Help Needed - Network user login

Hi Guys,
Need help.
I Have a network of imac's which connect to a leopard server OD master. All my user can log on apart from one machine, where none of the users can log in to.
I have checked the username and passwords and are all correct, but on this one machine the logon screen just shakes just like when a incorrect password is entered.
Any ideas

I'm not sure if this is relevant to your situation (which has probably been long solved), but it might help others reading this thread: I've been experiencing a similar problem with network users not being able to log onto a machine and I learned from this thread (http://discussions.apple.com/thread.jspa?threadID=1788420&tstart=30) that network users must have a home directory defined in WGM, even if you're not using networked home directories. Admittedly, the fact that your users could log in from all but one machine suggests that the problem was more likely on the client machine than the server.

Similar Messages

  • Network User Login Hangs at 'loginwindow' Occasionally

    The client is a macbook pro (2012) with 10.8.5, the server is a mac mini also running 10.8.5 (w/ OSX Server).
    Network user logins usually work fine.  About 10% of the time, however, the loginwindow displays a spinning beachball endlessly after the name/password are supplied.  The workaround is to login to the client via ssh and 'kill -HUP' the user's loginwindow process; then the next login attempt will work.
    Examining logs, I find that the 2nd through 4th lines of the following sequence of messages appear on the client in the case of the above failure (in the case of a successful login, only the first line appears)...
        Apr 26 08:20:06 whbbook.local WindowServer[153]: Display 0x04248a6a: MappedDisplay Unit 2; ColorProfile { 2, "Thunderbolt Display"}; TransferFormula (1.000000, 1.000000, 1.000000)
        Apr 26 08:20:07 whbbook.local SystemUIServer[36439]: CGSCopyWindowShape: pid (36439) passed NULL window
        Apr 26 08:20:07 whbbook.local SystemUIServer[36439]: could not update menu bar region, 1000
        Apr 26 08:20:07 whbbook.local SystemUIServer[36439]: CGSSetWindowTransformAtPlacement: Singular matrix [0.000 0.000 0.000 0.000]
    Google reveals nothing helpful for the search phrase 'SystemUIServer CGSCopyWindowShape'.  I suspect the underlying cause of the symptom has to do with the fact that SystemUIServer ended up with a NULL window.
    I've already done the usual 'couurtesy' steps of a disk permission repair and a safe boot on both machines.
    Any interpretation of this, or recommendations?

    Check if this works :
    http://social.technet.microsoft.com/Forums/windows/en-US/452798be-30fb-4357-bd6f-827976e3637a/please-wait-for-the-user-profile-service-slow-logon?forum=winservergen
    Arnav Sharma | Facebook |
    Twitter Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members
    reading the thread.

  • Need help with network user accounts on Mac server App on Yosemite, any tips?

    I've been trying to set up a small network with the Server app on Yosemite. I don't want to do anything crazy with the server, I'd just like to know how I can set up network user accounts so that they can login from other Mac computers on the same network. I already have Open directory set up, the Macs that will be used on the network with the server have already been joined to the server under login options. I have created the network user account, I have also joined the user account to a group that I created. When I try to login to the network account from one of the Macs, it doesn't work. I'm pretty rookie with Mac server, can anyway give me any pointers of what I should be doing? Or if I am doing something wrong. Thanks guys.

    The most important step, once you've got Open Directory and DNS set up, with Local Network Users set up in Server.app, is to make sure that all client Macs are using the server's IP address as the primary DNS server in System Preferences > Network, and that they have joined the Network server in System Preferences > Users and Groups > Login Options.
    Having said all that, I have just spent hours setting this all up only to find out that Mail doesn't currently work with Network Homes in 10.10.3 / Server.app 4.1.
    I will be hoping that Apple recognise the bug, and put out a fix soon.

