Customized User Profiles not loading for Network Users
I manage Macs in public computer labs and classrooms at a university. My general set up is as follows:
Clients are running 10.8.5, OD Masters are running 10.7.5. Open Directory Master to manage client preferences for Login window and screen saver. Clients bind to Active Directory for authentication purposes only. Networked users home directories are stored locally then deleted at log out. Using Deploy Studio to image and restore clients.
My customized user profiles are stored in /User Templates/Non_Localized.lproj.(I also update English.lproj for any local users that may need to be created for various reasons).
Recently I have come across a situation where, randomly, my customized user profile does not load at Login, and I am given the out-of-the-box default Apple profile. This is happening in 11 of my 14 labs. I have three labs that seem to not be affected by this.
On some labs I manage the DHCP, some labs I do not, and rely on our Networking group to supply DHCP and DNS. Because of this setup I have six different DNS server that may be in the mix. Two are Unix boxes, the other four are the Active Directory Domain Control servers. I did create a spreadsheet of all the AD/OD settings for each lab to see if I could find some kind of pattern, but don't see a way to upload it.
The one thing I do notice is that when I do a mass login using a shell script via Apple Remote Desktop, when the profile fails to build correctly, the user login is quick, much quicker than when the correct profile loads. Almost as if a packet is sent the the OD server, it's rejected, and bam, Apple's default profile loads.
I have flushed the DNS cache of the local clients using killall --HUP mDNSResponder
I've got one week to figure this out before classes start, so if you have a clue as to what's going on, I sure would be grateful.
Here are logs from both the admin's account and the user's account when the default profile fails to build:
ADMIN log:
8/20/14 1:31:03.366 PM CVMServer[109] Check-in to the service com.apple.cvmsCompAgent_x86_64 failed. This is likely because you have either unloaded the job or the MachService has the ResetAtClose attribute specified in the launchd.plist. If present, this attribute should be removed.
8/20/14 1:31:03.389 PM loginwindow[44] Login Window - Returned from Security Agent
8/20/14 1:31:03.491 PM loginwindow[44] USER_PROCESS: 44 console
8/20/14 1:31:04.084 PM WindowServer[75] **DMPROXY** (2) Found `/System/Library/CoreServices/DMProxy'.
8/20/14 1:31:06.307 PM locationd[563] NOTICE,Location icon should now be in state 0
8/20/14 1:31:06.478 PM coreaudiod[560] Enabled automatic stack shots because audio IO is inactive
8/20/14 1:31:06.621 PM UserEventAgent[548] cannot find fw daemon port 1102
8/20/14 1:31:08.530 PM WindowServer[75] Display 0x04280480: MappedDisplay Unit 0; ColorProfile { 2, "iMac"}; TransferFormula (1.000000, 1.000000, 1.000000)
8/20/14 1:31:09.707 PM NetworkBrowserAgent[591] Starting NetworkBrowserAgent
8/20/14 1:31:10.393 PM apsd[593] Certificate doesn't match host
8/20/14 1:31:11.499 PM com.apple.SecurityServer[15] Session 100010 created
8/20/14 1:31:13.561 PM genatsdb[608] ########## genatsdb Sandboxed. ##########
8/20/14 1:31:13.562 PM apsd[593] Certificate doesn't match host
8/20/14 1:31:13.740 PM com.apple.time[548] Interval maximum value is 946100000 seconds (specified value: 9223372036854775807).
8/20/14 1:31:14.555 PM apsd[593] Certificate doesn't match host
8/20/14 1:31:45.040 PM genatsdb[608] *GENATSDB* FontObjects generated = 1113
8/20/14 1:31:55.663 PM com.apple.time[548] Interval maximum value is 946100000 seconds (specified value: 9223372036854775807).
8/20/14 1:32:20.627 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.627 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.627 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.627 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.628 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.628 PM WindowServer[75] dict count after removing entry for window 0x2a is 0
8/20/14 1:32:20.641 PM com.apple.launchd[1] (com.apple.quicklook.satellite.4D0B4319-944D-49A6-A515-02F31AE3C235[628]) Could not terminate job: 3: No such process
8/20/14 1:32:20.641 PM com.apple.launchd[1] (com.apple.quicklook.satellite.4D0B4319-944D-49A6-A515-02F31AE3C235[628]) Using fallback option to terminate job...
8/20/14 1:32:20.645 PM coreservicesd[65] SendFlattenedData, got error #268435459 (ipc/send) invalid destination port from ::mach_msg(), sending notification kLSNotifyApplicationDeath to notificationID=188
8/20/14 1:32:20.647 PM coreservicesd[65] SendFlattenedData, got error #268435460 (ipc/send) timed out from ::mach_msg(), sending notification kLSNotifyApplicationDeath to notificationID=147
8/20/14 1:32:20.647 PM coreservicesd[65] SendFlattenedData, got error #268435460 (ipc/send) timed out from ::mach_msg(), sending notification kLSNotifyApplicationDeath to notificationID=194
8/20/14 1:32:20.648 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.648 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.648 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.648 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.648 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.716 PM loginwindow[44] DEAD_PROCESS: 44 console
8/20/14 1:32:20.891 PM com.apple.time[548] Interval maximum value is 946100000 seconds (specified value: 9223372036854775807).
