Leopard Server SUS "SUCatalogLoaderException" failures

[Posted to Apple Feedback site...anybody else experiencing this?]
Hello--
For about a month now, I've been getting a SUS swupd_sync error on numerous Mac OS X 10.5 Servers that I maintain when trying to download the software update catalogs from Apple servers. Since around Oct 12th, on previously working SUS setups, I've been seeing the following in my logs:
Sat Nov 10 23:58:14 michaelscott.c5consulting.net swupd_syncd[68758] <Info>: Started
Sat Nov 10 23:58:32 michaelscott.c5consulting.net swupd_syncd[68758] <Error>: swupd_syncd failed with SUCatalogLoaderException: We've been foiled by the SUCatalogLoader: no local display name. Drat.
Consequently, any new updates are not being added to the SUS lists on these servers. Other 10.6 - 10.8 servers are not showing signs of trouble. Any idea if a change to the Apple mirrors or their catalog files is causing this? I figured it might clear on its own, but after a month has passed, I don't see any sign of that. I need these systems to be able to use SUS, please!
Thanks,
Fred

Fred,
This is for you if you still have problems.  I saw your name everywhere and constantly as I got rerouted to the same 5 posts about SUS running on old powerpc servers when I was trying to fix mine.  I am now serving all updates 10.5-10.8 with G5 server.
I never post anything ever online but I wanted to make sure you got the fix (and anybody else) as they were trying to make everything that SHOULD work on strong powerpc servers work, which is nearly everything since its web protocols and such.
The solution is very simple IF you had the working stuff going before using the methods found in:
https://discussions.apple.com/thread/2169042
which is the thread you list as using in one of your other threads discussing details before it stopped working (with ML release I have figured out).
I simply checked my catalog names using a ML install.  They were right.  But in doing that I had done some web searches for ML software update server catalogs, names, or whatever.  Somebody in one of those threads (I am not going to find that one) said ML now uses HTTPS instead of HTTP.
I changed 'http' to 'https' in mirror config file with everything else identical to prior methods from Jan and it worked immediately downloading the updates and making the symlinks as instructed in those methods showed all updates.  Im running 7 gigs of RAM and show absolutely 0 performance impact on anything, malloc errors, or anything else I saw you had going at various times so not sure about that.  Did want you to know it works flawlessly with just that simple change.  Probably some other people will be happy to read this also.
Incidentally, later post on page 3 gives a great way to configure WGM to handle computers logging in and get the right update catalog.  Im using that as well and it seemed to identify properly so far.  Thanks to that poster for that.
I have found this other thread where somebody got more advanced than me and did some rewritecond using variables that the system figures out first which I think must do what I did very simply, only more complicated.  Its listed as 10.6 though and seems silly when you look at what I did:
https://discussions.apple.com/thread/4026496?start=0&tstart=0
Others note success but its very complicated compared to what I am doing, ESP if you already set it up this way before and have been following this at all waiting for a fix.
Hope this benefits somebody as it may be the last thing I ever post like this.
Bye
PS - I'm adding this error message to this fix because this is what you start to get when it breaks down if you setting up from scratch instead of having had it set up and then ML came out, SUS protocol changed to https, but you had catalogs already, that now just won't update.  That should be a different error I never saw because I was setting up from new.  Good Luck and I hope this saves some time, and gives some good use back to some powerpc servers.
<Error>: swupd_syncd failed with SUCatalogLoaderException: We've been foiled by the SUCatalogLoader: no local display name. Drat.
Message was edited by: ipcray

Similar Messages

  • Lion server SUS not responding/weird behavior

    Hi all,
    I've a new mini Lion server set up and updated to 10.7.4. Tested most of the services fine and decided to set up its software update service for our Macs in the office. I followed the instruction scattered around on the internet and used Server Admin to set up the SUS. After a few days it is still downloading some old packages (we have mostly Leopard clients) but I see that a lot have been downloaded and enabled. So I went ahead and try to deploy the service to our Macs.
    When I use the URL Apple suggested "http://su.domain_name.com:8088/index.sucatalog", my clients said my server wasn't responding and that I need to check my network connection. I searched around and realized it happens to lots of people with Snow Leopard server upgrading to Lion and some people suggested that we should point the URL to "http://su.domain_name.com:8088/catalogs.sucatalog" and I tried that and it seems to be working on one of my Lion, well at least there weren't any error, but since all my Lions are updated, it just said the computer is up to date. I thought it worked and decided to upgrade one of the Leopard to Snow Leopard.
    After updating to Snow Leopard, the Mac obviously needed a lot of updates. Since it is a managed client, I had no problem depolying the SUS to it with Workgroup Manager. After a restart, I tried doing the software update thing and it successfully connected to my Lion server (because there is my server URL on the window title) and in a second or so it found some updates and showed me the usual "show detail, not now, install" prompt but before I had a chance to click anything, an "attached prompt" pop up from the title of the "show detail, not now, install" prompt telling me that the computer is up to date and all I can do is click the "quit" button which closes both prompts together.
    So now I'm painfully trying to update that Snow Leopard from Apple servers which just the OS X combined update alone is going to be like 3 hours. What did I do wrong with the SUS? What can I do/test to solve this problem?
    Any help would be great! Thanks!!