  • Network user login keychain

    Guys,
    Got one of my network users using his network account - he has an RSS aggregator that's continually popping up and asking to use his login keychain password. I mean "continually" - 20-25 times a day. Now the reason it needs it is fine - he's accessing feeds from one of our own wiki servers which also authenticates using his network user account, however I've set it to "Remember this password" to no avail.
    I've even trashed his login keychain and created a brand new one, but still no joy. Has anyone got any incredibly helpful suggestions, lol?
    This is also posted in the 10.6 server section (since that's the OD server that manages his account).
    Thanks (hopefully) in advance,
    Matt

    Ok then, I got one for you. Similar sort of thing. Just created a 10.6 server, created all the relevant users within WGM, then imported the home folders from the previous 10.5 server. Ensured all new UIDs matched the UIDs from the 10.5 WGM because it then simplifies permissions - i.e. all the permissions are recognised by the new server automatically for the right users.
    Now for one of my users, her login keychain is never open by default. When you start Keychain Access (she's on 10.5.8 btw) you get the System keychain and the System Roots list of certificate authorities, but no login keychain.
    Have checked the permissions of her ~/Library/Keychains/ folder and they're correct, as are the permissions for ~/Library/Keychains/login.keychain.
    Double-clicking on the login.keychain file opens it up just fine in Keychain Access, however as soon as you close KA and re-open it, the login keychain's gone again.
    I've tried importing a keychain, adding an existing keychain (obviously the login one) and creating a new keychain called login, none of which work - there's no error, it just ignores me.
    I'd rather not create a temporary user account, transfer all the docsuments/mail etc, delete the original and recreate a new one using the old name and copy everything back, but unless someone can help me out, that's what I'm going to have to do.
    There has to be some guru's out there somewhere that can help???
    Thanks in advance,
    Matt

  • Help with multiple user login script

    Hi, just a little background first to what i want to do...
    I have about 300 Macs in an education environment, they are bound to the AD network for authentication and OSX Server LDAP for forced prefs, the network Home accounts are stored via Apple and Promise Raids on XServes.
    We also have 4 local user accounts on all the Macs for video etc. I have some simple scripts that i would like to force to the local Users only, (empty trash, reset dock. reset desktop pics and delete items etc).
    I have done the script and saved it as a .app and it works on the Macs as a local User login option. However, when I bind the Mac back to the LDAP the local user script stops working. I have seen the option to 'Allow local scripts' to run via WGM, but have not had success here either, (I have ran the 2 EnableMCXLoginScripts on the clients).
    Now I thought I would try to run the script as a Launchdaemon option using Lingon. This works, but its active for all users, I do not want it to delete Network account users Desktops! Is there a way I can add an 'If' option at the beginning of my script. As in..'if users home account is /Network/Sharepoint' then quit.
    I cannot run it as a one script for all Mac setting as the different local users have different Desktop Pics and Docks etc
    Any ideas or other options I could try?
    Any help hugely appreciated.
    C

    V.K, thanks for that, sometimes I just don't see the obvious.
    I have tried it as a ~/Library/LaunchAgents using lingon to create the .plist. I just cannot get it to run though. I have tried it as a .sh .scpt and as a .app file stored in the /Users/Shared folder.
    All will run if I manually launch them after login though. I have made them all executable for all.
    I have also tried to run it without the Mac connected to my LDAP. I have added the relevant folders to the allow list in WGM on the lDAP anyway...
    Any ideas what I could be doing wrong?
    C

  • Network User Login on Server: 2 questions

    I'm configuring a small home network using Mavericks Server and have a question about logins.  My concern is based on this note:
    http://support.apple.com/kb/TS3090
    My configuration:
    iMac 2.9 Ghz Intel Core i5 running Mavericks Server
    MacBook Air 1.8 GHz Intel Core i7, OS 10.7.5
    MacBook Pro  2.5 GHz Intel Core 2 Duo, OS 10.7.5
    MacBook 2 GHz Intel Core 2 Duo, OS 10.6.8
    My goal: serve all accounts from the iMac with networked home directories, allowing users to log in from any machine - including the server - and work.  The above tech note seems to rule this out - but I want to be see if there is a configuration that will allow me this freedom.  We have 4 users and three client computers.
    Thanks!