8/20/14 1:32:20.929 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.929 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.929 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.929 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.929 PM WindowServer[75] CGXGetConnectionProperty: Invalid connection 32023
8/20/14 1:32:20.930 PM coreservicesd[65] SendFlattenedData, got error #268435459 (ipc/send) invalid destination port from ::mach_msg(), sending notification kLSNotifyApplicationDeath to notificationID=158
8/20/14 1:32:22.259 PM WindowServer[75] CGXRestartSessionWorkspace: session workspace exited for session 256 (on console)
8/20/14 1:32:22.259 PM WindowServer[75] Session 256 released (1 references)
8/20/14 1:32:22.259 PM WindowServer[75] Session 256 released (0 references)
8/20/14 1:32:22.259 PM WindowServer[75] loginwindow connection closed; closing server.
8/20/14 1:32:22.268 PM apsd[593] CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102)
8/20/14 1:32:22.285 PM loginwindow[653] Login Window Application Started
8/20/14 1:32:22.299 PM UserEventAgent[11] Captive: [UserAgentDied:139] User Agent @port=45319 Died
8/20/14 1:32:22.310 PM ARDAgent[574] CGSGetNextEventRecord (Inline) connection 0xb903, 16384 bytes
8/20/14 1:32:22.310 PM ARDAgent[574] CGSShutdownServerConnections: Detaching application from window server
8/20/14 1:32:22.310 PM ARDAgent[574] CGSDisplayServerShutdown: Detaching display subsystem from window server
8/20/14 1:32:22.311 PM blued[58] -[CBManager init] init returning self:0x7ff6a3b04990
8/20/14 1:32:22.329 PM WindowServer[654] Server is starting up
8/20/14 1:32:22.330 PM WindowServer[654] Session 256 retained (2 references)
8/20/14 1:32:22.330 PM WindowServer[654] Session 256 released (1 references)
8/20/14 1:32:22.333 PM WindowServer[654] Session 256 retained (2 references)
8/20/14 1:32:22.333 PM WindowServer[654] init_page_flip: page flip mode is on
8/20/14 1:32:22.357 PM WindowServer[654] mux_initialize: Couldn't find any matches
8/20/14 1:32:22.367 PM WindowServer[654] GLCompositor enabled for tile size [256 x 256]
8/20/14 1:32:22.367 PM WindowServer[654] CGXGLInitMipMap: mip map mode is on
8/20/14 1:32:22.424 PM WindowServer[654] WSMachineUsesNewStyleMirroring: true
8/20/14 1:32:22.425 PM WindowServer[654] Display 0x04280480: GL mask 0x1; bounds (0, 0)[1920 x 1080], 30 modes available
Main, Active, on-line, enabled, built-in, boot, Vendor 610, Model a012, S/N 0, Unit 0, Rotation 0
UUID 0x000006100000a0120000000004280480
8/20/14 1:32:22.425 PM WindowServer[654] Display 0x003f003e: GL mask 0x4; bounds (0, 0)[0 x 0], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 2, Rotation 0
UUID 0xffffffffffffffffffffffff003f003e
8/20/14 1:32:22.425 PM WindowServer[654] Display 0x003f003d: GL mask 0x2; bounds (0, 0)[0 x 0], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 1, Rotation 0
UUID 0xffffffffffffffffffffffff003f003d
8/20/14 1:32:22.429 PM WindowServer[654] Created shield window 0x4 for display 0x04280480
8/20/14 1:32:22.429 PM WindowServer[654] Created shield window 0x5 for display 0x003f003e
8/20/14 1:32:22.429 PM WindowServer[654] Created shield window 0x6 for display 0x003f003d
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x04280480: GL mask 0x1; bounds (0, 0)[1920 x 1080], 30 modes available
Main, Active, on-line, enabled, built-in, boot, Vendor 610, Model a012, S/N 0, Unit 0, Rotation 0
UUID 0x000006100000a0120000000004280480
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x003f003e: GL mask 0x4; bounds (2944, 0)[1 x 1], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 2, Rotation 0
UUID 0xffffffffffffffffffffffff003f003e
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x003f003d: GL mask 0x2; bounds (2945, 0)[1 x 1], 1 modes available
