Login Options: Where is "Allow network users" stored?

Hi all
If I enable "Allow network users to login to this computer" in SystemPreferences / Accounts / Login Options - anyone knows where that gets stored?
I searched in the /Local/Default/ directory and in /Library/Preferences, but couldn't find anything. I'd like to write a script to modify access for network users; no problems in adding and deleting users from the list, but I can't turn on and off general access...
Thanks, Tina

I have set up a Mac OS X Server for Open Directory but I do not seet the additional option to allow network users to log in on a Mac OS X 10.4 client.
This may be one of the reasons I cannot login with networks accounts.
Unfortunately, I also cannot login using network accounts to the server which does have the network users option checked.
I have the Mac OS X Server set up to be a LAN DNS server, which worked fine before I connected the second ethernet interface to the Internet. Now changeip -checkhostname insists that the Web address of the server should be the address of the hostname when it MUST be the LAN IP address to work properly. I can find no one to login to either of these machines as a network users, even though I can find the users through the Address Book, indicating that the Open Directory connection is properly configured and even though I can ping by name through the LAN which indicated DNS is set up properly.

Similar Messages

  • Allow network users to login at login window option missing

    I hope someone can shed some light on this.
    I have bound a 10.6.2 machine to a Windows 2003 domain successfully. However, the checkbox to "allow network users to login at login window" is missing completely. There's a blank space. I've looked at a few other machines that haven't been joined to the domain and the option is missing from there as well.
    Am I missing something simple? Did I miss something during the OS install? This is a fresh 10.6.2 install.
    Any help would be greatly appreciated as this is keeping us from allowing domain users to log on. Thanks in advance.

    I installed ADmitMac and the option shows up. I removed it and the option goes away. There's obviously a flag being set somewhere. Any thoughts?

  • Where is the network setup stored?

    Hi all
    My time capsule died and I bot a airport extreme. The setup went automaticly but I lost my old parameters.
    Where are the network prefs stored? I would like to go back with time-machine and to see my old network-setup.
    Thanks in advance
    kk

    Yes my computer backups automaticly - thanks god for time-machine ,-)
    I have a static IP (as well as dynamic as it seems) and a server behind a firewall-setup. Thats why I would like to check back my old setup and prefs. But since Airport Express did everything automaticly - they are gone...

  • How can I allow network users to use File Sharing on 10.8 Server?