    I cannot say for sure that concurrently using the server as a client does not work but my two cents are below.
    I do exactly what you are on a slightly larger scale. We have 8 users who share 7 machines. All users can log in on all machines except our server. I have been running an Apple server for the last 20 years.
    I understand the financial impact of adding hardware in a small business. I also don't want to be the guy to tell your idea is not a good one, but general practice for most here is to have a dedicated machine. Mini Server can be bought for $1000. Minis for less and server added for a nominal charge.
    An example why a dedicated server machine would be important:
    Network user has logged in on the server machine and an application they are using crashes and winds up freezing the server. All users are then suffer from problems because their network accounts cannot write back to the server. Open files each user had may wind up corrupted causing loss of productivity or loss of vital data. User preferences may wind up corrupted. Every user in your office now cannot get any work done until you come back to fix it.
    Our dedicated server gets "confused" sometimes, lets say once every few months, and some of the same problems above occur. Periodic reboots reduce problems we face. If you run a server and use it as a client I would expect issues on a weekly basis.
    Hope this helps. Good luck.
    -Erich

  • Mac OSX Lion Server Network User Login Issue

    We have in the office a server running Mac OSX Lion, and several network users who've all been running happily for quite a will.
    About a month ago I was added to the system, and initially we had a few issues relating to the home directory, but we changed 'something' and it all worked.
    Fast forward to now, and we've added a new user - Hannah - to our system.
    I've added her in the Workgroup Manager, and set her up everywhere I can find on the server. Her home directory creates on the server fine.
    She appears in the Logon list on the client machines, and here's where the trouble starts...
    Every time she tries to log on, it fails. The logon box just bounces or wobbles as though the password is incorrect. We've tried changing the password, to no avail. We've tried adding new test users - same problem.
    We've tried sudo kinet on the Terminal as a local user, with variable results.
    I'm at my wits end, and really hoping someone here can help offer some suggestions or advice we can work through to get to the bottom of this.
    Thanks in advance!

    Your problems are likely occurring because you added her to the directory with Workgroup Manager.
    You should really start avoiding WGM when at all possible as Apple is clearly moving away from it. Because of this, things don't always work as expected when using 'legacy' tools like WGM.
    My guess as to what your problem is: When you create a new user in Server.app, two things happen for you automatically that WILL NOT HAPPEN if done from WGM.
    First the user is added to the default "Workgroup" group.
    More importantly (and the source of much confusion), the user is automatically added to SACLs.
    Check the SACL for the user in Server.app, I bet you'll notice that they aren't a member of the File Sharing group like they should be. To solve this problem, you can either delete the user and recreate them in Server.app, or manually add them to the appropriate SACL.
    I would opt for recreating them in Server.app if I were you, as I don't trust user accounts that originate in WGM on Lion Server.

  • Network user login not always correct

    I am using OS X ML (Mac mini server, 8GB RAM, ML 10.5.8) with several clients (mainly iMacs) logging in the OD. Most of the time the login process seems to work OK, but apparently something goes wrong and the trash is not correctly recognised (getting the infamous "items will be deleted immediately"). Logging out and then again in (sometimes this must be done repeatedly - 3 or 4 times) usually settles it and the trash behaves again normally.
    Any idea why?

    The Snow Leopard/Mac mini Server is bound to the Leopard Server directory. And on the Snow Leopard Server the Network Account Server is set to the Leopard Server. The only issue I am having is that I have a network account, but I cannot login into the Snow Leopard Mac Mini server as a network account user, although I can login into the Snow Leopard Mac mini server as every other network account user on my network. AND I can login into my network user account form the other Leopard Client machines in my office.