off-line, enabled, Vendor ffffffff, Model ffffffff, S/N ffffffff, Unit 1, Rotation 0
UUID 0xffffffffffffffffffffffff003f003d
8/20/14 1:32:22.431 PM WindowServer[654] CGXPerformInitialDisplayConfiguration
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x04280480: MappedDisplay Unit 0; Vendor 0x610 Model 0xa012 S/N 0 Dimensions 18.70 x 10.51; online enabled built-in, Bounds (0,0)[1920 x 1080], Rotation 0, Resolution 1
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x003f003e: MappedDisplay Unit 2; Vendor 0xffffffff Model 0xffffffff S/N -1 Dimensions 0.00 x 0.00; offline enabled, Bounds (2944,0)[1 x 1], Rotation 0, Resolution 1
8/20/14 1:32:22.431 PM WindowServer[654] Display 0x003f003d: MappedDisplay Unit 1; Vendor 0xffffffff Model 0xffffffff S/N -1 Dimensions 0.00 x 0.00; offline enabled, Bounds (2945,0)[1 x 1], Rotation 0, Resolution 1
8/20/14 1:32:22.522 PM WindowServer[654] GLCompositor: GL renderer id 0x01022647, GL mask 0x00000007, accelerator 0x00003fab, unit 0, caps QEX|QGL|MIPMAP, vram 512 MB
8/20/14 1:32:22.527 PM WindowServer[654] GLCompositor: GL renderer id 0x01022647, GL mask 0x00000007, texture units 8, texture max 16384, viewport max {16384, 16384}, extensions FPRG|NPOT|GLSL|FLOAT
8/20/14 1:32:22.530 PM loginwindow[653] **DMPROXY** Found `/System/Library/CoreServices/DMProxy'.
8/20/14 1:32:22.557 PM WindowServer[654] Created shield window 0x7 for display 0x04280480
8/20/14 1:32:22.557 PM WindowServer[654] Display 0x04280480: MappedDisplay Unit 0; ColorProfile { 2, "iMac"}; TransferFormula (1.000000, 1.000000, 1.000000)
8/20/14 1:32:22.609 PM launchctl[657] com.apple.findmymacmessenger: Already loaded
8/20/14 1:32:22.613 PM hidd[49] CGSShutdownServerConnections: Detaching application from window server
8/20/14 1:32:22.613 PM hidd[49] CGSDisplayServerShutdown: Detaching display subsystem from window server
8/20/14 1:32:22.621 PM com.apple.SecurityServer[15] Session 100012 created
8/20/14 1:32:22.622 PM loginwindow[653] Login Window Started Security Agent
8/20/14 1:32:22.666 PM com.apple.dock.extra[644] Our bootstrap port disappeared out from under us: 0x1507 { urefs = 32774, rights = 0x1507: dead name }
8/20/14 1:32:22.667 PM com.apple.dock.extra[644] Bug: 12F45: libxpc.dylib + 36100 [70BC645B-6952-3264-930C-C835010CCEF9]: 0x10000003
8/20/14 1:32:22.681 PM UserEventAgent[659] cannot find useragent 1102
8/20/14 1:32:22.686 PM com.apple.dock.extra[644] Check-in to the service com.apple.imagent.desktop.auth failed. This is likely because you have either unloaded the job or the MachService has the ResetAtClose attribute specified in the launchd.plist. If present, this attribute should be removed.
8/20/14 1:32:22.693 PM SecurityAgent[665] MacBuddy was run = 0
8/20/14 1:32:22.695 PM com.apple.dock.extra[644] CGSGetNextEventRecord (Inline) connection 0xc917, 16384 bytes
8/20/14 1:32:22.695 PM com.apple.dock.extra[644] CGSShutdownServerConnections: Detaching application from window server
8/20/14 1:32:22.695 PM com.apple.dock.extra[644] CGSReleaseShmem : Cannot release shared memory
8/20/14 1:32:22.695 PM com.apple.dock.extra[644] CGSDisplayServerShutdown: Detaching display subsystem from window server
8/20/14 1:32:22.696 PM com.apple.dock.extra[644] Our bootstrap port disappeared out from under us: 0x1507 { urefs = 32774, rights = 0x1507: dead name }
8/20/14 1:32:22.696 PM com.apple.dock.extra[644] Bug: 12F45: libxpc.dylib + 36100 [70BC645B-6952-3264-930C-C835010CCEF9]: 0x10000003
8/20/14 1:32:22.696 PM com.apple.dock.extra[644] [Warning] Bad response from daemon for setup info
8/20/14 1:32:22.704 PM WindowServer[654] MPAccessSurfaceForDisplayDevice: Set up page flip mode on display 0x04280480 device: 0x106d8d110 isBackBuffered: 1 numComp: 3 numDisp: 3
8/20/14 1:32:24.429 PM WindowServer[654] **DMPROXY** (2) Found /System/Library/CoreServices/DMProxy'.