    I am in the process of setting up a new OS X 10.8 Server. I have exported/imported the network users from my previous OS X 10.6.8 Server using Workspace Manager. I have re-entered the passwords of the users. I have existing clients running (stil logged in).
    I have set up the File Sharing service in Server.app. I have several mount points. I have made the Users mount point available for home directories over AFP.
    Now, the system administrator can connect to the server and get access to the file shares. So the basic file sharing system works.
    Also: the users on a client can get there password verified (e.g. when unlocking screen protection) by the server. It is just AFP they can't get access to, while the system administrator account (OD /Local on the server) can be used. So, the password in the server is OK too. It seems to be a matter of privileges.
    But no network user (OD user in directory /LDAPv3/127.0.0.1 on the server) can get access. Where can I give network users privileges for File Sharing on the server?
    I did try to add either the "Open Directory Users" group or a specific user that was imported into com.apple.access_afp. If I do that, there is partial success. I can connect to the server from the client with a user account other than system administrator from the server (but connecting is slow). But Mobile Home Sync does not work:
    1:: [13/04/05 16:11:10.379] Scheduling next sync of "HomeSync_Mirror" at 2013-04-05 14:11:20 +0000
    1:: [13/04/05 16:11:20.782] ==========================================================
    0:: [13/04/05 16:11:20.782] Starting automatic sync of "HomeSync_Mirror".
    1:: [13/04/05 16:11:20.786] Peer "network" reports changes since last sync.
    1:: [13/04/05 16:11:20.786] [0x7fd5a9224760/<SStore_FS:0x105db3420>] +[SStore_FS newStore_FSForPeer:alias:]: isRemote = NO
    1:: [13/04/05 16:11:20.786] [0x7fd5a9224760/<SStore_FS:0x105db3420>] +[SStore_FS newStore_FSForPeer:rootPath:rootAlias:rootRef:storePath:optionalStoreID:]: peer = <SPeer_FS:0x7fd5a5009520> = local, optionalStoreID = (null), peer.storeIDString = *
    1:: [13/04/05 16:11:20.786] [0x7fd5a9224760/<SStore_FS:0x105db3420>] +[SStore_FS newStore_FSForPeer:rootPath:rootAlias:rootRef:storePath:optionalStoreID:]: rootPath        = /Users/gerben
    1:: [13/04/05 16:11:20.786] [0x7fd5a9224760/<SStore_FS:0x105db3420>] +[SStore_FS newStore_FSForPeer:rootPath:rootAlias:rootRef:storePath:optionalStoreID:]: storePath       = /Users/gerben/.FileSync/store.filesyncstatetree
    1:: [13/04/05 16:11:20.787] [0x7fd5a9224760/<SStore_FS:0x105db3420>] +[SStore_FS newStore_FSForPeer:rootPath:rootAlias:rootRef:storePath:optionalStoreID:]: rootAlias       = {path='/Users/gerben', targetName='gerben', volumeName='Macintosh HD', type=DIR, volumeCreateDate=2010-08-10-12:58:16, targetCreateDate=2011-08-28-18:39:13, parentDirID=37638, nodeID=3003598, filesystemID=0000 ('0000'), signature=0x482b ('H+'), isBootVolume=YES, isAutomounted=NO, isEjectable=NO, hasPersistentFileIDs=YES, mounted=YES, url='file://localhost/'}
    0:: [13/04/05 16:11:20.789] -[SPeer_FS _mountServerCallbackShares:status:]: received error 64
    0:: [13/04/05 16:11:20.790] EXCEPTION: _mountServerCallbackShares:status: (Host is down) <-[SPeer_FS mountPeerVolumeWithURLString:] (Peer-FS.m:446): "'(-1)' error 64">
    0:: [13/04/05 16:11:20.790] USERINFO: {
    0:: [13/04/05 16:11:20.790]     NSLocalizedDescription = "Host is down";
    0:: [13/04/05 16:11:20.790] }
    0:: [13/04/05 16:11:20.790] BACKTRACE: {
    0:: [13/04/05 16:11:20.790] ? | 0x105cb79b7  
    0:: [13/04/05 16:11:20.790] ? | 0x105cbf0e5  
    0:: [13/04/05 16:11:20.790] ? | 0x105c2c866  
    0:: [13/04/05 16:11:20.790] ? | 0x105c2babd  
    0:: [13/04/05 16:11:20.790] ? | 0x105c2acb4  
    0:: [13/04/05 16:11:20.790] ? | 0x7fff858bb72a
    0:: [13/04/05 16:11:20.790] ? | 0x7fff858bb6a2
    0:: [13/04/05 16:11:20.790] ? | 0x7fff874cf8bf
    0:: [13/04/05 16:11:20.790] ? | 0x7fff874d2b75
    0:: [13/04/05 16:11:20.790] }
    1:: [13/04/05 16:11:20.790] Peer "network" is unable to sync. (-[SPeer_FS mountPeerVolumeWithURLString:] (Peer-FS.m:446): "'(-1)' error 64")
    0:: [13/04/05 16:11:20.790] Peer "network" is unable to sync. Not enough peers will be available to continue syncing.
    0:: [13/04/05 16:11:20.790] Aborting sync of "HomeSync_Mirror".
    1:: [13/04/05 16:11:20.790] -[SPeer abortSync] "local"
    1:: [13/04/05 16:11:20.797] -[SStore_FS setupWithAlias:andRef:] (Store-FS.m:447): unlink('/Users/gerben/.FileSync/.fstemp.QW1Gh-bhvgEhVwmG3.noindex')
    0:: [13/04/05 16:11:20.798] EXCEPTION: !IF <-[SPeer(protected) doPrepareForSyncWithResolvedConflicts:] (Peer.m:1149): "'(([self checkAbort]))'">
    0:: [13/04/05 16:11:20.798] BACKTRACE: {
    0:: [13/04/05 16:11:20.798] ? | 0x105c2bb66  
    0:: [13/04/05 16:11:20.798] ? | 0x105c2acb4  
    0:: [13/04/05 16:11:20.798] ? | 0x7fff858bb72a
    0:: [13/04/05 16:11:20.798] ? | 0x7fff858bb6a2
    0:: [13/04/05 16:11:20.798] ? | 0x7fff874cf8bf
    0:: [13/04/05 16:11:20.798] ? | 0x7fff874d2b75
    0:: [13/04/05 16:11:20.798] }
    1:: [13/04/05 16:11:20.798] -[SStore_FS deleteStateTreeTurdFile] (Store-FS.m:476): unlink('/Users/gerben/.FileSync/store.filesyncstatetree.statetree_dirty')
    1:: [13/04/05 16:11:20.798] Peer "local" is unable to sync. (-[SPeer(protected) doPrepareForSyncWithResolvedConflicts:] (Peer.m:1149): "'(([self checkAbort]))'")
    0:: [13/04/05 16:11:20.798] Peer "local" is unable to sync. Not enough peers will be available to continue syncing.
    1:: [13/04/05 16:11:20.798] EXCEPTION: SFAbortedException <-[SSyncEngine _waitForPeers:] (SyncEngine.m:1922): "'(_abort)'">
    1:: [13/04/05 16:11:20.798] -[SSyncEngine threadMain_SyncEngine_sync:]: sync failed with exception "-[SSyncEngine _waitForPeers:] (SyncEngine.m:1922): "'(_abort)'"".
    0:: [13/04/05 16:11:21.066] Sync of "HomeSync_Mirror" encountered errors. (_mountServerCallbackShares:status: (Host is down))
    0:: [13/04/05 16:11:21.067] Last successful sync completed at 2013-04-04 20:17:15 +0000.
    0:: [13/04/05 16:11:21.067] Finished sync of "HomeSync_Mirror".
    1:: [13/04/05 16:11:21.067] Scheduling next sync of "HomeSync_Mirror" at 2013-04-05 14:31:21 +0000
    1:: [13/04/05 16:11:21.284] 1-pass sync of "HomeSync_Mirror" took 0.02 seconds

