How to set up Open Directory Users with local home folders?
Hi folks,
i set up a Mac mini Server with the services DNS, DHCP, AFP and OpenDirectory running. Everything is working fine so far but i want my OpenDirectory Users to have their home folders locally on the clients harddisk. My Leopard clients are already bound to the directory but everytime i try to login the login window is shaking even when i use the Directory Administrator account. What am i doing wrong?
Thanks.
(Did you read my other reply? You need to make it a portable account for the caching of login credentials.)
With network homes and portable account enabled on a machine you always run from the locally stored homefolder on that machine.
This homefolder syncs with the server network home folder for that account.
If either of these folders get corrupt or unintentionally altered files (permission problems) somehow, there is risk of losing files, syncing problems and more (can take long time to sync at login/out, during even without corruption - I prefer gigabit cable to WiFi for this for obvious reasons).
You at least need to monitor storage space in both places. You don't want either to fill up the disk (worse on server because several users can have their folders corrupted at the same time). Working quota settings / account is probably a good thing.
And you probably need to decide what is synced : all folders or just some (and when / how often).
You either do this form the server (you decide) or let the user have some say or a mix of these two.
You might want to leave out the user's personal files (music, movies and such) and also depending on emaIl client used, maybe not sync email if the client saves it like Entourage does it, in big ever changing database files. Might be better to just backup the mailserver if IMAP based.
If a user puts other large files in their homefolder (often on the Desktop) they can fill up the server fast. DVD-projects anyone?
Mixing different versions server/client might not work too good either.
So having said that, when syncing works it can be really good and you can restore a machine/account fast with pretty recent data. You can if in a hurry even log in from another machine using the account network home folder, getting access to the synced folders/files.
Using Time Machine it's a one way "sync" (more like "duplicate changed and new files" - which I like) and you have to manually set TM settings on the client for what is going to be backed up and when. I do atleast don't know how to do it from/on the server. This "less intervention by the server" can be a good thing but if your users don't "behave" you might want to be in the drivers seat "saving them from themselves".
TM backups can grow fast and probably demands more user interaction when storage space is used up.
As with all "backup" configurations you probably want some rotating media backup of both network homes and/or TM backups so you can do a restore. Of these two, network homes are the more important one to backup "further".
Similar Messages
-
Network accounts with local home folders
First of all sorry for my bad english.
I want to obtain network accounts with local home folders.
I have found this post very interesting to solve my problem.
http://discussions.apple.com/message.jspa?messageID=2140595#2140595
Following this indications I have obtained it but I dont see the Public folder of any home folder from the network.
How I can solve this? I must share the Public folders manually? How? I have proven with SharePoints 3.5.4 and I have not obtained it.
Thanks
iMac Intel Core Duo Mac OS X (10.4.6)Hi
Clients should be bound to Open Directory and be using the OD Master for their DNS. Launch WorkGroup Manager and authenticate to the LDAP node. If you have only a few Users you can do it at that Level if hundreds do it at Group Level. Select Preferences > Mobility. It's fairly obvious thereafter.
After the home folder has been created you can make that account a local administrator if you wish.
This assumes the Server has been configured as Advanced. Please don't take this advice if you've used anything else.
Tony -
Network users w/ local home folders
Hi,
I have a basic question that I can't find a clear answer to. How do I create a network user account (through open directory) and specify a home folder to be created on the local machine (users are nearly all at stationary workstations)?
The documentation all says that it is possible but not exactly how. Maybe I'm missing something obvious?
Thanks,
SbHi
Clients should be bound to Open Directory and be using the OD Master for their DNS. Launch WorkGroup Manager and authenticate to the LDAP node. If you have only a few Users you can do it at that Level if hundreds do it at Group Level. Select Preferences > Mobility. It's fairly obvious thereafter.
After the home folder has been created you can make that account a local administrator if you wish.
This assumes the Server has been configured as Advanced. Please don't take this advice if you've used anything else.