8/20/14 1:32:24.459 PM WindowServer[654] Display 0x04280480: MappedDisplay Unit 0; ColorProfile { 2, "iMac"}; TransferFormula (1.000000, 1.000000, 1.000000)
8/20/14 1:32:24.500 PM WindowServer[654] Display 0x04280480: MappedDisplay Unit 0; ColorProfile { 2, "iMac"}; TransferFormula (1.000000, 1.000000, 1.000000)
8/20/14 1:32:24.695 PM com.apple.dock.extra[644] Our bootstrap port disappeared out from under us: 0x1507 { urefs = 32774, rights = 0x1507: dead name }
8/20/14 1:32:24.696 PM com.apple.dock.extra[644] Bug: 12F45: libxpc.dylib + 36100 [70BC645B-6952-3264-930C-C835010CCEF9]: 0x10000003
8/20/14 1:32:24.696 PM com.apple.dock.extra[644] [Warning] Bad response from daemon for setup info
8/20/14 1:32:40.928 PM com.apple.launchd[1] (com.apple.dock.extra[644]) Exit timeout elapsed (20 seconds). Killing
8/20/14 1:32:40.928 PM coreservicesd[65] SendFlattenedData, got error #268435459 (ipc/send) invalid destination port from ::mach_msg(), sending notification kLSNotifyApplicationDeath to notificationID=202
8/20/14 1:33:35.215 PM SecurityAgent[665] User info context values set for jsuny
8/20/14 1:33:35.297 PM SecurityAgent[665] Login Window login proceeding
8/20/14 1:33:36.387 PM loginwindow[653] Login Window - Returned from Security Agent
8/20/14 1:33:36.000 PM kernel[0] Sandbox: kcm(695) deny mach-lookup com.apple.networkd
8/20/14 1:33:36.453 PM loginwindow[653] USER_PROCESS: 653 console
8/20/14 1:33:37.052 PM locationd[708] NOTICE,Location icon should now be in state 0
8/20/14 1:33:37.107 PM UserEventAgent[700] cannot find fw daemon port 1102
8/20/14 1:33:37.683 PM xpcd[611] MiniLauncher[711]: registration request failed: (0x12, 0xd) process failed sandbox check
8/20/14 1:33:37.907 PM WindowServer[654] **DMPROXY** (2) Found `/System/Library/CoreServices/DMProxy'.
8/20/14 1:33:38.011 PM coreservicesd[65] SendFlattenedData, got error #268435460 (ipc/send) timed out from ::mach_msg(), sending notification kLSNotifyApplicationReady to notificationID=237
8/20/14 1:33:38.114 PM WindowServer[654] Display 0x04280480: MappedDisplay Unit 0; ColorProfile { 2, "iMac"}; TransferFormula (1.000000, 1.000000, 1.000000)
8/20/14 1:33:38.395 PM imagent[737] [Warning] Setting up a new messages database.
8/20/14 1:33:38.428 PM NetworkBrowserAgent[747] Starting NetworkBrowserAgent
8/20/14 1:33:40.068 PM com.apple.time[700] Interval maximum value is 946100000 seconds (specified value: 9223372036854775807).
8/20/14 1:33:40.069 PM com.apple.time[700] Interval maximum value is 946100000 seconds (specified value: 9223372036854775807).
8/20/14 1:33:43.910 PM netbiosd[89] name servers down?
8/20/14 1:33:56.635 PM netbiosd[89] notify name "self.mdns.disconnection" has been registered 20 times - this may be a leak
8/20/14 1:33:56.639 PM netbiosd[89] notify name "self.mdns.disconnection" has been registered 40 times - this may be a leak
8/20/14 1:34:49.927 PM netbiosd[89] name servers down?
8/20/14 1:35:54.977 PM netbiosd[89] name servers down?
