Migrating 10.4 to 10.6 - Users can't log in

Similar Messages

• How many users can be logged on to the base station

  how manty users can be logged onto the base station?

  I am not sure if you mean this to be in the TC area but it will handle 50users I think was the spec.. but never ever do it. Around 10users per AP is about the max you ever want to try. That is assuming all are using the net at the same time. You can probably manage more as long as most are not actually in use.

• User can not log in

  I have a Document Center protected document - it's a test one, that simply needs a valid AdobeID and Password to open it.
  A new user can not log in and view it, older users are OK. He can log in, change has password etc, but when he tries to open the pdf, it will not accept his user name/password saying "The email address or password you entered is incorrect or you need to update your Adobe Online Centre Account. Please enter your email address or password again, or click the Manage My Account button below for help with your account". He has tried both but gets nowhere - with Manage My Account, He can log in and see his details, change password - but still can not open the pdf!
  Can anyone please help?
  I notice the link to Document Centre support now fails - is there any support for Document Center anymore?  

  Hi Chetan,
  You may check this thread to find your solution:
  Re: Two licences but only one is visible
  Thanks,
  Gordon

• User can't log in / Server can't create new users

  I recently updated to OS X Server 10.5.5. Now one of my users can't log in. Wrong username or password the system says. I've reset the password but it doesn't help.
  When creating a new user I get this error:
  "The server reported the error '-14120' while trying to create the user."
  How can I fix this?

  Well, to move the stuff, make a New Account, log into a different admin account & get BatchMod, it's much better/easier than the Finder for recursive Permission changes...
  http://www.lagentesoft.com/batchmod/index.html
  Now careful with BatchMod, it's crazy powerful, but easier than Command Line.
  Oh, this bad user isn't using FileVault I hope???
  OK, once BatchMod is loaded, you can drag the whole bad user's folder to it's icon and set the Ownership/permissions to the new replacement user, check Apply to Enclosed items, go.
  Oh, if you have room you might make a copy of that User's folder first & use the copy.
  Then open the bad User's folder, Select All, drag to new replacement User's folder.

• Migrated Users can't log in new ones can?

  I hope someone can help me out here. I'm not a full time server admin and must be missing something...
  I'm migrating an old G4 Xserve (10.4.11) to a newer Intel Xserve (10.6.6).
  I got though the migration assistant successfully and the server boots and looks just like the old G4.
  I did note a few glitches like a missing "com.apple.Boot.plist" file and none of the DHCP Static Maps migrated. All other settings, users, groups etc. look like they moved just fine. My data is all there and the folder structure is correct. DNS forward and reverse is working as it should.
  Everything seams like it should be working fine, but not one of my migrated users can login to the server. All of them get the Message, "You are unable to log in to the user account "namehere" at this time. Logging in to the account failed because an error occurred.
  When I created a new "testuser" account with all the same settings, privileges, home folder location, etc and it can login just fine...
  What am I missing here?

  I hope someone can help me out here. I'm not a full time server admin and must be missing something...
  I'm migrating an old G4 Xserve (10.4.11) to a newer Intel Xserve (10.6.6).
  I got though the migration assistant successfully and the server boots and looks just like the old G4.
  I did note a few glitches like a missing "com.apple.Boot.plist" file and none of the DHCP Static Maps migrated. All other settings, users, groups etc. look like they moved just fine. My data is all there and the folder structure is correct. DNS forward and reverse is working as it should.
  Everything seams like it should be working fine, but not one of my migrated users can login to the server. All of them get the Message, "You are unable to log in to the user account "namehere" at this time. Logging in to the account failed because an error occurred.
  When I created a new "testuser" account with all the same settings, privileges, home folder location, etc and it can login just fine...
  What am I missing here?

• Mobile user can't log in

  Hello,
  I have an issue with mobile users. I have a Mac OS X server set up with OD. I have created mobile user profiles on it. Those profiles can log in to the server without issues.
  Yet, I can't log on to any other mac on my network with those mobile users. If I try using the graphical interface, I get a login failed message, with the following error in the system.log file.
  Aug 19 06:08:58 macbook edu.mit.Kerberos.CCacheServer[1162]: launchctl start error: No such process
  Aug 19 06:08:59 macbook sshd[1184]: afp home directory mount failed in theEnumerator->Count in AFP_OpenSession: status = Unknown error: -5023
  Aug 19 06:08:59 macbook edu.mit.Kerberos.CCacheServer[1162]: launchctl start error: No such process
  Can anyone help me out ?
  Peter