Tony -
How to set privillages for created user with iSQL *Plus
The hosting company has provided ISQL * Plus interface. I have created user by using the following command:
Create user test identified by test;
Grant connect, resource to test;
But I am unable to load or import data into db. How can I import/load data as its giving permission denied message.
I think there is a lack of imp/loading data grants. Who do I set?
Thanks & best regards
Message was edited by:
Raakh1. which version of the database ?iSQL *Plus 10.2.0.1.0
2. how you are trying/want to import/load data ?from online control pannel I am selecting the Load Data option and processing 7 steps. message appears "Successfully Loaded" but when am seeing log file its given me
Step: Load
Page Refreshed Jun 7, 2007 6:38:47 AM
Status Succeeded
Targets orcl
Started Jun 7, 2007 6:38:11 AM GMT-04:00
Ended Jun 7, 2007 6:38:11 AM GMT-04:00
Elapsed Time 0 seconds
Output Log
Username:SQL*Loader-704: Internal error: ulconnect: OCIServerAttach [0]
ORA-12546: TNS:permission denied
SQL*Loader: Release 10.2.0.1.0 - Production on Thu Jun 7 06:38:11 2007
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Message was edited by:
Raakh -
How to set multple values in cluster with local variable?
Hello all,
Ok, I've made my way through Labview for everyone, and have some basic concepts down. I can see with a cluster, if acting directly upon it, you can unbundle, change values, rebundle, etc.
I'm trying something a bit more complex...and just not sure how to get started on this.
I have a drop down menu ring. I have set this up as a typedef, with 4 values. I have used this typedef 7 times, plus some LED bools, in a cluster. I have made this cluster a typedef.
So, in my main vi I"m starting to design, I've set up an example posted here....and in it, I have two instantiations of the cluster typedef, Left Selector and Right Selector.
I have dropped into this vi, a copy of the menu ring typedef (same typedef as in the clusters, same values)....called reset all tubes.
I'm trying now, to figure out how, with an event on the change of value for 'reset all tubes'....that I can start with the left selector, and change all the tubes (these are the menu ring selector) to the same value as what has been selected with the 'reset all tubes' menu ring.
I've created a local variable for the left selector. It is set to read values. (I'll be doing the same with the right one too, but just starting with the left).
In examples I've seen where directly accessing a cluster, you could unbundle the cluster...loop through and change the values...maybe pull out all of the 'tubes' into an array and move through that to update the values. And when you bundle or unbundle the cluster...you can see the values, etc, when you stretch them out on the block diagram.
With the local variable..I can't see to 'stretch' it out like I was expecting..so I can access the values for the 'tubes'...and set them all to the value of the 'reset all tubes' ring menu value.
Can someone put me on the path on the best way to do this....or is there a structure of component I'm missing here ? Am I on the right track to begin with here?
This would seem pretty basic to me, but I'm just missing something here on how to start...
Thank you in advance,
cayenne
Solved!
Go to Solution.
Attachments:
example_select_dropdown.ctl 5 KB
public_selector_cluster.ctl 6 KB
laptop_test_public.vi 12 KBnathand wrote:
You can't do this with a for loop the way the cluster is structured, but why make it so complicated? Just bundle the new value into the cluster as shown below:
If you do want to use a for loop, consider restructuring your cluster. Group the ring and a boolean into a cluster, then drop 7 of those into the selector cluster. Then you can use "cluster to array" and "array to cluster" since all elements in the outer cluster will be of the same type.
Also, be careful using rings as type definitions. You probably want to use an enumeration instead. The items in a ring do not update when you update the type definition because they're considered to be cosmetic; the items in an enumeration type definition do update, because the items in an enumeration are considered part of the data type.
Oh my goodness!!
What was MUCH easier than I was trying to make it!!
I was attempting to do this reset, in an incremental fashion, as that later, I'm going to need to change values in this cluster by individual elements....and was using this as a way to try to understand how to iterate between cluster elements, and change the values of each one.
This solution works much better for this 'reset' all solution.
One question on this....with regard to the enum vs the ring menu.