USER LOG:
8/20/14 1:31:03.956 PM com.apple.launchd.peruser.1467285364[536] (com.apple.gamed) Ignored this key: UserName
8/20/14 1:31:03.956 PM com.apple.launchd.peruser.1467285364[536] (com.apple.gamed) Ignored this key: GroupName
8/20/14 1:31:03.957 PM com.apple.launchd.peruser.1467285364[536] (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
8/20/14 1:31:03.961 PM loginwindow[44] Connection with distnoted server was invalidated
8/20/14 1:31:04.013 PM distnoted[549] # distnote server agent absolute time: 799.097924175 civil time: Wed Aug 20 13:31:04 2014 pid: 549 uid: 1467285364 root: no
8/20/14 1:31:08.954 PM com.apple.launchd.peruser.1467285364[536] (com.apple.afpstat-qfa[588]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory
8/20/14 1:31:08.955 PM com.apple.launchd.peruser.1467285364[536] (com.apple.afpstat-qfa[588]) Job failed to exec(3) for weird reason: 2
8/20/14 1:31:08.958 PM com.apple.launchd.peruser.1467285364[536] (com.google.keystone.user.agent[590]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory
8/20/14 1:31:08.958 PM com.apple.launchd.peruser.1467285364[536] (com.google.keystone.user.agent[590]) Job failed to exec(3) for weird reason: 2
8/20/14 1:31:12.394 PM com.apple.launchd.peruser.1467285364[536] (com.apple.mrt.uiagent[578]) Exited with code: 255
8/20/14 1:31:15.132 PM SystemUIServer[557] Could not load menu extra NSBundle </System/Library/CoreServices/Menu Extras/User.menu> (loaded) for Class AppleUser
8/20/14 1:32:20.642 PM com.apple.launchd.peruser.1467285364[536] (com.apple.quicklook[626]) Exited: Killed: 9
8/20/14 1:32:20.647 PM com.apple.launchd.peruser.1467285364[536] (com.apple.mdworker.single.08000000-0000-0000-0000-000000000000[641]) Exited: Killed: 9
8/20/14 1:32:20.647 PM com.apple.launchd.peruser.1467285364[536] (com.apple.mdworker.shared.04000000-0000-0000-0000-000000000000[635]) Exited: Killed: 9
8/20/14 1:32:20.783 PM Dock[556] could not open iterator, -43, for directory <ECDirectory: 0x7fd8ac846970> {path=/Users/jsuny/Documents/} (directory changed)
8/20/14 1:32:20.783 PM Dock[556] problem iterating directory, -43, for directory <ECDirectory: 0x7fd8ac846970> {path=/Users/jsuny/Documents/} (directory changed)
8/20/14 1:32:22.310 PM ARDAgent[574] HIToolbox: received notification of WindowServer event port death.
8/20/14 1:32:22.311 PM ARDAgent[574] port matched the WindowServer port created in BindCGSToRunLoop
8/20/14 1:32:22.694 PM com.apple.dock.extra[644] HIToolbox: received notification of WindowServer event port death.
8/20/14 1:32:22.694 PM com.apple.dock.extra[644] port matched the WindowServer port created in BindCGSToRunLoop
8/20/14 1:33:36.504 PM com.apple.launchd.peruser.1467285364[536] (com.apple.gamed) Ignored this key: UserName
8/20/14 1:33:36.504 PM com.apple.launchd.peruser.1467285364[536] (com.apple.gamed) Ignored this key: GroupName
8/20/14 1:33:36.505 PM com.apple.launchd.peruser.1467285364[536] (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
8/20/14 1:33:36.517 PM loginwindow[653] Connection with distnoted server was invalidated
8/20/14 1:33:37.429 PM MiniLauncher[711] Skipping Setup Assistant for user 1467285364
8/20/14 1:33:37.464 PM transition[714] INFO: Not signed into MobileMe, nothing to do. Reason: 3
8/20/14 1:33:37.506 PM MiniLauncher[711] INFO: MMAccountMgr_Private: finishedSetup called.
8/20/14 1:33:38.180 PM com.apple.launchd.peruser.1467285364[536] (com.apple.afpstat-qfa[744]) Job failed to exec(3). Setting up event to tell us when to try again: 2: No such file or directory
8/20/14 1:33:38.180 PM com.apple.launchd.peruser.1467285364[536] (com.apple.afpstat-qfa[744]) Job failed to exec(3) for weird reason: 2
8/20/14 1:33:38.489 PM CalendarAgent[741] Could not find Meta Data for persistent Store
8/20/14 1:33:38.877 PM fontd[716] FontWorker failed to return directory info (IPC failure?) for file://localhost/Users/jsuny/Library/Fonts/
8/20/14 1:34:48.723 PM migCacheCleanup[719] Cache cleanup: cleanup for user 1467285364 took 0.43 seconds
8/20/14 1:37:15.114 PM Dock[723] no information back from LS about running process
Check these out:
http://images.apple.com/server/macosx/docs/UserManagementv10.5.mnl.pdf
http://clc.its.psu.edu/Labs/Mac/Resources/blastimageconfig/
http://blog.macadmincorner.com/
Similar Messages
-
User Profile Service - Permission for Service User to Read All (also "only me fields")
Hey there,
we have a webapplication that needs to read all info from a user profile. Even if it is set to "only me".
I want to set the least privileges needed. So set the user to "Manage Profiles" in the CA seems to be wrong.
How can i achieve that?
Best regards
StephanYou could run that piece of code in the vacation app using "runwithelevatedprivileges". That may also resolve it, as it will be running under the context of the App Pool account (which you could grant the appropriate rights on the UPSA).
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Applet will not load for new user until IE is opened
I have a C# project that runs an embedded web browser. When the project installer runs it will load java if it is not on the computer. Everything works fine for the admin user. When I switch to a new user and try to run the embedded web browser the applet just shows the red x in the top corner. Oddly enough, if you open IE and then try to run the applet again the applet will run properly. Has anyone run into this situation before?