    I figured it out and have posted all the details on my blog:
    http://linsec.ca/blog/2012/08/23/software-update-service-on-os-x-lion-serve/

  • Leopard Server 10.5.4 + SMB + Windows XP Clients

    Hello!
    I got quite some interesting problems with my Xserv under Leopard Server 10.5.4 with Windows XP Clients.
    The server runs as an open directory master and a standalone server for smb.
    Shares are setup for AFP and SMB clients, ACLs are set up with read+write access for the user's group. So far everything works, users can connect from their Macs (OS X 10.3.x - 10.5.4) without problems.
    My problem are the windows clients.
    Connecting works fine, and apart from one permission bug (more on that later) they can access all files and do everything the macs can do.
    Problem 1:
    Users cannot rename files if they don't have write permission at the POSIX-level as either owner or group on the enclosing folder. ACLs do not matter at this point, if the user connects through SMB he cannot rename files or folders.
    No big problem, I just put all users into one group and set this group as the POSIX-group and do a chmod -R g+w on all shares.
    Inheritate this settings for SMB-connections works.
    But not for AFP-connections. Every new folder a mac-client creates comes with permissions 755. So I changed UMasks on the clients to 002, and at least folders created by the finder now have the right permissions of 775.
    Folders created by "new folder" on most applications load/save dialogs still come as 755 which screws up renaming for windows-clients.
    Folders created when expanding a zip-file also behave this way.
    The only solution I found for this was to make a cronjob that does a chmod -R g+w on the shares. Not that great.
    Another "fun" feature with POSIX-permissions and SMB:
    Files inside a folder. Files+Folder have an ACL set up that specifically denies deleting files+folders for a user. This users group has POSIX-permissions with write access to the enclosing folder. Window's explorer will let that user delete files and folders without any complaint about missing permissions to do so. They even disappear from the explorer-window, but are not actually deleted.
    If you refresh the view, the files+folders are there again.
    If the user instead has no POSIX-permission that grants him write-access, but an ACL that grants him delete, explorer happily deletes the files the user wishes to. And these files actually get deleted.
    If the user has no write POSIX-permission and no ACL-permission to delete files, explorer complains about missing rights to delete files/folders.
    I tried adding "acl check permissions = no" to smb.conf, but that didn't change this behaviour.
    Problem 2:
    Sometimes, when copying "large" files to a server share with windows explorer (from 50 MB upto 3 GB), the user immidiately gets an error message: "Cannot copy. The specified network name is no longer available."
    The copied file shows up at once in the destination directory and has the correct file size, but only contains "garbage". Half a second later the same copy works and the file is actually copied successfully.
    Sometimes this error shows up while a large file is copied and if you browse through other shared folders while the copy takes place.
    Most often it will show up when you copy&paste with explorer.
    I am stomped and have no idea where to search for a solution to this one.
    I tried changing ethernet cables (premade and selfmade), the network switch, ethernet port of the Xserv ... connected a workstation directly to the Xserv - no change.
    DNS works, all clients+Xserv have static IPs and the same settings for DNS-Server. Name resolution works, as does reverse resolution.
    I even tried using a windows server 2003 as a WINS-Server without success for this problem.
    There are no event log entries on the clients when this happens, and smbd.log on the server shows
    read failure for 4 bytes to client 192.168.1.137. Error Connection reset by peer
    I used wireshark to monitor what exactly happens when this shows up, but it just happens out of nowhere ... the clients just sends a TCP_RST. No unusual things before or after the TCP_RST.
    I ran some tests with samba 3.0.32 and samba 3.2.x under linux 2.6.x - no such errors at all.
    I tried installing Leopard Server on my Mac Pro, same behaviour.
    I ran some batch-scripts that would copy large and small files in excess from/to the server from 4 different windows xp clients for a whole weekend 24 hours - not a single error. As soon as I use windows explorer to copy a file this error has a chance of showing itself.
    Problem 3, more of an application bug:
    Adobe InDesign CS2 (Windows again ;)) cannot export a PDF to a shared folder if the filename is longer than 8 characters. It starts exporting and after reaching 100% it just stops with the error "PDF cannot be exported." If the filename is shorter than 8 characters, all works fine. Exporting locally or to other samba servers (linux) or windows servers (2003) works fine. Copying this files to the share works, too.
    Exporting any other filetype from IDCS2 (eps, inx, jpeg ...) works regardless of filename length. So does saving InDesign-files.
    InDesign CS1 and CS3 do not show this, so I guess it's safe to assume this one is Adobe's problem
    Did anyone experience similar problems or even better has a solution to some of these?
    The real showstopper is problem #2, at least for us.
    Thanks in advance and excuse my poor english skills!