  Hi
  +"is there anyway for mobile users to be admins of the local machine when they are offline?"+
  Yes. System Preferences > Accounts > Select the Network Account. Click the lock to authenticate. Provide the local admin name and password. Tick the "Allow user to administer this computer" box. Logout and Login. Doing it this way reliably works for me every time. Train/Teach the user how to use the Sync options. Try not to sync everything. Avoid the Pictures folder if you can especially if there are large iPhoto libraries. Same for Movies folder. For offline users works best if they manually sync. Less problems that way.
  +"in the Directory Utility was that it mounted my AD specified home directory in the dock"+
  Apply a Dock MCX for that User or Group. Does not have to be a persistent setting. Once allows for additional user configuration. Under the "Add other folders" section tick the "Network Home" option. There are other ways of doing this but that should do it.
  HTH?
  Tony

• New users can't log into /mydevices or /profilemanager

  Hi all,
  I've got Profile Manager up and running and have deployed about 25 iPads using the current setup.
  My configuration has not changed but all of sudden, new users created today can not log into /mydevices or /profilemanager.  Says the username or password is incorrect, but they're entered properly.  Again, the configuration of the server has NOT changed since users entered (and working) last week.
  Anyone have this issue?  If anyone can shed some light, I'd really appreciate it.
  Apple: Lion Server is buggy as ****.  Profile Manager is buggy as ****.  I've spent hours on the phone with Apple support with one issue after another.  I'm getting sick of the instability and crankiness of Lion Server.  These forums are chalked full of people having such a massive range of issues that I can only draw one conculsion: Lion Server is half baked.
  Please help (again),
  Chris

  I got my problem solved - and here is a few things to note and some steps to resolve the issue.
  1) you do not need to create augmented users - unless you need extra settings for local logins (you most likely won't have users logging into your mav) - if you are using AD that is - if not just create local users
  2) server is buggy - perhaps - but after dealing with this issue for a few days - as much as i want to agree with it i want to say that now it is running very smoothly - and it boils down to order of steps in the install
  4) do not change hostnames once it's set up - that will scre it up even worse
  here is what i woudl suggest to blow it away and reset it up
  1) system pref - users and groups - login options - network account server - edit - unjoin the domain
  2) blow away your open directory and profile manager in command line
  sudo /usr/share/devicemgr/backend/wipeDB.sh
  sudo slapconfig -destroyldapserver
  3) reset apache web config
  sudo /serveradmin command web:command=restoreFactorySettings
  4)make sure your hostname is correct
  5) join domain (if needed)
       on command line veryfiy ad is working by typing
       user "username" where username is username of AD user
  6) if AD set up - check dns search order - make sure no local host (127.0.0.1) is in the list
       system preferences - network - ethernet - advanced -dns - remove 127.0.0.1 if there (only if using AD)
  6) server admin - open directory - settings - change - set up as standalone
  configure yoru ldap server - this will reissue signing authority certificate that you will need if you want to sign your configurations profiles for clients (iOS and Mac)
  7) then configure profile manager
  Reboot after step 2 - step 3, step 6
  if you have a firewall infront of the server there will be aditinal ports required for SCEP
  http://support.apple.com/kb/TS1629
  you will need port 80,443 and 1640
  If you have a reverse proxy you will need to set up a trust to the cetificate on the proxy to the authority configured in the open ldap - different topic - but just tought it was worth mentioning

• Network users can't log on to client computers

  Hi,
  This is my first OSX server install, so bear with me if I am missing something!
  I have searched for a solution, but cant find one similar maybe I am doing something drastically wrong?
  The Problem Summarised;
  New Mac OSX Snow Leopards Mac Mini server, clean install.
  New iMac OSX Snow Leopard Client.
  Can not log in using the network users. I have joined to the open directory, I get a green dot saying network available and all network users listed.
  When I try to login, the OSX Login screen shakes as if incorrect password is being used.
  In a bit more detail
  Ok, I have installed a new Mac Mini Snow Leopard Server, created a handful of user accounts and then bound my iMac snow leopard client to the server (using the open directory utility under the accounts login preferences).
  I have also added the computer as a client computer under the servers workgroup manager app.
  I have also (using the workgroup manager on server) selected the client computer, selected preferences and added the users to the access part.
  The client now shows the OSX login box with a green dot saying network accounts available. The network accounts all appear.
  However, when I try to login as one of the network users, the login box just shakes and wont let me login.
  Any ideas? If there is a known bit of documentation, could someone point me to it?
  * saw this posted in a different secretion and I HAVE THE SAME ISSUE.

  My guess is:
  Have you created or pointed their home directories to a specific location?
  Each network user in WGM user needs to have their home directories defined to a folder on the local machine or a folder/location on the server. Here is an example... my user has it's Home defined as being within the /Users folder.
  http://i42.tinypic.com/dyoupu.jpg
  If this is not done, you will see the results you've described so far... the appearance of a successful login, then the shaking login window.