I have a C# project that runs an embedded web browser. When the project installer runs it will load java if it is not on the computer. Everything works fine for the admin user. When I switch to a new user and try to run the embedded web browser the applet just shows the red x in the top corner. Oddly enough, if you open IE and then try to run the applet again the applet will run properly. Has anyone run into this situation before?
-
hi
i'd like to ask for help.here is a brief introduction.
i publish a web project on a server(the name,"server-deploy"),(it connect with sql server datavvase with connection string of database "Trusted_Connection=Yes",with web config file <authentication
mode="Windows" /> <identity impersonate="true"/>
there are some users whose Impersonae_clients_after_authentication are enabled. and most of them can connect to database via the deployed project .
but one user,he was told 'NT AUTHORITY\ANONYMOUS LOGON', and according to even viewer("security of "windows log") of "server-deploy",it shows "Audit failure"(the Task category is "credential validation")
and here is some information
[ Name] Microsoft-Windows-Security-Auditing
EventID 4776
The computer attempted to validate the credentials for an account.
PackageName MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
TargetUserName (user)
Workstation (Workstation)
Status 0xc0000064
while when other user do login ,there is no log whose Task category is "credential validation".
COULD ANY ONE CAN DO ME A FAVOR TO HELP ME?ANY HELP IS APPRECIAT. THANK U VERY MUCH IN ADVANCE :)
best regards
martinand i made a small windows form application here
private bool impersonateValidUser(String userName, String domain, String password)
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if (RevertToSelf())
if (LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
CloseHandle(token);
CloseHandle(tokenDuplicate);
return true;
if (token != IntPtr.Zero)
CloseHandle(token);
if (tokenDuplicate != IntPtr.Zero)
CloseHandle(tokenDuplicate);
return false;
and here is the code of buttonclick
if (impersonateValidUser(user,psw,doman))
if (!System.IO.Directory.Exists(this.textBox1.Text))
MessageBox.Show("not exist with imper");
else
MessageBox.Show("exist with imper");
undoImpersonation();
else
MessageBox.Show("fail login.");
and i was told "exist with imper"(usually if Impersonae_clients_after_authentication is not enaled would told "not exist with imper" ) -
ICloud for pages app not working on network users having home folder on Mac Mini Lion server
Does anyone know how to make iCloud for pages work on network users having home folder on server, having home folder on local Client iCloud for Pages works fine but when home folder is on Server iCloud for Pages app does not work. My Clients are Running Mountain Lion 10.8.2, my Server is a Mac Mini Lion Server.
Hi Tim,
No fix yet, my home folders reside on a thunderbolt external hard drive, I also tested having home folders on default server HD and no changes, I called Apple Support a while ago, they replicated the issue, it just does not work on network users, they did not say when will it be fix.
The version of Pages I am using is from the Apple Store.
Hector -
Thunderbird Mission Control Desktop/AutoConfig not working for some users
I have the file: "C:\Program Files (x86)\Mozilla Thunderbird\defaults\pref\custom.js"
It contains:
pref("general.config.obscure_value", 0);
pref("general.config.filename", "TMcustom.cfg");
I have the file: "C:\Program Files (x86)\Mozilla Thunderbird\TMcustom.cfg"
It contains:
var promptService = Components.classes["@mozilla.org/embedcomp/prompt-service;1"]
.getService(Components.interfaces.nsIPromptService);
promptService.alert(null, "title", "testing");
For most of my users the alert pops up fine when I start Thunderbird, but for a few it doesn't. All of the machines where setup with the same install script. If I log into one of the machines where it's not working as a different user, then it works fine, so I know the files are in the right spot. So why would it not work for specific users? Is there something in the user's Windows profile that could cause it to not work? Or are there any other suggestions?As it turns out this was a known bug that was corrected in the recent release of Java 7_65 and Java 8_11. Here is a link to the bug description in the database.
Bug ID: JDK-8019274 RMI thread can no longer call out to AWT thread for webstart app -
MAM application is not working for some users
Hi All,
Tha MAM application is not working for some users.Different users have different workcenters other than that I dont see any other change. When I run MAM30_090_GETLIST in the backend I can see the no of customized users.But I cant see same no of users in the MEREP_207 table for the Syncbo MAM30_090 and strcture id TOP in the middleware. There is a data when I checked under worklist monitor for that user. But neither the MAM application nor MAM data is downloading to that device.
If I use different user on the same device I can see the MAM application and MAM data.
What could be the wrong in this case. Any help would be highly appreciated.
Mobile Client:MI 70 SP 15 Patch 0 Build 200802280918
Middleware:SAP NetWeaver 2004s with Patch leve 15
Backend:SAP ECC 6.0
Application:MAM 3.0
Thanks and Regards,
Ameer.Hi,
from your description the source of your issue is quite obvious: some of the MAM users configured in spro are not configured properly.
For T01 SyncBos the number of TOP records in merep_207 MUST be the same as number of headers returned by an appropriate getList FM in the backend.
You need to solve this before you can go any further.