    I tried several new approaches, but nothing worked so far.
    The update to 10.5.5 made things worse. Connections are dropping all over the place, when saving from Adobe programs in particular.
    Printing from clients to a Xerox Phaser 5500 works, but choosing a different paper size than the default chosen in the cups admin interface goes all wrong and either prints on the default paper size, but down/upscaled to the chosen paper size or prints on the chosen paper size and down/upscaled as if you were printing to the default paper size. (e.g. default paper size is A4, you choose A3 with an A3 document. Document prints on A4 and is downscaled to A4, or prints on A3 and is downscaled to A4.)
    There is no way I can keep this thing in production much longer. I tried reinstalling again, but that did not change any behaviour. Another nice "feature": InDesign disables "edit original" when the path to the linked file contains any directoryname with more than 8 characters in length.
    Coupled with a sometimes disappearing "dirserv" (it just stops working until I reboot the whole computer) the decision stands to move away from the Xserve.
    Leopard Server 10.5.x just does not seem to work well with windows clients.
    We will migrate to a windows server 2003 running ExtremZ-IP for the macintosh clients this weekend. Too bad that Apple does not allow Bootcamp to work on Xserves, at least the hardware would have been useful then.
    (As a nice finishing touch, the harddisk partition where all data resides did become corrupt over the weekend. "The volume Daten could not be repaired."
    Disk Utility and first aid did show nothing on friday ... saturday after no work being done on the partition this error shows up. The only solution I could find was to reformat the partition and restore from a previous backup. Another weekend down the drain. Sorry for the rant, but 6 weekends in a row is enough.)

  • Host website and email on my Snow Leopard Server

    Hi. I have a customer who currently has a hosting company for his emails and website. He recently bought a Mac Leopard Server which I set up on the network which now he wants to host his web site (be a web server) as well as his own Mail Server (with his email addresses hosted himself). The ISP provides him with a static IP address, he has a registered domain name with GoDaddy. How do I go about providing this service to him on the Mac Server and what do i fill in as the default DNS name on the Server? Additionally what ports do I open on the ISP firewall and how and where do I store the website files for hosting the the website? I prefer not to host DNS on this Server as it is a small network how can I configure the MX record for this site then? Thanks.

    This is not a trivial task. Getting a Mac to act as a web server is trivial, provided you either can do with the default settings or are capable of managing an Apache web server. However, making that available on the web in general and making it the server responsible for maintaining the company web site is another thing entirely.
    First, a static IP address is not the same thing as a connection appropriate for a web server. Unless your client has paid for an internet connection that will allow such use, his ISP may very well cut him off as soon as they discover he's using it to run a server. Paying for such a connection will be much more expensive than just paying for a static IP address. And unless he's really paying a lot, the site will be slower than most web sites.
    Similarly, he's going to have to pay for someone to be on call 24-7 to fix server issues. He'll also need to have backup hardware in case of hardware failure. For example, if the hard drive in the server dies, he may not be able to afford a few days' downtime while a new hard drive is bought, the old one replaced and all the software and data reinstalled/restored on the new drive. If the site is at all important, I wouldn't consider anything less than a second server kept entirely synced with the primary one so they can be swapped out at a moment's notice.
    Honestly, given all the extra costs of running your own server, it's actually cheaper to just pay for hosting on a decent service provider. (GoDaddy is not one I would consider decent, so if he's having issues, switching hosts is probably the better option.)
    Now, if he just wants a small, in-house server that won't be seeing much traffic, that's definitely possible. But, as already pointed out, that would be better discussed on the server forums. Although some folks here will have experience setting up a web server on a standard copy of Mac OS X, many/most of them have no experience with Mac OS X Server.

  • Can Leopard Server update Tiger clients?

    Can anyone tell me if Leopard server can update the OS of Tiger clients? I know Tiger server can't update Leopard clients, but the other way around?