I was actually going to go with the enum, however, I could not find a way to make it LOOK like the ring menu...with the arrow to the side that a user would know to click to present the menu list of choices.
I see with the enum, that you can remove the increment/decrement indicator.....and if the user clicks the control, it will indeed pop up a menu of choices...but there is no 'arrow' on that control to indicate to the user that it is a menu choice there.....
Is there a way to make and enum look like a ring with the "drop down menu" control look?
Again, thank you !!
This helps!
C -
How to set the PATH Environment variable with multiple homes?
I have several Oracle homes, and now I cannot get reports to work anymore. These are the things I installed, in this order:
- Oracle Database 10g
- Oracle Developer Suite 10g
- Oracle Discoverer 4
- Oracle HTMLDB
Now my PATH environment variable is flooded with paths, but none seem to work when I want to start Reports 10g. I deleted all of the paths from the other homes and still no luck.
This was my original PATH:
C:\oracle\product\10.1.0\db_1\jre\1.4.2\bin\client;
C:\oracle\product\10.1.0\db_1\jre\1.4.2\bin;
C:\oradev10g\jdk\jre\bin\classic;
C:\oradev10g\jdk\jre\bin;
C:\oracle\product\10.1.0\compdb_1\jre\1.4.2\bin;
C:\oracle\product\10.1.0\compdb_1\bin;
C:\oracle\product\10.1.0\compdb_1\jre\1.1.8\bin;
C:\oracle\product\10.1.0\compdb_1\jre\1.4.2\bin\client;
C:\Disco41Home\bin;C:\oracle\product\10.1.0\db_1\bin;
C:\oradev10g\jdk\jre\bin\client;C:\oradev10g\jlib;
C:\oradev10g\bin;
C:\oradev10g\jre\1.4.1\bin;
C:\oradev10g\jre\1.1.8\bin;
C:\PROGRAM FILES\THINKPAD\UTILITIES;
%SystemRoot%\system32;
%SystemRoot%;
%SystemRoot%\System32\Wbem;
C:\WINDOWS\Downloaded Program Files;
%SystemDrive%\IBMTOOLS\Python22;
C:\Program Files\PC-Doctor for Windows\services
and this is the PATH after I stripped it:
C:\oradev10g\jdk\jre\bin\classic;
C:\oradev10g\jdk\jre\bin;
C:\oradev10g\jdk\jre\bin\client;
C:\oradev10g\jre\1.1.8\bin;
C:\oradev10g\jlib;
C:\oradev10g\bin;
C:\PROGRAM FILES\THINKPAD\UTILITIES;
%SystemRoot%\system32;
%SystemRoot%;%SystemRoot%\System32\Wbem;
C:\WINDOWS\Downloaded Program Files;
%SystemDrive%\IBMTOOLS\Python22;
C:\Program Files\PC-Doctor for Windows\services
What am I supposed to change to get Reports to work again (i.e. do more than just show the splash screen)?
Forms and Designer work just fine....Never mind I found my solution here:
Re: Oracle Developer hangs when starting...i'm desperate -
Acrobat Reader crashs for users with network home folders
When network users logon to a MacBook running 10.6.4 Adobe Acrobat 10.0.1 will crash. The users home folder are on a Mac Mini server running 10.6.6. The Safari plug-in cashes also. A local standard user will run Acrobat without problems.
Try this website....just reply if it is works....TIA!
http://serverfault.com/questions/37805/adobe-reader-wont-launch-when-logged-into -network-user-accounts-open-directory -
Network Users with network homes not really working for me
I have with great pain setup a OS X Lion server on a Mac Mini that was supposed to be my central server to have 4 network users accounts and all the users data is stored on an external disk array with mounted network homes to the 2 iMacs and 2 Macbooks I have in my home.
I have gotten it all working and all my Macs are joined to the Open Directory and each User can login as a network users on any of the Macs and get their files via mounted home directory from the server. The home directories on the server are backed up with Time Machine.
