Misconfiguration detected in hash global uid/sid

running on a mac os x sever network 10.6.8 with over 2,000 users and over 50 groups. for about 1 full year now in sever admin we get this error NON stop witch seems to happen when ever someone logs in. It will say
"misconfiguration detected in hash global UID" OR
"misconfiguration detected in hash global SID"
this is nonstop. From what i have read this is due to the same user or group having the same ID. Where can i go to psychically see if they have the same ID (in WGM it does not show any doubled ID's)
with over 2,000 users and people logging in all the time this error comes out about every 1 minute. Is there any fix for this?

running on a mac os x sever network 10.6.8 with over 2,000 users and over 50 groups. for about 1 full year now in sever admin we get this error NON stop witch seems to happen when ever someone logs in. It will say
"misconfiguration detected in hash global UID" OR
"misconfiguration detected in hash global SID"
this is nonstop. From what i have read this is due to the same user or group having the same ID. Where can i go to psychically see if they have the same ID (in WGM it does not show any doubled ID's)
with over 2,000 users and people logging in all the time this error comes out about every 1 minute. Is there any fix for this?

Similar Messages

  • Misconfiguration detected in hash 'Global UID'

    Very dears all,
    I upgraded to Snow Leopard Server but I am still missing to have everything working safely as it was on Leopard Server.
    In SL Server, Open Directory is Master and its overview page says that both LDAP Server, Password Server and Kerberos are running but in the Settings pane the Kerberize... button is always present (while it is absent in L Server) and if I push the button I am requested to enter user name and password, which is the same I enter in WGM (where it works OK), but it is not accepted and the same windows is re-opened.
    Checking the OP logs, in Directory Services Error log, I got the following raw:
    Misconfiguration detected in hash 'Global UID'
    As well as User root raws for /LDAPv3/127.0.0.1 and Local are present with complex string references for UUID and SID.
    Is there anyone may help me to understand what it means and what to do to fully recover the service?
    Many thanks and best wishes,
    Carmine

    I look in my Directory Services Error log and see
    2009-11-11 13:28:27 EST - T[0x0000000100783000] - Misconfiguration detected in hash 'Global UID':
    2009-11-11 13:28:27 EST - T[0x0000000100783000] - User 'root' (/LDAPv3/127.0.0.1) - ID 0 - UUID 50518200-F0D2-4497-A282-6BBE836687C9 - SID S-1-5-21-68834345-3193862298-1725808020-1000
    2009-11-11 13:28:27 EST - T[0x0000000100783000] - User 'root' (/Local/Default) - ID 0 - UUID FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000 - SID S-1-5-18
    I launch dscl and
    list LDAPv3/127.0.0.1/Users/
    diradmin
    root
    vpn_30717237d42a
    root user in open directory that is new in SL.
    list Local/Default/Users/
    _amavisd
    _appowner
    _appserver
    _ard
    _atsserver
    _calendar
    _carddav
    _clamav
    _coreaudiod
    _cvmsroot
    _cvs
    _cyrus
    _devdocs
    _dovecot
    _eppc
    _installer
    _jabber
    _lda
    _locationd
    _lp
    _mailman
    _mcxalr
    _mdnsresponder
    _mysql
    _pcastagent
    _pcastserver
    _postfix
    _qtss
    _sandbox
    _screensaver
    _securityagent
    _serialnumberd
    _softwareupdate
    _spotlight
    _sshd
    _svn
    _teamsserver
    _timezone
    _tokend
    _trustevaluationagent
    _unknown
    updatesharing
    _usbmuxd
    _uucp
    _windowserver
    _www
    _xgridagent
    _xgridcontroller
    com.apple.calendarserver
    com.apple.mailuserforservices
    com.apple.notificationuser
    daemon
    nobody
    notjunkmail
    root
    Which also has a root user. So yes I have 2 root users. I have never seen a root user in the ldap database is this new and expected?
    Is this wrong?
    should I line up the generated UIDS?
    read LDAPv3/127.0.0.1/Users/root/
    dsAttrTypeNative:altSecurityIdentities: Kerberos:[email protected]
    dsAttrTypeNative:apple-generateduid: 50518200-F0D2-4497-A282-6BBE836687C9
    dsAttrTypeNative:authAuthority:
    ;ApplePasswordServer; blah blah blah blah blah
    [email protected]:192.168.1.1
    dsAttrTypeNative:cn:
    System Administrator
    dsAttrTypeNative:gidNumber: 0
    dsAttrTypeNative:homeDirectory: /private/var/root
    dsAttrTypeNative:loginShell: /bin/tcsh
    dsAttrTypeNative:objectClass: inetOrgPerson posixAccount shadowAccount apple-user extensibleObject
    dsAttrTypeNative:shadowExpire: 0
    dsAttrTypeNative:shadowLastChange: 0
    dsAttrTypeNative:sn: Administrator
    dsAttrTypeNative:uid: root
    dsAttrTypeNative:uidNumber: 0
    dsAttrTypeNative:userPassword: ******
    AltSecurityIdentities: Kerberos:[email protected]
    AppleMetaNodeLocation: /LDAPv3/127.0.0.1
    AuthenticationAuthority:
    Change: 0
    Expire: 0
    GeneratedUID: 50518200-blah-blah-blah-blah
    LastName: Administrator
    NFSHomeDirectory: /private/var/root
    Password: ******
    PrimaryGroupID: 0
    RealName:
    System Administrator
    RecordName:
    root
    System Administrator
    RecordType: dsRecTypeStandard:Users
    UniqueID: 0
    UserShell: /bin/tcsh
    read Local/Default/Users/root
    AppleMetaNodeLocation: /Local/Default
    AuthenticationAuthority: ;ShadowHash; ;Kerberosv5;;root@LKDC:SHA1.3 blah;
    GeneratedUID: blah blah-blah-blah-blah-blah blah blah
    NFSHomeDirectory: /var/root
    Password: ******
    PrimaryGroupID: 0
    RealName:
    System Administrator
    RecordName: root
    RecordType: dsRecTypeStandard:Users
    SMBSID: S-1-5-18
    UniqueID: 0
    UserShell: /bin/sh
    What to do...