    Hi
    Not true. I have a 10.4 OD Master with a managed group using the SUS Service on a 10.5 Server. The 10.5 Server is connected to the 10.4 Directory. DNS Services for both servers are on the 10.4 Server as is the DHCP Service. 10.4 and 10.5 Clients that bind to the 10.4 Server are updated using the 10.5 SUS with no problems at all. The only issue I've seen is 10.5 clients occasionally can't use the 10.5.2 Combo Update on the SUS Server. There is the 'cant expand package properly' error message. At first I thought this was because the latest Intel iMacs were able to update but not Leopard installed PPC models. One solution was to keep a manually downloaded .dmg of the 10.5.2 update on the Server and push it out using ARD or copying it locally and installing it that way. However earlier Intel models - occasionally - are also not updating - pre-dominantly first generation macbooks and macminis but every now and again some of the later Aluminium model iMacs.
    This is an intermittent problem though and may be due to the small bandwidth that the SUS server is having to use to access apple's downloads server (1MB). When the SUS was on the 10.4 Server with a higher bandwidth connection (4-5MB) there was never any problems with the downloads but quite a few with the Service stopping itself and having to be restarted using the command line.
    The amount downloaded for 10.5 SUS is greater (approx 13-16GB) than 10.4 SUS (approx 10-11GB) - obviously. It took 4-5 days for the 10.5 SUS to make available all the downloaded updates - obviously due to the 1MB connection but also there were problems with accessing the updates server at that time. I think this was because Leopard Server had not long been made available and like a lot others it was in a testing environment where all the services were being tried to see what was worked and what did not.
    Tony

  • VPN Server in Snow Leopard Server not accepting connections

    I've got some issues with a new Snow Leopard Server, running on a Mac mini Server, and VPN.
    I have a Linksys WRT310N performing router duties. I have enabled the VPN Passthrough in the router's configuration pages (IPSec, PPTP and L2TP all Enabled). In the Applications and Gaming section, I have enabled ports 1723 (TCP and UDP) and 1701 (TCP and UDP) to go through to the mini Server. In order to have the VPN Passthrough enabled, I have to have the SPI Firewall enabled on the router.
    I have both PPTP and L2TP enabled on the Server. When I first tested it, everything worked.
    Within 24 hours, it stopped working, and I can't work out why.
    On the Server, I can see in the logs the following messages: (server name and IPs changed to protect the guilty)
    ---BEGIN vpnd.log---
    2009-11-03 20:03:32 EST Incoming call... Address given to client = 192.168.0.213
    Tue Nov 3 20:03:32 2009 : Directory Services Authentication plugin initialized
    Tue Nov 3 20:03:32 2009 : Directory Services Authorization plugin initialized
    Tue Nov 3 20:03:32 2009 : PPTP incoming call in progress from '123.456.789.123'...
    Tue Nov 3 20:03:33 2009 : PPTP connection established.
    Tue Nov 3 20:03:33 2009 : using link 0
    Tue Nov 3 20:03:33 2009 : Using interface ppp0
    Tue Nov 3 20:03:33 2009 : Connect: ppp0 <--> socket[34:17]
    Tue Nov 3 20:03:33 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:33 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:33 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:33 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:36 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:39 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:42 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:45 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:48 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:51 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:54 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:57 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:04:00 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:03 2009 : LCP: timeout sending Config-Requests
    Tue Nov 3 20:04:03 2009 : Connection terminated.
    Tue Nov 3 20:04:03 2009 : PPTP disconnecting...
    Tue Nov 3 20:04:03 2009 : PPTP disconnected
    2009-11-03 20:04:03 EST --> Client with address = 192.168.0.213 has hungup
    ---END vpnd.log---
    On the client I'm seeing this in the logs
    --- BEGIN ---
    3/11/09 8:03:32 PM pppd[12074] pppd 2.4.2 (Apple version 314.0.2) started by root, uid 502
    3/11/09 8:03:32 PM pppd[12074] PPTP connecting to server 'server.example.com' (10.0.1.1)...
    3/11/09 8:03:33 PM pppd[12074] PPTP connection established.
    3/11/09 8:03:33 PM pppd[12074] Connect: ppp0 <--> socket[34:17]
    3/11/09 8:04:03 PM pppd[12074] LCP: timeout sending Config-Requests
    3/11/09 8:04:03 PM pppd[12074] Connection terminated.
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnecting...
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    --- END ---
    Any ideas?