  • Disable network user login

    Hi forum,
    I installed Mac OS X Server for development reasons in a virtual machine. After I restarted my Mac (not the VM), I had to select a user. The choices are my regular account or other network users.
    As I am not really connected to a Mac OS X Server - how can I get rid of that "other user" option?
    I have already removed "LDAPv3" and "ActiveDirectory" from the directory services list, but this did not help.
    Cheers,
    Sven
    PS: I am running a German version, so I translated freely... therefore the wording might not be accurate.

    I finally found the source of the 'error'. First of all: there was no error, everything works as designed.
    After executing 'dscl . -list /Users UniqueID' I found an user with the ID 501. This user was created by an application I installed in the same session when I ran the OS X Server VM. I did not expect that application to add a new user, so I suspected OS X to be the cause.
    So after all: the topic of my thread is actually wrong. Thank you very much for your time, Björn. I am sorry, that it was a kind of fake error.

  • Help needed - moved user accounts

    I did an upgrade install on my Dual G5 today, but Leopard doesn't know where my users' files are located. I have a very fast (but smaller) HDD for the OS, and moved my user files to a larger HDD. The links were not carried over in the upgrade/install.
    I believe it was a post from Kappy that helped me in moving my user folders initially. Can anyone help me with the needed command line entries needed so that Leopard knows to look to the other HDD for my users?
    Thanks-Gary

    If you've reached the limit of 5 authorisations you have the option once a year to deauthorise them all in one go and start over. By the way, this has nothing to do with the number of products you've purchased and registered. The reason for this is that you have a limit of 5 computers on which you can play purchased content: About iTunes Music Store Authorisation and Deauthorisation
    If your system crashes or your reinstall your operating system without deauthorising iTunes first, even a single computer can use up your limit of 5 authorisations. See also this article: One computer using multiple iTunes Music Store authorizations

  • Help needed about user activities...

    Hi
    How to set password againg using /etc/default/passwd?
    i.e after setting MAXWEEKS=5, users can login to the system without asking them for password change after 5 weeks and if any users do passwd to change his password the above setting (MAXWEEKS=5) will appear on the shadow files on his line.
    I have many users and I need to apply password againg to all of them using /etc/default/passwd. Can its possible?
    Thanks
    Mohammed Tanvir

    Hi
    How to set password againg using /etc/default/passwd?
    i.e after setting MAXWEEKS=5, users can login to the system without asking them for password change after 5 weeks and if any users do passwd to change his password the above setting (MAXWEEKS=5) will appear on the shadow files on his line.
    I have many users and I need to apply password againg to all of them using /etc/default/passwd. Can its possible?
    Thanks
    Mohammed Tanvir

  • Expert help needed-grant user permision in Applet

    Hi
    im writing an Applet that needs to read and write files on user's local machine.
    As far as i know i guess i need to grant users permissions. I would like to do it in the easiest way for him(so he wouldnt need to change his policy file manualy, but clic on 'ok')
    First of all, is it the only way to do that?
    And above all, how to do that?
    Could anybody tell me exactly how do i get my applet signed step by step?
    Please, a beginer needs help here, it would be great if anybody could tell me how to do that STEP BY STEP.
    I have read several post about it, but none was clear enought for me.
    If someone could give a hint or a sample code it would be very appreciated.
    thanx a lot :)

    see http://java.sun.com/docs/books/tutorial/jar/sign/signing.html
    To summarize:
    1) Use keytool to generate a key
    keytool -genkey -keystore mystore -alias myaliasFollow the instructions given, i.e, fill all the blanks.
    2) Use jarsigner to sign your jar
    jarsigner -keystore mystore my_jar_file.jar myaliasBut you are really skipping everything which you need to understand.