  • Misconfiguration detected in hash 'Global SID'

    Greetings
    I have the above message in my Directory Services Error log, repeated over & over. I read other posts about this which seem to relate to overlapping user or group IDs. I don't have that issue, and in fact this seems to relate to computer records rather than users or groups. As a test, I deleted & recreated the Guest Computer record, but still get the same issue.
    eddie.waveneyrivercentre.co.uk is the name of the server, and if I am understanding the log correctly it's computer record is somehow conflicting with the guest computer record?
    Mac Mini OS X Server 10.6.2
    Here's the log:
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Misconfiguration detected in hash 'Global SID':
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Misconfiguration detected in hash 'Global SID':
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
    does anyone have any ideas?
    TIA
    JAmes

    Greetings
    I have the above message in my Directory Services Error log, repeated over & over. I read other posts about this which seem to relate to overlapping user or group IDs. I don't have that issue, and in fact this seems to relate to computer records rather than users or groups. As a test, I deleted & recreated the Guest Computer record, but still get the same issue.
    eddie.waveneyrivercentre.co.uk is the name of the server, and if I am understanding the log correctly it's computer record is somehow conflicting with the guest computer record?
    Mac Mini OS X Server 10.6.2
    Here's the log:
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Misconfiguration detected in hash 'Global SID':
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Misconfiguration detected in hash 'Global SID':
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
    2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
    does anyone have any ideas?
    TIA
    JAmes

  • Misconfiguration detected in hash 'SID' / 'GID'

    Hi!
    We are having strange issues with a Snow Leopard Server (10.6.2). Every now an then, it will hang. There seems to be a connection to TimeMachine starting. Authentication via OD is then not possible, especially people can't access the wireless network via RADIUS. We have changed the RAM to no avail.
    The only error messages I can find that might have to do with it are copied below - apparently a misconfiguration is detected: It seems there are two groups that both have ID 502 (com.apple.local.ard_reports, com.apple.access_radius); we also have two each with 501 (com.apple.local.ard_admin, com.apple.monitorallservices) and 500 (com.apple.adminallservices, com.apple.access_ssh). Can I just change the IDs or would that make matters worse? Could I delete one or the other to have it auto-regenerated?
    We have a group radius with ID 5100 where we keep the users that are allowed access through radius as configured in Server Admin/RADIUS/settings/users.
    Could someone please point me in the right direction?
    Regards,
    Torsten
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'Global GID':
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'Global SID':
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'GID':
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'SID':
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
    2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005