    Well, this didn't last long. The VPN is already down. Cannot connect to it again.Very Frustrating.
    I know the actual server is receiving the requests (Server Log):
    Jan 7 10:26:33 SnowServer racoon[118]: Connecting.
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Jan 7 10:26:36 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:26:55: --- last message repeated 6 times ---
    Jan 7 10:26:55 SnowServer servermgrd[67]: servermgr_jabber[W]: detailed service status not available until network configuration completed
    Jan 7 10:26:57 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:27:03: --- last message repeated 1 time ---
    Jan 7 10:27:03 SnowServer racoon[118]: IKEv1 Phase1: maximum retransmits. (Phase1 Maximum Retransmits).
    Jan 7 10:27:03 SnowServer racoon[118]: Disconnecting. (Connection tried to negotiate for, 30.655020 seconds).
    Jan 7 10:27:03 SnowServer racoon[118]: IKE Phase1 Failure-Rate Statistic. (Failure-Rate = 100.000).
    Jan 7 10:27:57 SnowServer racoon[118]: Connecting.
    Jan 7 10:27:57 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Jan 7 10:27:57 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Jan 7 10:27:58 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Jan 7 10:27:58 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Jan 7 10:28:01 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:28:28: --- last message repeated 8 times ---
    Jan 7 10:28:28 SnowServer racoon[118]: IKEv1 Phase1: maximum retransmits. (Phase1 Maximum Retransmits).
    Jan 7 10:28:28 SnowServer racoon[118]: Disconnecting. (Connection tried to negotiate for, 30.993122 seconds).
    Jan 7 10:28:28 SnowServer racoon[118]: IKE Phase1 Failure-Rate Statistic. (Failure-Rate = 100.000).
    But the VPN Server never gets the connection request (VPN Log):
    2010-01-07 10:12:13 EST Loading plugin /System/Library/Extensions/L2TP.ppp
    2010-01-07 10:12:13 EST Listening for connections...
    2010-01-07 10:12:13 EST Listening for connections...
    I have a call with Apple Support this afternoon. Hopefully it will be fruitful. If I get anywhere, I will post it. If anyone has any bright ideas, they would be greatly appreciated.
    Message was edited by: AeroJet

  • Leopard Server and Blackberry

    Hi All, We are considering migrating from Exchange to Leopard Server for our small business mail/calendar/file sharing/wiki needs.
    But, we have a requirement to be able to support the blackberry for mail/calendar. What are our options for interfacing Leopard Server's mail & calendar with our blackberry users? Currently we use a hosted Exchange provider that delivers this service.
    Thanks in advance!

    Apple needs to address the issue of incorporating mobile devices into a small business environment. Leopard Server provides many innovative, valuable and useful features for small businesses, but it is analogous to a top-of-the-line car in which the seat position and radio stations all reset each time you get out. It's great while you're in the car, but the process of leaving and coming back is a big pain.
    Apple has not put forth any suggested solution for wirelessly syncing calendars, let alone contacts, to mobile devices. All current solutions require client-based synchronization, involve many different vendors, and provides too many opportunities for failure and lack of support. For example, one could do this:
    Spanning Sync on desktops/laptops to sync iCal with Google Calendar
    GooSync to sync Google Calendar with Palm Treos
    Google Sync to sync Google Calendar with BlackBerry devices
    Google Calendar would be used merely to sync iCal with mobile devices wirelessly
    We need a solution that is based around Leopard Server at the center. In other words:
    Mobile devices sync calendar and contacts directly with Leopard Server
    Desktops/laptops sync calendar and contacts directly with Leopard Server
    There are plenty of other features that need implementation or refinement (e.g., simpler and more rubust sharing of contacts, better webmail interface), but wireless synchronization tops the list.

  • Can I install a version of snow leopard server on a newer Mac Mini model?

    Hi-
    I have Snow Leopard server running on a Mac Mini from 2010. I decided I really need some redundancy so want to get another and sync them in case of failure. Can I buy the latest Mac Mini model and install Snow Leopard server on it or will it not let me due to some firmware limitation? I've been able to do revert on other models and not others. Any thoughts?
    Thanks.

    ****-So I have to find the latest Mac Mini that will run Snow Leopard Server? I refuse to upgrade to that crap they call server nowadays. It's Snow Leopard server till I move to Linux. Thing is, those Minis cost nearly as much now as they did when brand new. I feel like I'm getting ripped off. Oh well. Thanks for the quick answer guys!

  • Leopard server, Tiger clients, 'IP address in use' error messages

    I am really at my wit's end here. We have about 100 iBooks running 10.4.11 and a couple hundred MacBooks running Leopard. I took away the job of DHCP from my Windows Server 2003 servers because it couldn't seem to keep the Tiger clients straight, and now the Leopard server is doing the same thing. The laptops are shut down and booted often 10 times a day for use in different classes by different students in different segments of the building, but all the same subnet. Very often, iBooks get an "IP in use by [some other Mac's MAC address], server [IP address of Xserve]" it looks just like this: http://podfeet.com/NosillaCast/NC2006_05_21/iperror.jpg
    In addition, when I go to look up the client list on the Leopard server via Server Admin, it shows several instances of the same computer name, same MAC address, different IP address, as well as same computer name, different MAC address, same IP address, and, of course, same IP address for two or three different computers. This is as bad as, if not worse, than Windows server! But it's only the Tiger clients, and I can easily see the duplications in the list, why can't the server see that and do something about it?
    I am going to be moving to SL server, but not soon enough. Apparently, it's much easier to assign static IP assignments in SL server than Leopard server. I need a resolution for this now, though. I have Googled quite a bit, but nothing I've found matches my situation. And it causes chaos. After the students clear away the IP conflict box, they often cannot log in until a local admin logs in and "renews IP address" or they restart and clear the error boxes until it gets an IP address it will accept.
    I can paste in some console logs if that would help, but essentially, the client refuses the IP address offered by the server, so that suggests that it arps the address itself and determines it's already in use. This whole system, which should be so intelligent, seems so clueless. Why doesn't the server realize it's giving the same IP to different computers, listing the same computers twice with the same and different IPs, etc.? Why doesn't the laptop keep trying to get an IP address? It's extremely frustrating for teachers and students alike.
    I really thought this would get better using Leopard server instead of the Windows server, but it actually seems worse now. I've done tests to see if there is a different DHCP server somewhere, but none ever shows up.
    Anyone with insight, I'd appreciate it. Thanks