Reason why a record is not recorded in MEREP_207 - getdetail failed for whatever reason. So execute MAM30_ML_getdetail for each of the users that is not replicated in the middleware and check if there are errors in RETURN table. If there is no error - one of the common reason for replication fail is when there are records in item tables that have duplicate primary keys.
Regards,
Larissa Limarova -
Synaptics touchpad on HP Mini 110 Windows 7 32 Bit - not working for one user - working for another
Hi,
I recently have an issue with Synaptics touchpad on HP Mini 110 Windows 7 32 Bit - NOT working for one user - working for another.
Windows 7 updates recently installed ???
By checking the device properties on the user that works - "Synaptics PS/2 Port Touchpad 13/10/2011 Version 15.3.29.0"
When the other user logs on, the touchpad works for a few seconds, then a displays a black square with a red diagonal line through it, then the touchpad won't respond. Trying to use the keypad to navigate to system diagnosics or anything to find further info is useless....Hey eagle_no11,
Thank you for joining the HP Support Community!
I will do my best in assisting to hopefully get the TouchPad to work on the second user profile.
What I would like to start off with, is to restore the original Synaptics drivers onto the profile that is not working correctly. I have included the document Using Recovery Manager to Restore Software and Drivers (Windows 7).
Once you have installed the original drivers, you will need to complete all updates from both HP, as well as Windows. For these updates, if you open the HP Support Assistant, and select Maintain, you should see an option for updating.
Please let me know how these steps do work out for you.
Have a great day!
I worked on behalf of HP -
Mysite is not opening for particular user
Hi,
We have configured User profile service application with permission to create mysite in our environment. One particular user is not able to open mysite. When try to open mysite it generate an unexpected error message and given correlation ID. When followed
the log file with reference to correlation ID. I found following error in ULS.
My Site: PersonalSpaceRedirect: Unknown error: System.Threading.ThreadAbortException: Thread was being aborted.
at Microsoft.SharePoint.Portal.WebControls.PersonalSpaceRedirect.RedirectToPublicPage(SPWeb web)
at Microsoft.SharePoint.Portal.WebControls.PersonalSpaceRedirect.LoadControl(Object sender, EventArgs a).
Please notice that this is for a single user so we dont to recreate the user profile service application for restore database. Any help is higly appreciated.
Regards,
JituI am having the same issue. I traced it to a problem with the Microsoft.SharePoint.Portal.WebControls.PersonalSpaceRedirect part on default.aspx. I'm still not sure what the underlying issue is, though. This is in SharePoint 2013 SP 1.
-
Thousands of "mail is not enabled for this user"
Someone is sending my domain email to thousands of non existent mail accounts. It's like they are combining every possible prefix to my domain they know of. It's been going on for weeks. The Mail service, however, is not being brought down by this at all. So I don't know what kind of attack this is or how to stop it.
Can someone help me? Below is a minute section of my System log:
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
Dec 31 15:08:55 nameserver lmtpunix[19165]: warning: unable to post message for user: [email protected], mail is not enabled for this user
------------------Two possibilities - both fall under the heading 'reconaissance by e-mail'. A spammer or hacker will try 1000's of common names, then look at which ones didn't bounce to determine which ones have accounts on your system.
They then have a comprehensive list of account names on your server, and can proceed to attempt likely passwords for each, or send endless spam to your users. Either one is a Bad Thing, doubly so if you've got any accounts that you created just to test things, and have weak passwords, but you've always counted on nobody knowing they exist.
At one point, I actually had a 'testuser' account that had 'testuser' as the password - I just hadn't remembered to delete it after I was done testing. It's very common for a system to have a couple of these hanging around. I didn't have trouble with it, but looking for and getting rid of these is critical.
Either way, the immdiate solution is to go Server Admin->Mail->Settings->Relay, and add the IP address(es) of the senders to the 'Refuse all messages from these hosts or networks' section. Mail attempts will still show up in your SMTP log, but they'll look like this one I got this morning (one of dozens):
Jan 3 11:07:33 miniserver postfix/smtpd[1440]: NOQUEUE: reject: RCPT from unknown[66.180.115.17]: 554 <unknown[66.180.115.17]>: Client host rejected: Access denied; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<xptwfs.gov>
Next is to take a look at your password policies - if you've got strong password policies (must include characters and numbers, must be 7 characters or longer, etc., you're probably OK, but if anyone has weak passwords, or god forbid, uses their userid as their password, you're pretty vulnerable.
It's also worth noting that someone with a full list of your users has a fair number of tools for improved odds of phishing, or spear-phishing, where they create finely targeted mails that say things like 'Bob Smith told me to contact you for your password', and look very real. A warning mail to your users to remind them that they need to keep passwords secret, and be cautious about mail, even if it appears to know something about them, would be good. I wouldn't specify that you've been recon'd, just a general 'New Year Security Reminder' or some such.