    So, we too are having this issue. We have several systems that are all pointed to an OD that was upgraded from 10.5.8 to 10.6.0 (then 10.6.2), and all the systems a few times a day report:
    Dec 23 10:00:00 server DirectoryService[29]: Misconfiguration detected in hash 'Global GID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
    Dec 23 10:00:00: --- last message repeated 5 times ---
    Dec 23 10:00:00 server DirectoryService[29]: Misconfiguration detected in hash 'GID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
    Dec 23 10:09:03: --- last message repeated 5 times ---
    When you look in DirectoryService.error.log, you get:
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/LDAPv3/od.example.com) - ID 1 - UUID 5860426A-2F8A-4CB8-932C-548A6351DAF7 - SID S-1-5-21-4096-2147483678-1391576524-1003
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/Local/Default) - ID 1 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000001 - SID S-1-5-21-4171259825-3059450906-1974363594-1003
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/LDAPv3/od.example.com) - ID 2 - UUID 218C138E-0861-4354-AD5E-EFBEE973A167 - SID S-1-5-21-4096-2147483678-1391576524-1005
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/Local/Default) - ID 2 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000002 - SID S-1-5-21-4171259825-3059450906-1974363594-1005
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/LDAPv3/od.example.com) - ID 3 - UUID 41B0EEF7-6BDE-4AE2-9D74-FBC5B4E57A43 - SID S-1-5-21-4096-2147483678-1391576524-1007
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/Local/Default) - ID 3 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000003 - SID S-1-5-21-4171259825-3059450906-1974363594-1007
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/LDAPv3/od.example.com) - ID 4 - UUID 343B0640-571C-4210-99FA-585F274128AC - SID S-1-5-21-4096-2147483678-1391576524-1009
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/Local/Default) - ID 4 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000004 - SID S-1-5-21-4171259825-3059450906-1974363594-1009
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/LDAPv3/od.example.com) - ID 5 - UUID C7B00423-F511-4F09-BF56-13F06AE30B37 - SID S-1-5-21-4096-2147483678-1391576524-1011
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/Local/Default) - ID 5 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000005 - SID S-1-5-21-4171259825-3059450906-1974363594-1011
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/LDAPv3/od.example.com) - ID 1 - UUID 5860426A-2F8A-4CB8-932C-548A6351DAF7 - SID S-1-5-21-4096-2147483678-1391576524-1003
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/Local/Default) - ID 1 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000001 - SID S-1-5-21-4171259825-3059450906-1974363594-1003
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/LDAPv3/od.example.com) - ID 2 - UUID 218C138E-0861-4354-AD5E-EFBEE973A167 - SID S-1-5-21-4096-2147483678-1391576524-1005
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/Local/Default) - ID 2 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000002 - SID S-1-5-21-4171259825-3059450906-1974363594-1005
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/LDAPv3/od.example.com) - ID 3 - UUID 41B0EEF7-6BDE-4AE2-9D74-FBC5B4E57A43 - SID S-1-5-21-4096-2147483678-1391576524-1007
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/Local/Default) - ID 3 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000003 - SID S-1-5-21-4171259825-3059450906-1974363594-1007
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/LDAPv3/od.example.com) - ID 4 - UUID 343B0640-571C-4210-99FA-585F274128AC - SID S-1-5-21-4096-2147483678-1391576524-1009
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/Local/Default) - ID 4 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000004 - SID S-1-5-21-4171259825-3059450906-1974363594-1009
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/LDAPv3/od.example.com) - ID 5 - UUID C7B00423-F511-4F09-BF56-13F06AE30B37 - SID S-1-5-21-4096-2147483678-1391576524-1011
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/Local/Default) - ID 5 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000005 - SID S-1-5-21-4171259825-3059450906-1974363594-1011
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
    2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
    To me, it sounds like there are groups defined in the OD (wheel, mysql, daemon, etc) that are also defined on the local machine. They probably shouldn't be defined on the domain because they're local accounts by design (and don't really need to be directory accounts).
    So, one would think they could just be deleted from the directory, but obviously don't want to do that unless it's the right call.
    Anyone see an issue with that? Is my analysis incorrect?