    MrHoffman wrote:
    One big 172.16.0.0/12 subnet? Ok. Not my first choice.
    It's /16, but still was not my choice either. With about 50 printers and servers with static IPs that would all need the mask changed, I put off clipping the subnet mask since VLANs were in the works anyway.
    MrHoffman wrote:
    The network traffic for a DHCP lease or a lease renewal is negligible.
    Figure a few messages at intervals of half the lease time for each client.
    There already appears to be a DHCP failure here.
    I tried many different things with the 2003 Servers, usually two at a time handing out IPs (same subnet, different range, i.e. one serving 172.16.2.1-3.254/16 and the other 172.16.4.1-5.254/16), and the iBooks would often sit for minutes without getting an IP at all. I'd have to turn on the Xserve's DHCP server to hand out an additional range in the subnet (172.16.6.1-254/16), and the iBooks would then snap up IPs and authenticate to AD.
    MrHoffman wrote:
    And as for the weirdness, I'd be wondering if the DHCP traffic is being filtered by some of the devices present in this network; it's very easy to have a DHCP server active on a WiFi device (which is why most larger sites have them all configured as APs) and it's also easily feasible to have a rogue WiFi around.
    Thanks, all good ideas, but I don't think the problem here. I have all Airport Extreme base stations in Bridge Mode. I regularly do scans for rogue APs, and the iBooks would not associate to one anyway - they only know the school network and need admin access to change. In fact, so inflexible is Tiger that when I started changing to WPA2 from WPA, same SSID and password, the iBooks would not associate to the WPA2 networks without local admin login and manually choosing the SSID (and the password was still in the keychain and worked). I then brought some iBooks back to an area with just WPA (older firmware on older Airport could not do WPA2) and the iBooks were once again stranded. Leopard laptops moved seamlessly between the same APs.
    I've also done some testing for rogue DHCP servers, but nothing was found, and I've not seen any wierd IPs coming up.
    MrHoffman wrote:
    Subnetting and vlans are options. If this is a decent-sized network, I'd definitely look to subnet it; you're already in line for subnetting now, what with what is probably mixed faculty and student traffic.
    The reason that VLANs are on hold was that I told admin that with our limited wireless network (1 SSID, Airport not VLAN-aware), when they were not in an office with their laptops on ethernet, they'd only get Internet through the wireless (which would be on student/teacher VLAN), no access to admin servers or printers. I was surprised at the vociferous response.
    MrHoffman wrote:
    I'd probably toss a monitor onto different parts of the network - if you've not already tried this - and go hunting for "surprises". (If you're spec'ing out for bids on an upgrade, having packet-monitoring capabilities and rogue detection is really handy. That'll tell you if you have a rogue, or if DHCP traffic is pushing you over the edge.)
    I have an old PC catching syslogs and it has Wireshark, but I haven't turned that on in a while. If I have time, I will see if I can capture anything. I did get bids on Cisco and Procurve wireless and network infrastructure upgrades last year, and pretty much got the 'no way, talk to the hand' response (and a few more Apple APs).
    MrHoffman wrote:
    Go talk to the finance folks and to the school board, and tell them that their servers and their network traffic are all exposed to the students. If they're not running encryption, they're toast. (And they're potentially toast even if they are.) That discussion both for reasons of budget, and to cover you, as this looks to be the textbook network configuration case that eventually "blows up" on the IT staff.
    We're a medium-sized independent high school with a strapped budget. I have requested and explained everything, but it hasn't sunk in. Last year, I made everything work. This year, without all the special qos settings and tweaks to the switches I made last year to keep things mostly together, things are much more wonky (I stripped out all the qos settings over the summer while preparing for the VLANs, which I assumed was a no-brainer to happen. Unfortunately, I didn't document the settings before I cleared them, and I can't quite achieve the same balance this year). And, by the way, IT staff is pretty much me.