    Hi Gerben,
    Try creating a brand new user, that's not imported and see if that works. Every user/group has a little gear in the Server.app/Users or Groups which allows specific access to specific services, perhaps filesharing is off in that section?
    Is your DNS setup properly? Can you verify that clients can see the FQDN of your server?
    After setting up the Users folder for mobilehomes, did you check whether the group and the separate users have access to filesharing? I am able to select the correct homefolder /Users and restrict the homefolder size.
    Goodluck!
    Jeffrey

  • Allowing network users to sudo on workgroup clients

    I'm setting up a network of Minis, powered by a Snow Leopard Server Mini, to run a Java application we use. The Java app is deployed using a custom, Java-based, installer that requires root access for some parts of the install. At present, we just ask the user to type in their sudo password at the start of the install. Works great on conventional SL machines, Windows, and Linux.
    I want there to be a single user account for each machine (say, "A01"). When a user logs on to a machine as A01, they need to be able to install the software. However, when they put in their account password, the sudo request fails because their account isn't in /etc/sudoers. Using the admin account that I create when I uncrate the new machine works fine.
    How can I tell each local machine that I want these network-based accounts to have sudo access? It's OK if I have to manually edit /etc/sudoers on each machine, but it would be cleaner if I could set the setting centrally somehow.

    I've got the exact same problem, even after adding the users to sudoer.
    Blah.

  • Network users not appearing on login screen

    Hi all. I have just started setting up Lion Server for my household however have a slight issue with allowing network users to logon to devices. If I allow usernames and passwords to be typed in manually then network users can login, however if I want to have them show up as users on the login screen it doesn't work.
    Is there a way for network users to be visible on the login screen at all times please? There are only two network users in my house.
    Thanks,
    Jordan

    See my reply here https://discussions.apple.com/message/16280642 where I previously described how to do this.You will need Workgroup Manager installed for Lion if you have not already downloaded and installed this. You can get it here http://support.apple.com/kb/DL1419

  • Unable to login network user from login windom. SSH login ok.

    I have a MacOS 10.6 client and ldap network users server by MacOS 10.4 Server. Trying to login via the login window I get "Logging in..." which tries forever (or until I reboot).
    * SSH login works fine with network users.
    * Local users can login.
    * Network access is allowed by all users (Preferences->Login)
    * Removing ~/Library/ from the network user doesn't work.
    Logging in via SSH while the login screen is hanging I get:
    [mikael@melba ~]$ ps -Umikael
    PID TTY TIME CMD
    330 ?? 0:00.03 /sbin/launchd
    480 ?? 0:00.02 /System/Library/CoreServices/CCacheServer.app/Contents
    693 ?? 0:00.00 /usr/sbin/sshd -i
    694 ttys000 0:00.12 -bash
    730 ttys000 0:00.00 ps -Umikael
    Any ideas?