I have found the following items that do not work proberly:
1) Desktop backgrounds settings are just lost sometimes for whatever reason. Desktop background goes to default and you need to manually set back to the one you have selected. This happen mostly if users have their own desktop pictures.
2) Keychain get's screwed up. The user often get the "Keychain doesn't exist to store ..." message and need to select to reset the keychain. Anything I have tried from "Keychain First Aid" to removing and have a new one created doesn't fix the problem. It keeps on coming back.
3) iTunes Storage and AppStore are getting confused about authorized computers. This is because a user logs in from another computer and then iTunes store would tell the user this computer hasn't been authorized to play the purchase music. Same happens with iPhone apps from the AppStore. Apparently those two stores are not setup to hanlde network users proberly.
4) Permission issues happen sometimes in Application like iPhoto where it would complain not being able to see photos or cannot add new photos to the library. Need to run a permission repair on the Iphoto Library to fix this.
5) One critical one is that it's not really possible to restore files from Time Machine. The Time Machine backup is done on the server by an administrator account directly backing up the user directories. When you go into Time Machine on the server even the admin can drill down into the user directories so no restore possible. The individual users have no idea that there was ever a Time Machine backup done as Time Machine is not setup in their accounts on the individual Macs. This prevents any possible restore.
I reckon that many of the problems are related to having only one location for ~/Library as the individual Macs are writing their user related settings into this directory in a central location. So what happens is when something on iMac 1 and then I log in on iMac 2 that might not exactly match this Macs config and it get's confused throwing one of the above erors.
Trouble is witth central network home directory the way they mounted i can't exclude the ~/Library folder. The only option I can see is mobile account because I have seen in the preferences that when they sync the handle Library items differently.
Does anybody have any experience out there with this sort of thing and can advise what's the best way forward?
If i can't resolve this I'll go back to have network users with local home directories on each Mac and just setup for each user a network share to which they copy files if they want them available on other Macs. Not as nice but at least it works!
As a said note I did this to make things easier but it has up to now cost me trouble then i had before!Haven't heard anything from anybody so probably to daunting a topic ...
I have now moved on to try Portable Home Directories (PHD) and syncing ... what a disaster!
First it took me ages to get this right as the way the home directores are mounted on the clients from the server it's just weired which has to do with how AFP mounts are implemented. Since one AFP mount can't be mounted by several users on the same system they use a workaround of mounting it to a temp directory and then linking it back to where it should be. Of course this causes major problems.
Okay it kind of worked so let's move on to syncing PHD. First of all on initial creation it only sync a small portion of the directory that should be okay but on some of my accounts it never went passed this stage. It said it's all synced but it only had synced the first 10% or so of the data. I wasn't able to make it sync anymore.
On other accounts it correctly synced all the data down, or so I thought. Apparently a few sync session back and forth and 50-60% of the data was gone. On further investigation it turned out to be iTunes and iPhoto libraries. Turns out does don't sync probably via Home Sync!!!
Apple product is not able to probably syncing Apple specific library files!!!!
So here my warning to everybody: DO NOT USE PHD and HOME SYNC to sync your data as you will lose stuff if you have iTunes and/or iPhoto libraries with Lion OS X Server!!!
The whole Lion Server experience has been a disaster for me. Now I have a server that does file sharing and time machine backup sharing. I can do the same thing with a standard Mac using those services. What's the point of Lion Sever for Home if nothing works proberly? -
How do I unbind a local user from an Open Directory user?
I have a couple MacBook Pros running Leopard that successfully bound a local account to a corresponding Open Directory account using Directory Utility.
I had to re-install Leopard Server (using Standard configuration) and re-create Open Directory accounts. Now these laptops are unable to bind to the new Open Directory accounts. They receive an error that the Open Directory user ID and password provided is incorrect. In addition the local user can no longer reset or change their password. I'm thinking this is because their local accounts are still bound to the old Open Directory accounts that no longer exist. Is there are way to unbind a local account in Leopard that has been bound to an Open Directory account via the Directory Utility.What account are you using to bind the machine? When binding you must authenticate using the OD admin login which is usually setup as diradmin or as the current client you are logged into the machine with, but this client needs to exist on the OD server.