  • Snow leopard server for net boot and software updates only what needs to be running to use it?

    Snow leopard server for net boot and software updates only what needs to be running to have it work right?

    Netboot and Software Update, at its simplest.  Mac OS X Server also expects to have functional IP networking and DNS services (somewhere) on the LAN (and if you're behind a NAT gateway, then the DNS server(s) are on your LAN and not out at your ISP), or things get weird.  SUS (usually) works out of the box, outside of cases where there's an outbound firewall.  Netboot can be more effort to setup, in terms of what you're loading into the clients.

  • Can't rename folders on Snow Leopard Server

    I have 10.6.8 Snow Leopard Server running on a new Mac Mini server. Attached I have a Pegasus Raid storing all my files. I have a sharepoint set up for every project we work on but a couple act strangely. Users can create and delete folders but can not rename them once created. In order to rename they must drag the folder onto the desktop, rename and then replace the folder on the server. All permissions are set up identical to the other sharepoints which work fine. I have had a couple so-called "experts" look at the permissions in both the terminal and Server Admin. Everyone seems stumped. Any ideas?

    Thanks for the input but I finally soved the problem. Here is what I found...
    Although I had given users/group the ALLOW/FULL CONTROL premission with a sharepoint, I discovered that in Server Admin if you double-click on the User or Group name under the ACL permissions that a drop down box appears. This box allows you to fine tune the ACL but it appears that by default all of the boxes are not checked even though I granted the user Full Control. After checking all of the boxes I was able to create and rename folders in my share as expected.
    This also had an similar effect if I denied Full Control. Some of the boxes remained unchecked and it left holes in my system where denied users could still access some files. Again by checking all boxes these holes were closed.
    Does anyone know how to change the default so that all boxes are checked when assigning the Full Control permission?

  • I transferred files from a NAS server to the Mac Mini Snow Leopard Server and now some of the files have Custom Access and can't  be opened by some users.  How do I fix this?

    We're setting up our Mac Mini Snow Leopard Server, and in the process transferred files that had been stored and accessed from our Blackarmor NAS server over to the Mac.  These files were all created on PC's and are Office Excel files, WordPerfect files or PDF's.  When you look at the files on the Mac from the Mac and bring up Get Info for the affected file, it says that the file has Custom Access.  The files that work properly don't have that configuration.  I can access and open the files on some computers, but some users can't open the files from their computer even though they can see it.  We're all using PC's and they get the Error:  Access Denied-Contact your administrator--or something similar.  I've seen on the web similar issues and it may have something to do with ACL permissions.  I don't know enough about Mac OS to understand this, but what is baffling is that they can be opened from some PC's but not others, and all of the Users have the same accessibility to the files.  Thanks for a solution!!

    Oh, on the losing Internet, try this...
    Make a New Location, Using network locations in Mac OS X ...
    http://support.apple.com/kb/HT2712
    10.7 & 10.8…
    System Preferences>Network, top of window>Locations>Edit Locations, little plus icon, give it a name.
    10.5.x/10.6.x/10.7.x instructions...
    System Preferences>Network, click on the little gear at the bottom next to the + & - icons, (unlock lock first if locked), choose Set Service Order.
    The interface that connects to the Internet should be dragged to the top of the list.
    Instead of joining your Network from the list, click the WiFi icon at the top, and click join other network. Fill in everything as needed.
    For 10.5/10.6, System Preferences>Network, unlock the lock if need be, highlight the Interface you use to connect to Internet, click on the advanced button, click on the DNS tab, click on the little plus icon, then add these numbers...
    208.67.222.222
    208.67.220.220
    Click OK.
    PS. Your English is quite good & completely understandable.

  • Setting up Snow Leopard Server with Address Book, iCal for Small Business

    Hello Folks,
    I have a small business with 2-3 people and I want to setup Snow Leopard Server on a Mac Mini. I have everything in place, RAID, Backup drive etc.
    What I need is a guide on how to setup the server correctly and how to setup Address Book Server, iCal Server, DNS, etc. I was in IT a long while back but have gone back to my creative roots and sworn off IT but I am in a situation where my IT guy's wife is pregnant so he is busy painting the baby's room, etc.
    I was looking at Snow Leopard Server for Dummies and a few other books. Do you guys have any suggestions on resources for me to read or research that would give me very straightforward steps in getting this setup. I am at a point where I can re-install from scratch if needed.
    For the ease of those that might respond let's assume I know my way around Mac and general networking as a whole.
    Thanks in advance for any advice.
    Cheers,
    Jason