• Added a second IP to our server = Now users can't log-in

  Hi,
  I had a server that was working fine. It had one external IP address. I then added a second external (dedicated) IP address to the same ethernet port, by adding a second port in "Network Preferences" and manually typing in the IP configuration - just as I did for the original ethernet interface when the server was originally configured.
  The reason I added a second IP address is so that I could run Apache2 on port 80 on the new IP while continuing to run Apache1.3 on port 80 of the original IP.
  Of course now I've screwed up the reverse DNS and such and my users can't login over AFP (though SMB is ok). My initial IP has a properly configured reverse lookup, the new IP does not. The new IP is using the ISP's default domain name.
  In a situation like this, am I supposed to configure both IPs to resolve to the same computer name? myServer.company.com ? Or should each IP resolve differently..
  Thanks
  Woody

  Of course now I've screwed up the reverse DNS and
  such and my users can't login over AFP (though SMB is
  ok).
  How do the users connect to AFP? WAN or LAN, Hostname or IP ?
  My initial IP has a properly configured
  reverse lookup, the new IP does not. The new IP is
  using the ISP's default domain name.
  In a situation like this, am I supposed to configure
  both IPs to resolve to the same computer name?
  myServer.company.com ? Or should each IP resolve
  differently..
  Reverse lookups (PTR records) shouldn't come into it. If users use a hostname to connect then all you will need is an A record to convert the hostname to an IP. If they use an IP to connect, then no DNS is accessed. So if you cannot connect directly using the IP address then it suggests firewall or config - test for open 548 port etc.
  -david
      Server 10.4.8

• AD users can't log to SQL

  Hi,
  i have AD group that is linked to SQL 2012 server and that group has sysadmin role. I am member of that group and i can connect to SQL server. When i want to connect with other AD user to SQL that is also part of that AD group, SQL gives me error DOMAIN\username
  is not recognized. Kerberos is enabled. 
  Login failed for user 'DOMAIN\user'. Reason: Could not find a login matching the name provided. [CLIENT: 1.1.1.1]
  If i directly add that user to SQL server then i can connect.
  WTF? :D

  Hi opti2k4,
  According to your description, you tried to assign an entire AD group access to SQL Server 2012, and you failed to use other AD user of the AD group except the user account of yours to access SQL Server, but when you directly add that user to SQL server
  then the user can connect to SQL Server, right?
  The error “Could not find a login matching the name provided” means “The login used for the connection did not exist on the SQL Server”.
  And you mentioned that the user account of yours was able to connect to SQL Server while other AD user wasn’t. I think may be the user account of yours is a local administrator, or in another group, which has permission to connect to SQL Server.
  So based on the error message and my understanding, I assume that it may be caused by incorrectly adding AD group as login in SQL Server.
  In order to verify that, we can use the queries that Ashwin has mentioned above to get the access information of the AD group in SQL Server. For more information about xp_logininfo (Transact-SQL), please refer to the following article:
  http://msdn.microsoft.com/en-us/library/ms190369.aspx
  And we can follow steps below to Grant Active Directory Group Access to SQL Server:
  Step 1: Create a server login for the AD group:
  USE master
  CREATE LOGIN [YOURDOMAIN\SomeGroupName] FROM WINDOWS;
  Step 2: Go to the database and create a user based on that login:
  USE YourDatabaseName
  CREATE USER [YOURDOMAIN\SomeGroupName] FROM LOGIN [YOURDOMAIN\SomeGroupName];
  If you have any question, please feel free to let me know.
  Regards,
  Jerry Li

• Removed users can still log in

  Hi there
  I'm having an odd problem about removed users that can still log in. Users are defined on a OD server (OS X server 10.4.4), the users are put into groups, and the different groups can log in to different computers. Works fine, more or less.
  However, if I remove a user from a group, he can still log in to all the computers he was able to log in before I removed him! Same is true if I remove an entire group from a computer list - all users that were in that group can still log in to the computer.
  E.g:
  iMac; login allowed for Group-1, with User01 and User02
  -> User01 and User02 can log in. Fine.
  Remove User01 from Group-1
  -> User01 can still log in to the iMac. ????
  Removing Group-1 from the iMac computer list
  -> User01 and User02 can still log in. Grrr...
  I did several restarts of both the clients and the OD server, trashed the cache files in /Library/Caches and deleted mcx-caches in Netinfo Manager. Nothing helped. It's starting to drive me mad!!
  Any ideas?
  Thanks, Tina

  i persume u delete the cache etc on the clients?