-
How to set up iOS calendar app with shared Google Calendar data
At work (in our small office) I've been given access to the shared Google Calendar that has our work schedule. It was set up using this page (click on Share an existing calendar):
https://support.google.com/calendar/answer/37082
The question I have is how to set it up to work with iOS calendar app on my iPhone?"currently there is no shared group calendar support."
Well, not really. You hinted at it with: "set up a group wiki."
Go into Workgroup Manager and set up an Open Directory group. Add people to it.
Each client must then go into iCal --> Preferences --> Accounts and add an account. The name and password entered must be the same as that added to the group, Kerberos must be unchecked, and the account URL will be like (fill in the blanks properly):
http://<your domain name here>:8008/principals/groups/<your group name here>/
Now each properly logged in user of that group can make changes to the shared group calendar, without any "hacks" like making dummy users and delegation.
However, I am getting a notifier: "Request Error: Accesss to <event name> in <your group name here> in account <your group name here> is not permitted." But that seems to be a lie, since multiple members of the group can make changes and others can see the changes.
Oh yea, make sure you have a functioning DNS with valid reverse lookup.
Message was edited by: Bytesmiths -
Authentication Delays / Slow Authentication for Open Directory Users
I'm experiencing delays when authenticating Open Directory users and it absolutely has me at my wit's end.
The problem is quite simple: any time an Open Directory user authenticates his password there is a delay of at least 5-10 seconds. This goes for clients that are bound to the directory server and also authenticating locally on the server. Here are some examples:
* On the server, there is a several second delay on the Login Window screen when trying to log in using an Open Directory account. Logging in as a local user is instantaneous.
* In Workgroup manager, authenticating as the Directory Administrator takes several seconds.
* On a remote computer, sharing the screen using an Open Directory user take several seconds and again, a local user is instantaneous. Screen sharing takes particularly long and often temporarily shows a sheet saying it has lost the connection with the server while authenticating.
* Connecting with AFP takes several seconds when using an Open Directory login
* On a client computer, unlocking the screen after sleep or screen saver takes several seconds for Open Directory users
* Connecting with SSH does NOT exhibit the behavior
In addition to all of this, I've seen periodic random unexplainable freezes for several seconds on client computers that are bound to the directory even when logged in as a local user account (and with no other users logged in.) For example, launching applications often results in a freeze. After unbinding the computer from the directory the problem goes away entirely.
The history of the problem:
Used Tiger Server for over a year = no problems
Clean install of Leopard Server 10.5.0 back in October = no problems
Update to Leopard Server 10.5.1 = no problems
Then, all of the sudden one day several weeks back I started having problems. The server had been up for a few weeks. I didn't install any updates. I didn't change any configuration. Literally the only thing that I had done recently was unplug the Apple Cinema Display and keyboard+mouse that was connected to the server. Then I started having problems so I plugged the display, keyboard and mouse back in to troubleshoot it. I cleared the directory services caches on my server and clients and rebooted the Airport Base Station that's serving as my router and eventually the problem went away. I wish I could tell you which of those things resolved the problem but I have no idea. It was fine for a couple more weeks (and incidentally I once again unplugged the display, keyboard and mouse from the server). Then last week I started having problems again and this time no amount of rebooting, cache clearing, rebinding, troubleshooting using information in these forums or anything else will fix the problem. I only mention the display/keyboard/mouse thing because it's literally the only thing I changed around the time the problems started happening. I truly don't think it has anything to do with it.
So in desperation I backed up and did a clean install today. Here's the process I used:
0. Erase the disk
1. Install Leopard Server 10.5.0 from the install DVD
2. In the setup assistant, use the Advanced Configuration option but I didn't enable any services. Set up network settings and host name of myserver.mydomain.private.