    Hi Guys,
    First of, I will give you a brief background on me regarding networking as a mac user since 1994. I can setup and network multiple macs without a server in our home and small office. Turning file, print and internet sharing with a regular Mac OS X client version at no problem at all. This would be my first time setting up a Mac OS X Snow Leopard Server.
    I'm in the same boat as Jakekub but we do not have a static IP from our DSL provider. We just bought a Mac Mini Server for our small office with 3 iMacs and 1 MacBook. We will just use the server for internal usage and to centralized things out and use some of server's features like Address Book, Mail, iCal etc. I've search the forums and found Orhidy's post here:
    http://discussions.apple.com/thread.jspa?threadID=2148553
    I even followed the sample IP Address, Subnet Mask, Router, DNS Server and I think I had it correctly setup initially. And I think I got it all running on the basic setup base on his instructions. So I tried to test my DNS settings via Terminal > hostname then got answer as
    servername.companyname.private
    And double checking DNS again with a command: sudo changeip - checkhostname and was given an answer of:
    Primary address = 192.168.1.192
    Current Hostname = servername.companyname.private
    DNS Hostname = servername.companyname.private
    The names match. There is nothing to change
    dirserv:success = "success"
    But here's another one that bugs me. I tried to follow from "Mac OS X Snow Leopard for Dummies" the command line:
    NSLOOKUP hostname
    and got an answer of:
    ;; Got SERVFAIL reply from 192.168.1.192, trying next server
    Server: 192.168.1.1
    Address: 192.168.1.1#53
    ** server can't find hostname: NXDOMAIN
    So does it mean that I still haven't configured my server properly?
    Thank you all for the help in advance!
    dive

  • Snow Leopard Server running extremely slow all of a sudden!!

    Hi, I'm not a qualified server technician but am currently trying my best to run a server in a Secondary School! Please help, need to fix ASAP.
    So basically we've got a Mac Pro running Snow Leopard server which has become incredibly slow in the past week. Nothing has changed in our department to trigger this. Here's everything I know so far...
    - If I try to log on to the admin account when "Some Network Accounts Are Available", log on will take under a minute. If I try to log on to the admin account when the light goes green and "Network Accounts Are Available" log on will take forever and eventually just crash and which point I have to just force a shutdown and try again.
    - When I can log on, some aspects of the computing seems fast and other aspects are really slow. For example, a few programs open as soon as I log on no problem, however a simple spotlight search or trying to open Sytem Preferences will crash the computer completely.
    - Have tried booting in Safe Mode, and everything ran fast and how it's mean to but once restarting and booting normally the problems remained.
    Sorry for the lack of knowledge!!
    Thanks in advance.

    Your comment indicates "crash the computer"?  Do you mean that OS X Server itself fails, and you have to reboot?  Or that the application crashes, and you have to restart it?
    The following are some general approaches toward gathering some data:
    Launch Console.app from Applications > Utilities and see if there are blocks of repeating errors.
    Launch Terminal.app from Applications > Utilities and issue the following harmess, diagnostic command:
    sudo changeip -checkhostname
    After entering an administrative password and possibly seeing a one-time informational message about sudo, you should see some network configuration information and then an indication that no changes are required, or that there are DNS or network errors.
    Boot from the Snow Leopard installation DVD and run a volume verification pass using Disk Utility, this from the Utilities menu of the installation disl.
    FWIW...
    If the applications or OS X Server are crashing, then you're generally heard toward either a reinstallation of the software, or a hardware repair, or quite possibly a combination of the two.
    Forcing a hard shutdown can lead to corruptions, depending on exactly what's going on when the power drops out; that's probably best left as a last-resort approach and one best avoided.

  • Can I use Leopard Server for a few things without a static IP/DNS mapping?

    Caveat: I'm pretty capable at setting up and running macs, but not a crack server admin or anything like that. I don't write code and my eyes start to glaze over when you start talking about Kerbos and the like...
    Question: I'd like to use Leopard server for a few things on my local network - with some vpn access to the same services:
    - iCal server (the most important feature) for 3 users
    - File server services for Time Machine (yes, base Leopard can do this)
    - vpn access into the iCal server for one user
    Do I have to go through the headache of switching over from a dynamic IP to a static IP, setting up DNS mapping, etc? Or is there a simpler way?
    Any help appreciated. Thanks

    Caveat: I'm pretty capable at setting up and running macs, but not a crack server admin or anything like that. I don't write code and my eyes start to glaze over when you start talking about Kerbos and the like...
    Question: I'd like to use Leopard server for a few things on my local network - with some vpn access to the same services:
    - iCal server (the most important feature) for 3 users
    - File server services for Time Machine (yes, base Leopard can do this)
    - vpn access into the iCal server for one user
    Do I have to go through the headache of switching over from a dynamic IP to a static IP, setting up DNS mapping, etc? Or is there a simpler way?
    Any help appreciated. Thanks

Maybe you are looking for