  • Misconfiguration detected in hash 'Kerberos'

    I am having difficulty troubleshooting this error.  I have attached a section of the /var/log/opendirectoryd.log file while in debug mode.  This is a 10.7.3 Open Directory master with no replicas.  I put logging into debug mode to try to get to the root of this problem but I am not finding an answer to this issue.  I am getting this same error message with multiple users, but they can all log in and function just fine.  We are doing Radius auth to OD from our Cisco ASA for VPN connectivity and that works fine as well.
    Any help would be greatly appreciated.  Thanks!
    2012-03-12 11:30:09.119 PDT - Multiple names for non-user record 'wleler' - will be cache miss for others
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - Attaching Kerberos id '[email protected].
    OFFICE' to record 'wleler'
    2012-03-12 11:30:09.119 PDT - Setting item 'wleler' with expiration 406137
    2012-03-12 11:30:09.119 PDT - Adding item 'wleler' with expiration 406137
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalGUID - adding entry wleler (0x43E09310) - node 0x45903830
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalUID - adding entry wleler (0x43E09310) - node 0x45903B30
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - UserName - adding entry wleler (0x43E09310) - node 0x45903C60
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - Misconfiguration detected in hash 'Kerberos':
        User 'wleler' (/LDAPv3/127.0.0.1) - ID 1043 - UUID C66E0823-A91D-4C27-9A37-4BA25090F3AC - SID S-1-5-21-2682738804-2853610044-371931698-3086
         User 'cvaraghur' (/LDAPv3/127.0.0.1) - ID 1055 - UUID 062DA3EC-8197-460A-94DA-8F94008B4B0F - SID S-1-5-21-2682738804-2853610044-371931698-3110
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalSID - adding entry wleler (0x43E09310) - node 0x45903DE0
    2012-03-12 11:30:09.119 PDT - Module: SystemCache - Merged record 'wleler' (0x459033E0) into 0x43E09310 - new authority 'Name'
    2012-03-12 11:30:09.120 PDT - Finalizing request 6369 object 0x7fb445d3b860
    2012-03-12 11:30:09.120 PDT - Finalizing request 6366 object 0x7fb445902f30
    2012-03-12 11:30:09.130 PDT - 1458.6370 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
    2012-03-12 11:30:09.130 PDT - 1458.6370 - Adding to global request list - new count 1
    2012-03-12 11:30:09.130 PDT - 1458.6370 - ODQueryCreateWithNode request, NodeID: 425F4A0A-25C3-4E46-8A8E-EC4C2DD3465B, RecordType(s): dsRecTypeStandard:AFPUserAliases, Attribute: dsAttrTypeStandard:RecordName, MatchType: EqualTo, Equality: CaseExact, Value(s): wleler, Requested Attributes: dsAttributesAll, Max Results: 1

    Hi,
    your log tells me that the users wleler and cvaraghur have the same values in "AltSecurityIdentities" -> something like "kerberos:[email protected]".
    Go to: Systemsettings -> User & Groups -> Login options (the little House Symbol).
    Then Klick the edit button beside the networkaccount server entry. In the new opened window click the open directory service button. Choose the right tree (Users) - (/LDAPv3/127.0.0.1) and authenticate yourself with the diradmin user. Check every single users entry  "AltSecurityIdentities" and change untitled_1 to the users short name.
    Example, change: "kerberos:[email protected]". to "kerberos:[email protected]" for your user wleler and
    "kerberos:[email protected]" for user cvaraghur.
    thats it

  • Lion Server: Misconfiguration detected in hash 'UserGroupGUID'