    I cannot create the mobile account (real username replaced here with '<username>'). This is true whether I run the command as root or as the user in question (via ssh):
    root# /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobilea ccount -n <username>
    createmobileaccount built Jul 23 2009 22:14:42
    2009-10-05 15:54:41.906 createmobileaccount[41973:903] MCXCCacheMCXRecordAndGraph(): [localNode createRecordWithRecordType:(null) name:"<username>"] == 4100 (Unable to create record <username> in /Local/Default.)
    2009-10-05 15:54:41.908 createmobileaccount[41973:903] MCXCCreateMobileAccount(): Failed to create account. Error = 4100 (MCXCCacheMCXRecordAndGraph failed). Cleaning up mobile account record.
    2009-10-05 15:54:41.909 createmobileaccount[41973:903] MCXCDeleteAccount(): Trying to delete user id = 0
    * mobile account could not be created: 4100 (Unable to create record <username> in /Local/Default.)
    Directory services and DNS are set manually.
    Message was edited by: BerkeleyAstroBill

  • Network users not showing up at login screen

    Hello, I am new to Server and I have set up an Open Directory setup (using smb for home folders, I heard that it was faster or something somewhere) on my server iMac 27".  This iMac is running Mavericks 10.9.4 and the latest version of Server 3.  On my client iMac 24", I have bound the server to the iMac, as evidenced by the green dot next to the server IP in System Preferences Users and Groups.  The iMac is running Mavericks 10.9.4 as well.  For the network accounts, I have chosen to store the home folders on the server itself, so they are not mobile.  When I try to log in to the network accounts from the client iMac 24", the "Other..." selection does not appear so that I can input the username and password for the network user.  However, I am able to log in to the network accounts just fine from the server iMac 27", as well as another MacBook running Lion 10.7.5.  How can I get the "Other..." selection to show up on my login screen so that I am able to log in to the network accounts?
    And yes, "Allow network users to log in at the login window" is checked.

    Many Open Directory problems can be resolved by taking the following steps. Test after each one, and back up all data before making any changes.
    1. The OD master must have a static IP address on the local network, not a dynamic address.
    2. You must have a working DNS service, and the master's hostname must match its fully-qualified domain name. To confirm, select the server by name in the sidebar of the Server application window, then select the Overview tab. Click the Edit button on the Host Name line. On the Accessing your Server sheet, Domain Name should be selected. Change the Host Name, if necessary. The server must have at least a three-level name (e.g. "server.yourdomain.com"), and the name must not be in the ".local" top-level domain, which is reserved for Bonjour.
    3. The primary DNS server used by the master must be 127.0.0.1 (that is, itself) unless you're using another server for internal DNS. The only DNS server set on the clients should be the internal one, which they should get from DHCP if applicable.
    4. Follow these instructions to rebuild the Kerberos configuration on the master.
    5. If you use authenticated binding, check the validity of the master's certificate. The common name must match the hostname and domain name. Deselecting and then reselecting the certificate in Server.app has been reported to have an effect in some cases.
    6. Unbind and then rebind the clients in the Users & Groups preference pane. Use the fully-qualified domain name of the master.
    7. Reboot the master and the clients.
    8. Don't log in to the server with a network user's account.
    9. As a last resort, export all OD users. In the Open Directory pane of Server, delete the OD server. Then recreate it and import the users. Ensure that the UID's are in the 1001+ range.

  • Mountain Lion Server: add network user to remote management

    Hi,
    So recently I have upgraded from Lion Server to ML Server. A little disappointing, but whatever, I've moved on and got everything almost back to where I had it with Lion.
    My last few issues I believe are related but can't quite figure it out. In Lion I have an admin profile and then a network user profile that I used on my MBP bound with AD. I'm at the stage where my nre network user can log in on the server machine but I can't log in as the network user via screen sharing. I can't add a network user to Remote Management, and with Remote Management enabled Screen Sharing is greyed out. I'd really like this to work.
    My second problem is that I can't bind my MBP to the server but even when bound the network user account can't log in.
    Any body have  any ideas?
    Thanks!

