards,
- Brenden

Can't login to admin server

Hello, I have a problem which is driving me crazy.
I simply can not login to the admin server.
I'm connecting to the flash admin-frontend which is hosted on the same server which the FMS is running on. The FMS version is 3.0.1 and it's running on RHEL5.
I've set the user and password in conf/fms.ini. I have checked that I have permission to connect in conf/Users.xml. Everything seems like it should work, but it just won't let me in and when looking in the logs (logs/admin.00.log) I just get a lot of lines saying "Failed login attempt from..."
Apart from this the server works. We are still using it for streaming and we have been able to login to the admin interface before, but it was a long time ago and now it just won't work anymore.
Any ideas?

Thanks for the reply.
The admin log just contains a lot lines like these:
2011-04-01 14:57:31 22552 (w)2671165 Failed login attempt from 130.239.57.123 at Fri 01 Apr 2011 02:57:31 PM CEST. -
2011-04-01 14:57:32 22552 (w)2671165 Failed login attempt from 130.239.57.123 at Fri 01 Apr 2011 02:57:32 PM CEST. -
And here's the Users.xml, I'm actually not sure why there's a password in here as well, or how it is updated (since it's encrypted).
<Root>
    <UserList>
        
        <User name="${SERVER.ADMIN_USERNAME}">
            
            <Password encrypt="true">dTh0eXJlcw=</Password>
            
            
            
            
            
            <Allow>all</Allow>
            
            
            
            
            
            <Deny></Deny>
            
            
            
            
            <Order>Allow,Deny</Order>
        </User>
    </UserList>
    <AdminServer>
        <HTTPCommands>
            
            
            
            
            <Enable>${USERS.HTTPCOMMAND_ALLOW}</Enable>
            
            
            
            
            <Allow>ping</Allow>
            
            
            
            <Deny></Deny>
            
            
            
            
            
            <Order>Deny,Allow</Order>
        </HTTPCommands>
    </AdminServer>
</Root>

Can't login to mail server

Hello everyone,
I'm trying to access the mail server through squirrelmail and through the Mail application. I turned on IMAP and POP access, set up squirrelmail according to the instructions, and set up an account with mail services enabled. However, when I go to the squirrelmail login page and try to login, it gives me "Unknown user or password incorrect." When I look at the mail logs on the server, it says something like "User postmaster attempted to login but failed. User has account on server". I made sure the password was right and I used the full name and the shortname but no luck. Same thing when using a client, it says the name/password is incorrect. Did I configure something incorrectly? Any help appreciated!
Thanks!

IMAP and POP are protocols. Authentication methods are plain, login, cram-md5, kerberos, etc.
You must make sure your client is set to use an authentication method supported by your server.
If you are unsure about what you have enabled, post the unmodified output of postconf -n
Also check /var/log/mailaccess.log for information on why your client gets rejected.

Can not login to BOE Server (Business Object 4.0) by WebIntelligence

I have ready a BOE Server (Business Object 4.0) , now I want to login BOE Server by BOE Client Tool - WebIntelligence, but I can not login,
The error display : Logon failure due to an internal error
Please help and share information to me
Thanks

Please provide more details on the exact workflow and the exact architecture of your deployment.

Mac OS X Server Network users and Microsoft Office Documents

Hello. I have a lab with 10.8 clients and 10.7 server. I have problems copying documents to network users' desktops. Here's the scoop:
I'm on my teacher machine. I want to copy word docs (.docx) to the student desktops while they are logged in with ARD. The copy works fine, but when they try to open the documents it is always Read Only. They have to resave the documents as something else in order to use them. Permissions on the documents are read/write for me/staff/everyone on my machine (also a network user account) before I copy them through ARD.
Am I missing something? This issue was around last year when the clients were 10.6 as well.
Thanks for any help.

Hi,
I am trying to do the same exact thing and find that it is best to do this locally (for now). Not only is the network way slower, but it seems to make things worse. For example, things backed up via the client machine are routed from the FTP server/volume mount and different permission wise. When you try to restore them locally, it should work, but the folder had different permissions because they were initially created in root (for me). So, I hope they would come out with something better than what is available now. Thanks!

Can't login to ML server network user from a client

Similar Messages

Maybe you are looking for