Hope this helps! -
ERROR: XIAFUSER user is not configured for keystore.....
Hi all,
When I am running the an adpater on XI that uses digital signatures that I have loaded into the TrustedCA's keystore view I get this error in my monitor.
ERROR: XIAFUSER user is not configured for keystore TrustedCA's.
How do I configure a user for a specific keystore?
Kind Regards,
ChrisHi
You can find it from XI config doc here
https://websmp106.sap-ag.de/~sapidb/011000358700001697502004E.PDF
Also refer installation & post installation from here
https://websmp106.sap-ag.de/~sapidb/011000358700009389172004E.PDF
Cheers
Jawahar Govindaraj
PS:Reward pts -
C4C & Lotus Notes integration for service users
Hi,
I tried to find information about C4C and Lotus Notes integration for service users without success. User manual says on Sales both Outlook and Notes, but in Service only Outlook. Does Lotus Notes add-in work for service users similar than sales users? Is there anywhere demo video for that? I can only found demo video for sales (SAP Sales OnDemand Outlook Integration Demo (new) - YouTube).
-AatosHi Aatos,
The Lotus notes integration currently supports the "Field Service" role in Cloud for Service where you are primarily servicing customers in the the field and have direct email communications with your customers. In this use-case, similar to "Field Sales" (AKA SFA Users) in Cloud for Sales, you can receive an email from a customer, get information about that customer from Cloud for Customer via the Lotus Integration, and be able to upload that email into Cloud for Customer as an email activity to track the email correspondence between the user and the customer.
However, the Lotus notes integration does not support the "Call Center" role in Cloud for Service where you are a contact center agent in a centralized service center processing emails that are routed into a common inbox and all correspondence is sent out in behalf of a central inbox such as [email protected] In this usecase all emails automatically create tickets and all emails both inbound and outbound are automatically recorded as email activities without customer or user intervention. The email client for this usecase is either a C4C email client or Windows Outlook Client as you found in the documentation.
Thanks,
Rei -
Logged on user is not provisioned for this application
I created(shared services) the one user in the ldap not in native directory, i given provision in such a application to user ...
i try to login that user but the message was displayed " *Logged on user is not provisioned for this application*"
Pls help me
ThanksHi
have you given authority in the application groups for the different profiles for that specific user too?
a common error is giving a user right on the application and omitting to give it in application groups in shared services. -
After Upgradation BPF is not working for some users
Hi All,
We have recently upgraded from BPC 5.1 to 7MS SP7. we are having multi server setup with one application / reporting server (windows 2003 and one sql server 2008 (windows 2003 64 bit).
Intially before upgradation we don't have any issues with BPF and it worked fine for all users. But post upgradation tasks within the BPF does not work for other users except for the first two people who first used it. Other users have the same rights as the ones who can access the tasks.
when they click on the link it gets them to eExcel and the right application but doesnt open the package or report assigned to the task. It doesn't give us any errors, on the status bar we get a message finalising but does not getting any thing.
Any inputs ??Hi,
Are you sure that those users have installed BPC 7 SP7 clients on their machine? Meaning that you uninstalled 5.1 clients and installed the new client from http://servername/Osoft?
If yes, you should maybe run a client diagnostic on the machines and also check the Management Console for any error messages.
Hope this will drive you to a potential solution.
Best Regards,
Patrick -
Line items are not appearing for some users
Hi
In one module pool program some line items are not appering for specific users. For Ex: Out of 5 line items user1 is able to see only 3 and user2 able to see all the line items. what might be the reason.
Regards
John.Hi,
What do you mean by line items? Are you talking about screen fields in your module pool program or output of the program?
Please clarify your issue.
Regards,
RS
Maybe you are looking for
-
I created a view in program unit (procedure). when new form instance I call this and created a block base with this view it has detail block I have one column chk varchar2(1) it is a check box I need when I check this box chk will be 'Y' I mean updat
-
Calculation of basic dates and schedule dates
I update material master from routing with CA97 to material master work scheduling data with base quantity 1000 When MRP running, planned order for 54000 PCS is schedule with work scheduling data. when i schedule planned order (change) the calculatio
-
Mappings disappeared in OWB...
I have a problem with several mappings that have disappeared from OWB. If I try to export the entire project to an MDL, it will fail. If I try to recreate one of the mappings, it says the object already exists. Is there any way to recover the mapping
-
Confused about nonGUI beans and events
The crux of this is the question "When will a NON GUI bean use events to communicate?" Articles I have read advocate that Beans are not just GUI components, and I agree. However I've only ever seen examples of GUI Beans! I am writing a non GUI Bean t
-
Rtorrent-mod: rtorrent with a nicer interface
I don't know if this is the right sub forum or if this is supposed to go to artwork. Anyway, I made a small rewrite of rtorrent main screen: added features: - added colors - torrent display shortened to 2 lines, better visibility - added peer count t