3. Reboot
4. Use Software Update to update to 10.5.1 and Security Update 2007-009 v1.1
5. Reboot
6. Configure DNS (see below for detailed configuration)
7. Reboot
8. Change role to Open Directory Master
9. Reboot
... and the problem is still there. Simply logging into the server GUI with the Directory Administrator account has the delay. Authenticating in Workgroup Manager has the delay. I haven't even bothered to set up AFP or any other users yet. I'm truly at my wit's end and I'm ready to chuck the server out the window.
I've done a lot of googling and searching of these forums looking for answers. All of the responses seem to point to a problem with DNS or with the Kerberos realm. I believe all of my setup is correct. Here it is:
== Basic Configuration ==
OS: Mac OS X Server 10.5.1 (9B18) with Security Update 2007-009 v.1.1
Services Enabled:
DNS
Open Directory
(All other services are not yet enabled)
== DNS Setup ==
Primary Zone: mydomain.private.
Allows zone transfer: no
Nameservers: ns.mydomain.private.
myserver (Machine) 10.0.22.201
ns (Alias) myserver.mydomain.private.
Reverse Zone: 22.0.10.in-addr.arpa.
10.0.22.201 (Reverse Mapping) myserver.mydomain.private.
Accept recursive queries from the following networks:
localnets
Forwarder IP Addresses:
208.67.222.222
208.67.220.220
== Open Directory Setup ==
Role: Open Directory Master
LDAP Search Base: dc=myserver,dc=mydomain,dc=private
Kerberos Realm: myserver.mydomain.private
== Network Configuration ==
Configure: Manually
IP Address: 10.0.22.201
Subnet Mask: 255.255.255.0
Router: 10.0.22.1
DNS Server: 127.0.0.1
Search Domains: mydomain.private
== Other Stuff ==
Using 'changeip -checkhostname' verifies that the hostname and DNS hostname are both myserver.mydomain.private.
I set the realm to myserver.mydomain.private (though the default was myserver.local) based on the advice of another poster to this forum. Kerberos.app reveals something interesting: the kdc and admin servers are both myserver.local and the domains are .local and local. I tried changing all instances of 'local' to 'mydomain.private' to see if that would solve the problem. No luck.
I verified on a client that 'host myserver' and 'host 10.0.22.201' return proper DNS and reverse DNS resolutions.
Hopefully one of the gurus out there will be able to help me out.
Thanks,
jeffI gathered together some log information for when I try to authenticate user 'diradmin' in Workgroup Manager. You can see from the log messages that this authentication took 4 seconds. There's an interesting error message in slapd.log (see below) but it doesn't say what it's looking for in the keytab that it's not finding. Grr! I've provided a listing of the principles in my keytab. I haven't monkeyed around with it at all -- this is just what resulted from promoting the server to an Open Directory Master.
== kdc.log ==
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](debug): handling authdata
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](debug): handling authdata
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](debug): .. .. ok
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](debug): .. .. ok
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) fe80::216:cbff:fea5:f3ce: ISSUE: authtime 1199060508, etypes {rep=16 tkt=16 ses=16}, [email protected] for krbtgt/[email protected]
Dec 30 18:21:48 myserver.mydomain.private krb5kdc[79](info): AS_REQ (7 etypes {18 17 16 23 1 3 2}) fe80::216:cbff:fea5:f3ce: ISSUE: authtime 1199060508, etypes {rep=16 tkt=16 ses=16}, [email protected] for krbtgt/[email protected]
Dec 30 18:21:52 myserver.mydomain.private krb5kdc[79](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) fe80::216:cbff:fea5:f3ce: ISSUE: authtime 1199060508, etypes {rep=16 tkt=16 ses=16}, [email protected] for ldap/[email protected]
Dec 30 18:21:52 myserver.mydomain.private krb5kdc[79](info): TGS_REQ (7 etypes {18 17 16 23 1 3 2}) fe80::216:cbff:fea5:f3ce: ISSUE: authtime 1199060508, etypes {rep=16 tkt=16 ses=16}, [email protected] for ldap/[email protected]