• Remote Users can't log in

  I have two servers - One is 10.4.6 and the other is 10.3.9. All managed clients are 10.2.8 or 9.2.2. All work well except for 4 10.2.8 clients in our library. Suddenly these 4 computers don't allow any remote users to log in. The users are authenticated and the login process begins - but after processing for a bit it returns to the login screen. The client log shows a loginwindow crash when users try to log in. I've un-bound the computers from the servers & removed the MCX cache files. The computers function normally when not bound to the servers, infact local users can log in and work normally. Reconnecting the computers to the servers returns the problem. Any suggestions or things I can try?

  Hi Michael,
  According to your description, it seems like there is something wrong with the domain group policy configuration.
  I suggest you run command GPresult.exe on the terminal server to find out whether correct group policy settings are applied.
  You may use the /h option to get a clear .html view.
  Gpresult
  https://technet.microsoft.com/en-us/library/cc733160.aspx?f=255&MSPPError=-2147217396
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Mobile account users can not log on to the snow leopard server machine?

  Hi all,
  I've setup a network user and designated it as a mobile account. ** OS X 10.6.2 **
  When the user logs out of the snow leopard server machine, home sync tries to sync the local and network home directories. It is never able to connect. The network home directory is automounted and is not the default path /Users. I can see the two home directories on disk.
  Anyone else able to have their mobile users log in to the snow leopard server machine without issues?
  OS X 10.6.2 **

  It was the Sync server was down and did not know it

• Windows XP User Can't Log in to Password Protected iWeb Site

  Does anyone have advice for this problem? I have consistently been able to access my .Mac account from all PC browsers I can think of from my work computer (MSN, IE, Opera, Firefox). My mother-in-law uses a PC as well and she's had no trouble logging in. My wife uses a Dell at work and she's never had an issue.
  An Aunt, however, cannot seem to get past the Username and Password identification screen when she tries to log in on a Windows XP system in Internet Explorer. Everytime she enters the correct User and Pass (and also in the right case, I checked), the pop-up just reloads. My understanding is that she has tried to do it multiple times in a row and still nothing.
  Any takers? I am stumped. My best guess is something in the IE options for internet security is checked or unchecked. She is at a work that will not allow her to download and run other browsers, so it has to be IE.
  If anyone knows the solution to this, I would be pretty grateful.
  Thanks!

  I have the same problem here with a friend, that cannot access to the site and it works on my Windows XP-PC with IE 7 and Firefox 2. Really strange.

• Win svr 2008 r2 ent - user can not log into remote desktop after installing march's 2015 important updates

  we installed march's 2015 important updates onto all of our servers.  three of our servers are not allowing RDP.  
  these servers have windows server 2008 r2 enterprise sp1  installed.  
  we enter in the username and password in the rdp dialog box and click on ok.  the rdp dialog box comes back for us to enter in the username and password.  
  we do have kb3046049 and kb3002657 installed.  
  is there a v2 of kb 3002657 for windows server 2008 r2 enterprise?  
  on one of the servers
  1. I disabled rdp
  2. stop and start the following services 
  remote desktop configuration
  remote desktop services
  remote desktop services usermode port redirector 
  remote procedure call
  3. enabled rdp
  4. added the users allowed to rdp into  server
  This allowed us to RDP into that box with the username and password.  
  But the other two servers the steps performed above did not work.  
  Any solutions for Win Svr 2008 R2  enter sp1?

  Thursday, March 19, 2015
  This is a summary of the new and changed content scheduled for release on Thursday, March 19, 2015.
  New security content:
  This has nothing to do with this issue in this thread, it just happens to have been published today and yet no kb is public.
  Security Update for Windows Server 2003 (KB3048051)
  Locale: All
  Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, and Catalog
  Classification: Security Updates
  Target platforms: Windows Server 2003 and Windows XP
  Approximate file sizes:
  Windows Server 2003 update: ~ 196KB
  Description:
  Install this update to resolve an issue which requires an update to the untrusted certificate store on Windows systems and to keep your systems up to date. After you install this update, you may have to restart your system.
  http://support.microsoft.com/kb/3048051
  It is related to the SSL cert revocation and Microsoft is very lame these days and gets the code on MU but can't sync up the KB.
  See:
  * Microsoft Security Advisory (3046310)
  - Title: Improperly Issued Digital Certificates Could Allow Spoofing
  - https://technet.microsoft.com/library/security/3046310
  - Revision Note: V2.0 (March 19, 2015): Advisory rereleased to
  announce that the update for supported editions of Windows
  Server 2003 is now available. See Knowledge Base Article 3046310
  for more information and download links.