    Hi,
    I'm new to OS X Server - the price had me installing and doing things manually prior to Lion.  Previously I managed users and groups manually, but now I'm giving open directory a go.  I'm seeing these messages in opendirectoryd.log:
    2011-08-21 08:38:06.479 EDT - Module: SystemCache - Misconfiguration detected in hash 'UserGroupGUID':
            Group 'workgroup' (/LDAPv3/localhost) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-987654321-987654321-987654321-3051
            Group 'workgroup' (/LDAPv3/127.0.0.1) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-4096-2147483670-3416910327-3051
    2011-08-21 08:38:06.482 EDT - Module: SystemCache - Misconfiguration detected in hash 'UserGroupGID':
            Group 'workgroup' (/LDAPv3/localhost) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-987654321-987654321-987654321-3051
            Group 'workgroup' (/LDAPv3/127.0.0.1) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-4096-2147483670-3416910327-3051
    I also see this:
    2011-08-21 08:38:04.990 EDT - Discovered configuration for node name '/LDAPv3/127.0.0.1' at path '/Library/Preferences/OpenDirectory/Configurations/LDAPv3/127.0.0.1.plist'
    2011-08-21 08:38:04.990 EDT - Registered subnode with name '/LDAPv3/127.0.0.1'
    2011-08-21 08:38:04.991 EDT - Discovered configuration for node name '/LDAPv3/localhost' at path '/Library/Preferences/OpenDirectory/Configurations/LDAPv3/localhost.plist'
    2011-08-21 08:38:04.991 EDT - Registered subnode with name '/LDAPv3/localhost'
    "workgroup" is the default group that was there - I didn't create it (or any other groups), though I did add members.  I'm curios why it is referencing both "/LDAPv3/localhost" and "/LDAPv3/127.0.0.1", and I suspect that may be the issue.  If so, any ideas on how I caused this, and how to fix it?  My guess is that I could remove one of the .plist files, but if I have done something in the gui to cause this, I'd like to fix it there so that some config chagne doesn't end up re-creating the problem.  So far I haven't done any "manual" editing of configuration files.
    Thanks very much!

    Hah! Thanks for pointing that out!  I've moved it over there:
    https://discussions.apple.com/thread/3277778
    Sorry about that!

  • Misconfiguration detected in hash 'GID'

    So it seems somehow I have a conflict between a default user and a sharepoint with their ID
    Any help to resolve this would be great.
    There are no access restrictions on this machine
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Misconfiguration detected in hash 'GID':
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.sharepoint.group.6' (/Local/Default) - ID 106 - UUID F2BBAF71-A605-4F25-8FE5-8927BE578F81 - SID S-1-5-21-2431082434-2368188631-2040194005-1213
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.limited_admin' (/LDAPv3/127.0.0.1) - ID 106 - UUID 8622BF36-A93E-41C3-A390-6E584C1EEC5A - SID S-1-5-21-2431082434-2368188631-2040194005-1213
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Misconfiguration detected in hash 'SID':
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.sharepoint.group.6' (/Local/Default) - ID 106 - UUID F2BBAF71-A605-4F25-8FE5-8927BE578F81 - SID S-1-5-21-2431082434-2368188631-2040194005-1213
    2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.limited_admin' (/LDAPv3/127.0.0.1) - ID 106 - UUID 8622BF36-A93E-41C3-A390-6E584C1EEC5A - SID S-1-5-21-2431082434-2368188631-2040194005-1213

    Hi, the problem is in the Server Admin - Acess tab. Remove the Access restriction of the service.
    I have the same problem with the "com.apple.access_radius", removing all the restriction the error stop.

  • Misconfiguration detected in hash -- but for a "group"?  How to fix?

    So I read the other threads about people with this problem -- but they get this for user accounts.
    In my system.log file, I get these:
    Nov 12 11:05:12 tts10 DirectoryService[29]: Misconfiguration detected in hash 'SID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
    But when I look in the error.log, it's referring to groups -- not users:
    2009-11-12 11:05:12 EST - T[0x0000000103381000] - Misconfiguration detected in hash 'SID':
    2009-11-12 11:05:12 EST - T[0x0000000103381000] - Group 'com.apple.sharepoint.group.1' (/Local/Default) - ID 101 - UUID FEC93DE0-2160-4841-83F9-8C3D4D92BF9D - SID S-1-5-21-447369889-2185500279-2677664303-1203
    2009-11-12 11:05:12 EST - T[0x0000000103381000] - Group 'com.apple.access_screensharing' (/Local/Default) - ID 101 - UUID 193DC638-BF8C-44EF-8442-CF93E7B1B84C - SID S-1-5-21-447369889-2185500279-2677664303-1203
    Which apparently seem to have the same ID.
    However, I'm not seeing these groups in WGM. What should I be looking for to find the groups and their IDs?
    (I'm suspicious of the group that says "group.1" being a duplicate group...)
    This is a server that started at 10.5.6, was updated accordingly through 10.5.8 and was updated to 10.6.0/1 a month or so ago and had the 10.6.2 combo update installed a couple of days ago.
    Thanks!