    I had this problem on a clean install.
    The solution was incredibly simple for me, but only  after I saw Ross.M's note about opening the Users & Groups settings panel (in the OS System Prefs, not in server) and rebinding to OD server under Login Options.
    That was not the solution for me, but under Login Options I discovered a previously unnoticed pref for "Allow network users to login at login window."  I had this option set (apparently by default) to "Only these network users:"  but with an empty list.  Adding my users to the list made it work perfectly.
    Talk about KISS

  • File Sharing (Read & Write) with a Network User - "Network User" Not Listed

    My boyfriend and I both have Macs, running 10.6.3. Both Macs are connected to the internet via Apple Wireless Express. I have a MacBook Pro, and my boyfriend has an iMac with a big fancy screen, so I like to use for my own work when I'm at home and he isn't - it's just easier and more comfortable to use than a laptop.
    I would like to find a way to use his computer to access a shared folder on my laptop with read & write access (so that I can modify the files on my laptop while using his computer). I have gotten to the point where I have a folder on my laptop with the files I want shared with his computer, and can access this folder from his computer. However, doing it this way (accessing my files on my laptop from his computer) only allows read-only access. I would like to be able to edit the files that are on my laptop using his computer, so I think I would need read and write access.
    It seems the easiest way to do this would be to add a user (the boyfriend) on my laptop and give him read/write access to this specific folder that is located on my laptop. I found instructions on how to do this, and it says that I need to add a "network user". These instructions seem to indicate that when I add a user, there should be options for accounts on my laptop, my personal address book, a new account on my laptop, and network users. I see the first 3 options...but no option to add a network user.
    Why is that? How would I make it so that from my laptop, I can add a network user...specifically my boyfriend's computer, who also uses the same internet network that I use?
    Thank you so much for any help!

    Also found this behavior:
    While logged into the Mac Pro as MPUser1, I connect to the MacBook Pro file sharing as MBPUser1.
    Then I "disconnect".
    Then I log out of the Mac Pro MPUser1, and login as MPUser2.
    The connection to MBP as MBPUser1 is still active!
    This means that MPUser2 can access whatever MBPUser1 can access WITHOUT knowing MBPUser1's login password !
    This seems WRONG! Anybody else seen this?

  • Network user can't see local home directory

    Hi there,
    I have a Mac Mini running Lion Server with Directory Services turned on. I've been using this to allow network users to log into Lion clients, as well as set up mobile accounts. This has been working fine.
    Now I've just created a new network user for use with a Mountain Lion client and have experienced some strangeness with this new user's home directory. The binding to the directory was fine, and the credentials for the network user were fine. However, when logged in, this new user has his home drive mapped to /Network/Servers/<servername>/Users/<username> rather than the expected /Users/<username>. This has bad side-effects. For instance, Chrome tries to save downloads to the server instead of locally.
    What I can't work out is why the home directory isn't pointing to a local location. The other users (on Lion) have the same home directories defined in their Open  Directory profiles. The only difference is the new user is on Mountain Lion, but I don't think this has any bearing to the problem.
    Can anyone offer some advice?
    Benjamin

    So I took my Mac Mini running OS X 10.8 Server, along with two client laptops: one exhibiting the problem I described, and the other where network logins and home directories worked as intended.
    Long story short, the guys at the Bar couldn't figure it out. The user definitions in Open Directory seemed ok, but they still couldn't work out why no local home directories were being created. Not sure if this helps, but in trouble-shooting, we also discovered that trying to login with a network user on the problematic laptop didn't work when the server wasn't on the network. It's as if the server is required to be present.
    Anyway, the case has been referred to the business team, which is supposed to have more expertise with OS X Server.

  • OS X Server 3 new installation - network users can`t connect - what the h... am I doing wrong ?!?!