== slapd.log ==
Dec 30 18:21:48 myserver slapd[36]: <= bdbsubstringcandidates: (authAuthority) index_param failed (18)
Dec 30 18:21:52 myserver slapd[36]: SASL [conn=20] Failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name)
== sudo klist -k ==
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
3 afpserver/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4 D0DDB570D64ED88C5D06A78A34B7167C
3 afpserver/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4 D0DDB570D64ED88C5D06A78A34B7167C
3 afpserver/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4 D0DDB570D64ED88C5D06A78A34B7167C
3 cifs/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB 570D64ED88C5D06A78A34B7167C
3 cifs/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB 570D64ED88C5D06A78A34B7167C
3 cifs/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB 570D64ED88C5D06A78A34B7167C
3 vnc/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB5 70D64ED88C5D06A78A34B7167C
3 vnc/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB5 70D64ED88C5D06A78A34B7167C
3 vnc/LKDC:SHA1.D711BEA4D0DDB570D64ED88C5D06A78A34B7167C@LKDC:SHA1.D711BEA4D0DDB5 70D64ED88C5D06A78A34B7167C
3 cifs/[email protected]
3 cifs/[email protected]
3 cifs/[email protected]
3 ldap/[email protected]
3 ldap/[email protected]
3 ldap/[email protected]
3 xgrid/[email protected]
3 xgrid/[email protected]
3 xgrid/[email protected]
3 vpn/[email protected]
3 vpn/[email protected]
3 vpn/[email protected]
3 ipp/[email protected]
3 ipp/[email protected]
3 ipp/[email protected]
3 xmpp/[email protected]
3 xmpp/[email protected]
3 xmpp/[email protected]
3 XMPP/[email protected]
3 XMPP/[email protected]
3 XMPP/[email protected]
3 host/[email protected]
3 host/[email protected]
3 host/[email protected]
3 smtp/[email protected]
3 smtp/[email protected]
3 smtp/[email protected]
3 nfs/[email protected]
3 nfs/[email protected]
3 nfs/[email protected]
3 http/[email protected]
3 http/[email protected]
3 http/[email protected]
3 HTTP/[email protected]
3 HTTP/[email protected]
3 HTTP/[email protected]
3 pop/[email protected]
3 pop/[email protected]
3 pop/[email protected]
3 imap/[email protected]
3 imap/[email protected]
3 imap/[email protected]
3 ftp/[email protected]
3 ftp/[email protected]
3 ftp/[email protected]
3 afpserver/[email protected]
3 afpserver/[email protected]
3 afpserver/[email protected] -
how to get list of active users with the details like samaccountname, name, department, job tittle, email in active directoy?
You can use third party software True Last Logon 2.9.You can export the file in excel for report creation.You can use the trial version this will achieve what you are looking for.
True Last Logon displays the following Active Directory information:
--Users real name and logon name
--Detailed account status
--Last Logon Date & Time
--Last Logon Timestamp (Replicated value)
--Account Expiry Date & Time
--Enabled or Disabled Account
--Locked Accounts
--Password Expires
--Password Last Set Date & Time
--Logon Count
--Bad Password Count
--Expiry Date
--You can also query for any other attribute (Example: Description, telephone Number, custom attibutes etc)
Refer the below link for trial version:
http://www.dovestones.com/products/True_Last_Logon.asp
Best Regards,
Sandesh Dubey.
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator |
My Blog
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. -
Mountain Lion Open Directory Users PhotoShop Elements 6.0
Under Mac 10.8.5 , Licensing works fine for local users, but it fail for Open Directory Users.
specifically I'm trying to launch Adobe Photoshop Elements 6.
none of my workstations are connected
it worked just fine under Leopard and Snow Leopard.
running disk utilities repair permissions did not help.
running the License Repair tool from adobe did not help.