    A bit more on this...
    I looked at the groups with dscl.
    Sure enough, they show the same "PrimaryGroupID":
    /Local/Default/Groups > read com.apple.access_screensharing
    AppleMetaNodeLocation: /Local/Default
    GeneratedUID: 193DC638-BF8C-44EF-8442-CF93E7B1B84C
    NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050
    PrimaryGroupID: 101
    RealName:
    Screen Sharing Group
    RecordName: com.apple.access_screensharing
    RecordType: dsRecTypeStandard:Groups
    /Local/Default/Groups > read com.apple.sharepoint.group.1
    AppleMetaNodeLocation: /Local/Default
    GeneratedUID: FEC93DE0-2160-4841-83F9-8C3D4D92BF9D
    GroupMembers: FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000
    GroupMembership: root
    NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050 ABCDEFAB-CDEF-ABCD-EFAB-CDEF0000000C
    PrimaryGroupID: 101
    RealName: Public
    RecordName: com.apple.sharepoint.group.1
    RecordType: dsRecTypeStandard:Groups
    /Local/Default/Groups >
    I'm just not sure what I'm supposed to do now? On another box, "screensharing" is group "401" (and has a different "RealName"):
    /Local/Default/Groups > read com.apple.access_screensharing
    AppleMetaNodeLocation: /Local/Default
    GeneratedUID: 739023F9-4456-4C1F-BEDB-0EB013B0415B
    NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050
    PrimaryGroupID: 401
    RealName:
    Screen Sharing ACL
    RecordName: com.apple.access_screensharing
    RecordType: dsRecTypeStandard:Groups
    /Local/Default/Groups >
    Thoughts? Suggestions?

  • Password hashing on client side

    Hi. I would like my users to have their passwords hashed in SHA1 at the client side when they login so that when the html form comes to the server, the password is hashed and in case if the form is being eavesdropped on , I do not need to worry about the passwords in plain since it's hashed.
    I am not using SSL because there isn't much things to encrypt or hide secret other than just for the login passwords or users changing their user profile like updating their passwords. And SSL can add quite abit of cost to my client's web hosting budget.
    So simply, is there anyway to hash passwords in client side using JSP before it is sent to the server ?

    Not using jsp no, because JSP stands for Java SERVER Pages. Meaning that java/jsp only runs on the server.
    You can do it in javascript client-side: http://www.movable-type.co.uk/scripts/sha1.html
    But whats the point?
    Now instead of sending what they user typed in, you send the hash of it.
    If anyone is monitoring the line, they can just send the hash of it as well.
    No protection is afforded you by doing this.
    Hashing the password doesn't stop someone stealing it by tapping into the line.
    What is DOES stop is somebody querying your database and saying "give me a list of username/passwords"

  • UID / SID

    How could I access the UID (or SID) on a usb flash drive? I
    want to use the UID to authenticate that the program is on one of
    my USB flash drives and then use it to authenticate data passed to
    a web form.

    "Applied CD" <[email protected]> wrote in
    message
    news:gnk4hg$cth$[email protected]..
    > You might want to look at U3 enabled flash drives. These
    drives
    > provide
    > environment variables that will let you authenticate the
    media. I?m
    > not saying
    > it will be easy, you?ll still need an xtra because the
    environment
    > variables
    > are made available to C programmers, not directly
    accessible in
    > Director. On
    > top of that, we tested a concept of using these drives
    as give-aways
    > with
    > preloaded advertising and I found the U3 launcher alone
    to be
    > incredibly
    > annoying, much less having advertising dumped on top ?
    but ? if
    > you?re putting
    > something useful on the drive then maybe U3 will be a
    solution for
    > you.
    Hi,
    the U3 launcher, is that a sort of "autorun" thingie? :( :(
    If so, then I am already having deja-vues....
    Richard