    Mac Server 3 drives me crazy ...
    I have a brand new MacMini here with Maverick on board, and two brandnew Macbook Air and 3 27"iMac that I want to set up as small office. The MacMini should act as Server (with two thunderbolt harddisks connected) for the rest. So far the theory, meanwhile I´m the reality of Server 3 ...
    Having years of experience with "normal network" solutions like filesharing etc. I had a look at Server 3 and thought it couldn`t be that complicated to set it up - but meanwhile I`m disillusioned.
    I`ve now completely reinstalled the MacMini and the Server the third time, connected directly to the Airport Extreme, started filesharing and started the Server app. afterwards. Then I just
    - opened the settings of the server, set up a local network (xxx.local)
    - activated push-notification and got a ceritficate
    - started the profile manager
    - started open directory
    - started started the DNS server
    - started file sharing (creating a new folder on the MacMini, offering user folders via SMB or AFP (tested both))
    - started the other services (calendar, contacts, etc.)
    - opened ports for the public services on the AirportExtreme
    - set up a testuser (network user), giving access to all services
    - gave the test user access to the network folder created
    On the Macbook Air i used for testing I registered the network account server (getting a green light afterwards), put the hook at "allow network users to sign on" (I even coot see the test users name there).
    But after switching to the login I only got normal users on the MacBook Air. Switching the "allow network users to sign on" sometimes resulted in a third user "other" where I could enter the Username and password - but : no result - just as explained several times in this thread ... :-( :-(
    The last three days I tried several setups, switch and renamed, issued certificates, tried out the profile manager and registered the MBA, set up the user folder via AFP and SMB, ...
    But : no access to the network user granted ...
    Just read the last lines of the Protokoll after my last attempts and could read "connection invalid" and "connection denied" several times in it ... does anyone have an idea what`s going wrong here ?!?!??!
    I really need to set up this server a.s.a. possible and am really frustrated about this really not Apple like behaviour of this software *eyesroll* ...
    Any help appreciated !

    Hi,
    sorry, but frustration continues ... here`s what I did :
    - complete did the forth reinstall of the MacMini, new Maverick, all updates. Then installed the server.app
    - delete all network connections except the Ethernet, gave it a static IP 10.0.1.201
    - started the server app, renamed the computername and the hostname
    Result :
    - This automatically started the DNS server - i just checked this and found a server.dizwo.private entry pointing at the 10.0.1.201. According to your proposal I entered a second entry with "dizwo.private" pointing at the same IP 10.0.1.201 (named "server") - as you didn´t respond to my request above the entries are only guesses
    - on the AirportExtreme I opened the ports for all necessary services
    - I created a public user folder with all necessary access types (using SMB for the user folder)
    - created network user pointing at this folder
    - checked whether it has access to all services (was already  preset) and gave him access read/write to the user folder
    - last but not least i started the OpenDirectory server showing availibility of the OD server at server.dizwo.private
    ... and then ?
    On the MacBook Air and on another iMac I first had a look whether I get access to the user folder on the server. I could see it in the finder windows and got access, okay - fine.
    Then I want to set up the OD server in the user settings on the clients - but in contrary to my earlier tries I didn`t got the OD server name, but simply a "server.local".
    Trying to enter the "server.dizwo.private" simply resulted in a "host not found" ??!?!
    You can imagine how frustrated I`m now about all this stuff - I`m Apple user since more than 20 years and haven`t seen such weird behaviour of an Apple software before - not user friendly in any matter ... .
    This server software is advertised and looking like to be an easy to use front end to create a server, even the "manuals" (not that I would tell them so ...) do so. But it looks like it`s really more a trial and error thing when you do the installation ...
    So : what I did I do wrong now ? Is there anything that I missed ? Is it a certificate thing (I didn`t set up a custom one but used the intermediate one preinstalled) ? Or another network issue ? The DNS server ? The OD server ? The naming of the server ?
    I really urgently need help - need to set up this server the next 2 weeks !!
    any help appreciated !!