deleting the FLEXnet Publisher
and Preferences/FLEXnet Publisher
and the
Preferences/FLEXnet Publisher/FLEXnet did not help
all of my open directory users are group 1028
i have
chgrp -R 1028 /Library/Application Support/Adobe/
chgrp -R 1028 /Applications/Adobe*
chmod 775 /Library/Application Support/Adobe/Elements Organizer/11.0/
chmod 775 /Library/Application Support/Adobe/Adobe PCD/cache
chmod 775 /Library/Application Support/Adobe/Adobe PCD
chmod 775 /Library/Application Support/Adobe/SLStore/
chmod 777 /Library/Application Support/Adobe/Premiere Elements/11.0/AMTInfo.txt
many of the files in these directories have permissions 664.
several of the files that are frequently accesses were already 664 before i looked at them.
i have over 80 user workstations.
Mountain Lion OSX 10.8.5
MacPro workstations 2 3.06 GHz 6-core intel Xeon
12 Gigs of Ram
Note i also have Adobe Premiere 11.0 installed on the workstations.
Adobe Premiere 11.0 works fine after all the ownership and permission issues are solved.Hi OpenDirectoryDude,
Photoshop Elements 6 has not been tested and has compatibility issues with Mac 10.8.5 -
Lion: All Open Directory users obliterated
After a rough migration from SLS, I've been running Lion Server successfully for a couple of weeks now. However, this morning I saw that the file sharing services were down. When I brought the server up on the monitor, the Finder was frozen solid. I had to do a hard restart, and once it came up, all the Open Directory users are gone. Only local users remain. When I attempt to open the LDAP directory in Workgroup Manager it throws up a -14006 error.
I'm going to attempt to rebuild the machine from a backup last night, but I'm wondering if anyone has any (quicker) advice.
I'm tempted to just try and copy /var/db/openldap from the backup image over to the server, but I'm afraid it'll simply explode. Is there a better alternative? I don't have a current backup archive of *just* the open directory stuff...Restoring from a backup image "fixed" it of course, but I'm still curious how to restore the open directory database from a mirrored partition (i.e. without the use of an explicite restore from an open directory backup)
-
How can i create a new user with only read rights ?
How can i create a new user with only read rights ?
You are asking about a Database User I hope.
You can look into the Oracle 8i Documentation and find various privillages listed.
In particular, you may find:
Chapter 27 Privileges, Roles, and Security Policies
an intresting chapter.
You may want to do this with the various tools included with 8i - including the
Oracle DBA Studio - expand the Security node and you can create USERS and ROLES.
Or use SQL*Plus. To create a
user / password named John / Smith, you would login to SQL*Plus as System/manager (or other) and type in:
Create user John identified by Smith;
Grant CONNECT to John;
Grant SELECT ANY TABLE to John;
commit;
There is much more you can do
depending on your needs.
Please read the documentation.
-John
null
Maybe you are looking for
-
Color Balance Issue importing from DV Deck Via Firewire...
The fact that searching google and this formum has lead to me finding NO results, I am wondering whether anyone has or is experiencing similar issues.. For some time now, I have been having this issue, which I just realized is not normal. I have a So
-
Getting started: how to connect to "tutorial-chat" via AIR app
Hi,<br />I've gone through the blaze ds "getting started" article and successfully got the chat application working.<br /><br />I now am trying to connect a test AIR app to that same tutorial-chat destination, but am having issues. How do i properly
-
Upgrading Windows results in same computer being 2ns authorized computer
I just upgraded my laptop from Windows XP to Windows 7. I re-installed iTunes and iTunes now recognizes the same computer as a second authorized computer. Why? AND most important, how can i now de-register the "phantom" one?
-
Hyperlink from summary field in crosstab??
I want to enable a hyperlink on a summary field in a crosstab so that clicking on it will produce a subreport of the detailed items that are included in the count displayed in the summary field. Keeping my username in mind ;-> I have tried everything
-
Failed to run the action: Install Software Updates. CI Version Info timed out?
Hi, I have a task sequence that runs on servers to automatically install the advertised updates in software center. I have one server that is not installing these updates and from the smsts log I see an error about "CI Version times out" Does anyone