  • How can I detect if a global bolean variable has changed

    I have a boolean global variable that change its value from time to time. At hte beginning of my program I take the actual time, but everytime this value change I have to reset this previous value and take the actual one. I've tried to do this with the event structure but it doesn't work because this is a global variable and not a control in the panel. Some idea to solve this problem? Thanks in advance,
    Angel

    It's mainly because you are reading value change events for the indicator, not the control. Value change events are only fired for changes given by a user. The indicator however is not updated by the GUI, but by programmatic input from the control. By replacing the reference with a reference to the control it will work. Or you can write the value to the indicator by using a Value (Signaling) property, that will trigger a change event for the indicator.
    Note: You should not register the event inside the loop, do that only once - outside the loop.
    If the boolean you are to monitor is not changed from the GUI you can as I mentioned above make it fire an event by setting the value using the value signalling property inst
    ead of wiring the new value directly, but the property node has it's downsides so another option is to create a user event, put that reference in the global, and then run the generate user event function whenever the boolean changes.
    I see you read the ms timer when the value changes. Why? If you want the time get the time, if you want the time since the last update you could use the ms timer, keep the previous value in a shift register and then calculate the difference, but the ms timer rolls over now and then so that can give false results...What is the purpose of the time and how often does the value change?
    Attached is an exmaple that use a user event and the generate event function.
    MTO
    Attachments:
    example_Rev3.llb ‏54 KB

  • Detecting validation error on client side

    If there is some error in validation on the field of ViewObject which is binded with a page, that component shows error message. I want to set some javascript fields on client side when a component gets error. How i can do that?

    Hi,
    for this you will need to catch the error in a custom error handler and call JavaScript from a managed bean (see chapter 5 of the Web Developer guide in the OTN documentation for JDeveloper and ADF).
    Frank

  • Misconfiguration detected - Failed to insert key ' T CN=Apple Root CA,OU=Apple Certification Authority,O=Apple Inc.,C=US S CN=com.apple.idms.appleid.prd.

    Al of a sudden after trying to get profiles running with server app I can no longer log into the system with my user account. I can however log in with the root user.
    Ihave tried a ton of support articles from apple support site and web based searches to no avail?

    Al of a sudden after trying to get profiles running with server app I can no longer log into the system with my user account. I can however log in with the root user.
    Ihave tried a ton of support articles from apple support site and web based searches to no avail?

  • Duplicate UIDs, authentication AD

    We have lab machines that are bound to Active Directory, no Open Directory, just Active, being managed with local MCX settings.  I have a two users who have somehow gotten the same UID from the Macintosh.  Now when one of them logs in, it is trying to use the other's home directory, can't find and gives the error message the users home directory can't be found in the usual place.  It logs the user in, but sees him as the other user. 
    Active Directory does not have this attribute anywhere and I'm trying to find out how to get rid of the duplicate UID and have one of the users get a new one.
    What I don't understand is why it is saving that information.  For the lab machines, the accounts are deleted on logout (and login), so there should be no record of any of the users.
    Here's the message Console gives me:
    2011-04-15 11:30:46 EDT - T[0x000000010200B000] - Misconfiguration detected in hash 'Global UID':
    2011-04-15 11:30:46 EDT - T[0x000000010200B000] - User 'userA' (/Active Directory/student.ads.xxxx.xxx) - ID 506956629 - UUID 9E378B55-22AD-47AA-B0AE-AE56CB387A47 - SID S-1-5-21-3326139827-3656363311-3723297674-111390
    2011-04-15 11:30:46 EDT - T[0x000000010200B000] - User 'userB' (/Active Directory/student.ads.xxxx.xxx) - ID 506956629 - UUID 1E378B55-A39A-4D72-96B8-46417E225A00 - SID S-1-5-21-3326139827-3656363311-3723297674-36961
    Thanks for any help!