  • A permission problem of network user home folders

    I have a problem in logging in of network users. I suspect it is due to incorrect permissions at the client.  The trouble scenarios is as follows:
    Hosts (all in the local network):
    server.example.com (Mac mini server 10.8.4 w/ Server.app)
        provides Open Directory and AFP/SMB File Sharing
        allows remote login via SSH,
        have two network user accounts (user1 and user2), and
        have their home folders on the external HDD (/Volumes/HD1/home).
    client.example.com (Mac mini 10.8.4)
        takes server.example.com as network account server and
        allows remote login via SSH.
    From the third machine (third.exmple.com), both user1 and user2 can simultaneously login to server.example.com via SSH without trouble.
    Their home folders (directories) are: /Network/Servers/server.example.com/Volumes/HD1/home/{user1, user2}
    Problem Scenario:
    (1) After rebooting both server.example.com and client.example.com,  user1 can also login to client.example.com via SSH without any trouble.
    His/her home folder is /Network/Servers/server.example.com/Volumes/HD1/home/user1.  This seems correct behavior.
    (2) But after the successful login of user1, user2 fails to login to client.example.com via SSH.  The error messages look like this:
    user@third$ ssh -l user2 client.example.com
    Password:
    Last login: ...
    Could not chdir to home directory /Network/Servers/server.example.com/Volumes/HD1/home/user2:     Permission denied
    -bash: /Network/Servers/server.example.com/Volumes/HD1/home/user2/.bash_profile: Permission denied
    user2@client$ pwd
    user2@client$
    At this time, the file permission of the mount point of "home" folder is like the following. I suspect that this prevents user2 to access his/her home folder.
    user2@client$ ls -l /Network/Servers/server.example.com/Volumes/HD1
    total 0
    dr-x------+ 1 user1  staff  264 Sep  9 20:24 home
    (3) Now I can observe (at server.example.com) that user1 is connecting as the AFP file service user. After disconnecting user1 using Server.app, user2 can login to client.example.com successfully. 
    (4) While user2 is successfully logging in to client.exmple.com, user1 fails to login to the host. The error messages look similar to (2).
    At this time, the file permission of the mount point of the "home" is taken by user2.
    Sorry for the long scenario. Does anyone have clue to solve this?
    I havn't encountered this sort of problem when I was using Snow Leopard Servers.
    Note:
    On server.example.com, /Volumes/HD1/home is configured to be share point (with guest access permission) and AFP home. Its local permission is:
    user1@server$ ls -ld /Volumes/HD1/home
    drwxr-xr-x+ 4 root  admin  136  9  9 20:24 /Volumes/HD1/home
    On client.example.com, the permission of the directories above  the mount point of "home" is: drwxr-xr-x+ root admin
    Both accounts (user1 and user2) are created using Server.app connected to server.example.com (I didn't use Workgroup manager).

    Takuo,
    Did you ever resolve this issue?  I'm having a similar problem.  Linc's comment (about not logging into the server with a network user) doesn't apply -- I'm not logged on with that user, and I have rebooted the server since any possible logins.
    Essentially, I have a home network where I've setup OpenDirectory on a Mac Mini Server.  I'm authenticating via LDAP properly between my iMac client and my Mac Mini Server.  For example, using 'id' at the command prompt, I can properly retrieve all network information, and can use 'ldapsearch' to query user IDs from the server.  Perhaps most importantly, I've got pGina setup on a Windows XP machine, and I can authenticate via LDAP against the Server as well -- so I'm pretty sure that I've got the LDAP & DNS parameters all properly configured.
    But what I can't seem to figure out is why my SMB shares are failing.  Whenever a network user's home directory attempts to get mounted on the iMac client, the home directory authentication fails.  For example,
    vimac:~ kris$ su - kmv
    Password:
    su: no directory
    On the server-side, I'm seeing:
    2014-03-26 8:58:24.256 PM digest-service[43828]: label: default
    2014-03-26 8:58:24.256 PM digest-service[43828]:           dbname: od:/Local/Default
    2014-03-26 8:58:24.256 PM digest-service[43828]:           mkey_file: /var/db/krb5kdc/m-key
    2014-03-26 8:58:24.256 PM digest-service[43828]:           acl_file: /var/db/krb5kdc/kadmind.acl
    2014-03-26 8:58:24.257 PM digest-service[43828]: digest-request: uid=0
    2014-03-26 8:58:24.259 PM digest-service[43828]: digest-request: netr probe 0
    2014-03-26 8:58:24.260 PM digest-service[43828]: digest-request: init request
    2014-03-26 8:58:24.327 PM digest-service[43828]: digest-request: init return domain: VSERVER.LOCAL server: VSERVER indomain was: <NULL>
    2014-03-26 8:58:24.330 PM digest-service[43828]: digest-request: uid=0
    2014-03-26 8:58:24.330 PM digest-service[43828]: digest-request: init request
    2014-03-26 8:58:24.534 PM digest-service[43828]: digest-request: init return domain: VSERVER.LOCAL server: VSERVER indomain was: <NULL>
    If I use 'smb://' (with a username & password), I also get denied, and the same error about the "NULL" indomain appears in the log. 
    Is this similar to what you saw?  I've been scouring the web for info about digest-request, but am fairly new to OS X, so my progress has been slow...
    Kris

  • How to allow a user to create his workspace in java(swings)

    hello guys ..
    i have to develop an interface (GUI) where i allow the user to create his own workspace , could anybody tell me what is the code we need. are there any specific inbuilt functions and methods..
    please help
    Imran

    public class Workspaceextends javax.swing.JPanelimplements org.jivesoftware.smack.PacketListener
    The inner Container for Spark. The Workspace is the container for all plugins into the Spark install. Plugins would use this for the following:
    Add own tab to the main tabbed pane. ex.
    Workspace workspace = SparkManager.getWorkspace(); JButton button = new JButton("HELLO SPARK USERS"); workspace.getWorkspacePane().addTab("MyPlugin", button);
    Retrieve the ContactList.