  • IWeb help needed - new user

    "Publisher" documents have converted to iWeb documents but won't open. I'm a new Mac user so need some help :-)

    What application was used to create the .pub files?  If there's no Mac equivalent that can open and use them just select one of the files, type Command+i to bring up the Info window, go to the Open with menu and select "TextEdit".  Then click on the Apply to all button.  This unlinks iWeb from those .pub files so when you double click on one of them iWeb won't try to open.
    If you have a Mac application that can be used to open and use those .pub files then select it in the Open with: menu.
    There is no Mac application that can open the .pub (Microsoft Publisher) files.  However, this site, eHOW, has a link to a web site that can convert those .pub file to PDF files which you can open on a Mac with Preview (included).  The link is Create PDF from Word & Other Formats.  You can give it a try.
    OT

  • Help needed restricting users admin access to devices using ACS 4.2

    I have users that access the network via a VPN client to a PIX 515 which authenticates to the ACS (using the default group for unknown users) which uses an external Active Directory Database.
    The problem I have is that as the ACS authenticates these users, it now allows them admin access to the PIX. How do I restrict access? I have looked at NARs using the 'All AAA clients, *, *' approach but that just stops their VPN access. ( I have a separate group called 'PIX ACCESS' which will contained only defined users for admin access).
    Incidentally I have other devices on the network which are AAA clients, in particular Nortel switches. I can set the group settings for that RADIUS set up to 'Authenticate Only' (RADIUS Nortel option) and that works fine, I was expecting the ACS to have a similar setting for TACACS+.
    So how do I allow the unknown users to authenticate to their AD database but restrict them admin access to the AAA clients?

    Very common problem. I've solved it twice over the last 6 years with ACS. I'm sketchy on the details. But here goes. First option to explore is using RADIUS for VPN access, then TACACS on all the Cisco switches and PIX firewall. That would make it alot easier. I think that with TACACS, you can build a NAR based on TCP port number instead of IP address....
    http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_tech_note09186a0080858d3c.shtml
    So you'd have a group with 3-4 Administrators that can access PIX CLI, and another group of VPN users that can't access the PIX but can VPN in. So on the VPN group, put a NAR that restricts access to SSH/Telnet TCP ports?
    This comes up everytime I install an ACS server, (every 2-3 years), and it's always a trick.
    Please let me know if this works for you. And if it doesn't, let us know how you fixed it. I think I can get back into the ACS I last did this with and take a look, but I'd have to call up and make a special trip.

  • Urgent help need for user exit

    Hi all,
    i have just did one user exit but in RSA3 field is not coming. in step 1 i modified the extract structure. in step 2 in added field in include program ,saved and activated it. but field is not coming in RSA3. can anyone plese help me what should i do now or what has went wrong.
    in RSA3 update mode is 'F'
    thanks in advance

    hi,
      Have you created a project in CMOD and included your User exit component(RSAP0001) and activated it?.
    check that. otherwise give some more details reg. your problem.
    rgrds,
    v.sen.
    Message was edited by:
            Senthilkumar Viswanathan

Maybe you are looking for

  • Ipod to TV: what's the picture quality?

    Did anyone have the chance to play a downloaded video from their Video iPod onto a TV via the dock connector? I wonder what the quality is like since the video are encoded at 320x240? Feedback greatly appreciated!

  • New line in echo in PHP?

    Having finally got Apache and PHP, and a number of virtual sites set up, I tried David's file to print the date, and when it worked I started to experiment. I am starting to get the hang of it, but I can't get the newline to work. It would appear to

  • Why won't Firefox load videos/sites properly...

    When I go to Youtube, the video will load but will freeze after a few seconds. Some sites (like Tumblr, for example) don't load properly as well.. Help?

  • Software Update - Apple FAIL!

    Apple have completely borked the Software Update feature in Sno Leo, like many users with multiple machines I prefer to download the package for an update once and then use Apple Remote Desktop to update all machines on my LAN. I also use the same pr

  • Ever since upgrading to Lion my iMac opens to a different admin than the one last used and has to be switched. How can that be changed?

    How can I change which user boots at start up? Ever since upgrading to Lion X my iMac no longer opens to the user on it prior to shut down. It now opens to a user who is virtually never on - which is actually me under a different name. This division