    I had to submit a trouble ticket to AELP and found out, it's the alogrithm, they use in generating the uniqueID.  Something about it takes the GUID and the some other attribute and comes up with a uniqueID that follows that user. 
    I was told it was a million to one shot that it would happen, but it could happen, and it did.  The best resolution was to delete one of the accounts and recreate and then it would get a different GUID and then OSX will generate a new (really new) uniqueID.
    I did try the unbind and bind first, but obviously that didn't do anything for the user.
    Thanks for the response and hopefully, the next one in a millionth user will find this answer helpful!

  • Mobile-accounts FULL PATH badboy

    Our goal is to get Mobile Accounts with Portable Home Directories working. The home folders are stored on an external hard drive on Mac OS X Server 10.6.3. It's more or less working... but not quite ARGHH! HELP!!
    The short question is: What value do I use for the 'full path'
    The obvious answer, causes problems.
    THE GORY DETAILS (+aka. 'argh!!'+):
    Since all the files for user1 are stored on macsrv1 in /Volumes/team1/users/user1 I believe that in WGM I should have:
    Share Point URL: afp://macsrv1.disney.ch/users
    path to home: user1
    full path: /Volumes/team1/users/user1
    but when I try to log onto user1 on mac1, for the first time, it fails.
    In /var/log/secure.log I read +"user1 not known"+.
    And +"Could not get the user record for 'user1' from Directory Services"+
    (see *error1 at the bottom of this msg)
    IF I CHANGE the full path to:
    full path: /Network/Servers/macsrv1.disney.ch/users/user1
    THE LOGIN WORKS (I'm asked if I want to create a mobile account and when I say yes, a local folder is created on mac1, and any syncing does indeed cause files to appear on macsrv1 in /Volumes/team1/users/user1
    HOWEVER (+aka. Oh no!+):
    When the user does an ssh into macsrv1, his home directory (cd ~ or echo $HOME) is /Network/servers/macsrv1.disney.ch/users/user1 which is really just /users/users1 which is a virgin/template-like folder.. certainy not /Volumes/team1/users/user1
    BUT (goodnews here)
    If I now set the full path back...
    full path: /Volumes/team1/users/user1
    Everything works. Loggging into mac1 ok. SSHing into macsrv1 ok.
    But logging into mac2 fails (until I switch out the full path again)
    *a. WHAT SHOULD BE THE CORRECT VALUE FOR FULL PATH?*
    b. If it should be /Volumes/team1/users/user1 then how can I convince the client macs to create the mobile account?
    2. I have a 2nd question concerning the automount re-mounting the drive... causing a double mount! I've described the problem here: http://discussions.apple.com/thread.jspa?threadID=2461695&stqc=true
    I've hunted through the forums, where appartently the answer lies, without success. Please help!
    /shawn
    THANKS FOR ANY INSIGHT/help.
    Helpers get free beer if they come to Switzerland.
    p.s. I might add that the afp Share point on macsrv1 for /Volumes/team1/users is called 'users' (configured via WGM). Does that help? Maybe there is some weird conflict between there existing a /Users in root, and there being a mount called 'users'?
    *error1:
    After the login window, the user is informed that "Zou are unable to log into the user account. An error has occurred". In system.log on mac1 I read +"edu.mit.Kerberos.CCacheServer[927]: launchctl start error: No such process"+
    +edu.mit.Kerberos.CCacheServer[927]: launchctl start error: No such process+
    Message was edited by: DrKdev

    Other observations:
    *1. from /Library/Logs/DirectoryService/DirectoryService.error.log*
    2010-06-18 14:04:11 CEST - T[0xB0185000] - Misconfiguration detected in hash 'Global UID':
    2010-06-18 14:04:11 CEST - T[0xB0185000] - User 'user1' (/LDAPv3/macsrv1.disney.ch) - ID 1035 - UUID 80699B6C-A90E-4D2F-9B07-FB78F72E9709 - SID S-1-5-21-4063190502-2217233148-2094676766-3070
    *2. user IS showing up in the login window.*
    If I configure the login window to show all users (including network users), then user1 does indeed show up.
    *3. Logging into user1 via ssh works.*
    *4. dscl on macsrv1*
    dscl /LDAPv3/127.0.0.1 -list /Users
    does indeed show user1 (and any other user I create)
    So why can't I login/create user1 on the client mac without toggling the FULL PATH to /Network/Servers/macsrv1.disney.ch/users/user1 first? arghh!

Maybe you are looking for