  • List of Network Users in Loginwindow Omitted

    I have a Mountain Lion 10.8.5 client machine joined to a Mountain Lion 10.8.5 OS X Server on which I have completed DNS, OD, and network account configuration steps.  I have added a network account on the server (and Server.app displays the account as 'Local Network User').  Also, I have placed the client machine into a device group and created/pushed a profile to the group that includes a Login Window payload specifying that network users are included in the list of users. After pushing the profile, I confirm that the client machine indeed shows the desired Login Window settings in the 'Profiles' preference panel and I also confirm that /Library/Managed Preferences/com.apple.loginwindow.plist indeed shows IncludeNetworkUser as 'True'.  The client machine has been rebooted.
    From the client machine, the loginwindow, however, displays only local accounts and 'Other...'.  I can select 'Other...' and successfully login to the new network account.  Yet I seem unable to get the the loginwindow to include the network account in the user list even though the profile appears correct and the account itself seems to be in good working order (since an 'Other..' login is accepted).
    When I examine the client log in Console, I see nothing that obviously indicates a problem in loginwindow that is relevant to opendirectory.
    What might I have done wrong?  Suggestions on how to narrow down the problem?  Is there a debugging aide that might be useful, or some verbose logging of loginwindow behavior that I can enable?

    Thanks for replying.
    Yes, the client's Ethernet is set to use DHCP and my DHCP server hands out a DNS resolver config that specifies the OS X Server machine as the nameserver.  And in my client's network preferences for the Ethernet link, on the 'DNS' tab of the 'Advanced' settings, I indeed see that my DHCP assigned settings were applied (using my own DNS zone served from the DNS server on the OS X Server machine, and using the IP address of the OS X Server as the nameserver).  So I =think= these all look correct.
    I add some more info...
    When I run 'id' from the command line, it includes 'workgroup' in the list of groups, which is the OS X Server's group for network accounts.  I treat this as confirmation that OD queries for user/group info from the OS X Server are in working order.
    I wish there were some sort of debug trace log I could turn on for loginwindow so that I could have a look at how/when it queries OD.
    I have a second client machine setup like the first, also running 10.8.5 and joined to my OS X Server - and this one actually =does= display network accounts in the loginwindow.  This second client machine is in the same Profile Manager device group as the first, and hence has exactly the same profiles.  Same DNS config, too.  I haven't been able to identify a difference between the two machines that would explain why one displays network accounts in the loginwindow while the other does not.  The second client client machine is WiFi while the first is Ethernet, but that shouldn't be relevant (?).
    This difference in behavior between the two machines has persisted through reboots of both (and a reboot of the OS X Server).

Maybe you are looking for

  • How do I get my text messages from my android fascinate to my htc one m8 windows phone....???

    just purchased and received the new htc one...was using a samsung galaxy s for a few months before my contract ran out...my original nokia lumia 920 died and I reactivated the galaxy....now I have the text messages from october and earlier but I can'

  • Oracle 8.0.5 Install on Linux for Alpha

    I am getting a orainst.cm not found error while trying to Install Oracle on the Alpha Server with Redhat Linux . Tried all the symbolic link tricks of /bin/bash. Nothing works for me. Help me if you have any clues! Thanks Anand null

  • Accessing values

    class test{      int value;           public test(int val){           value=val;      public void set(int num){           value=num; test a=new test(1);Thats a small program of mine.Previously,when i first learnt java, i would need to do a.set(newVal

  • Why does Illustrator change CMYK color numbers when set to preserve them?

    I'm using CS2 on Mac OSX 10.4. Recently I tried importing a Photoshop image into Illustrator and then matching a color in Illustrator to a color in the Photoshop document. But Illustrator changed the CMYK values of the color in the Photoshop document

  • After Effects CS4 & WebM/VP8 Compatibility

    I'm trying to create animations for web-use and would like to have them work on mobile platforms as well, so I want to export After Effects projects to an HTML5 video format.  WebM is the one I'd most like to use, as that is supported by most browser