Misconfiguration detected in hash 'Global UID'

Very dears all,
I upgraded to Snow Leopard Server but I am still missing to have everything working safely as it was on Leopard Server.
In SL Server, Open Directory is Master and its overview page says that both LDAP Server, Password Server and Kerberos are running but in the Settings pane the Kerberize... button is always present (while it is absent in L Server) and if I push the button I am requested to enter user name and password, which is the same I enter in WGM (where it works OK), but it is not accepted and the same windows is re-opened.
Checking the OP logs, in Directory Services Error log, I got the following raw:
Misconfiguration detected in hash 'Global UID'
As well as User root raws for /LDAPv3/127.0.0.1 and Local are present with complex string references for UUID and SID.
Is there anyone may help me to understand what it means and what to do to fully recover the service?
Many thanks and best wishes,
Carmine

I look in my Directory Services Error log and see
2009-11-11 13:28:27 EST - T[0x0000000100783000] - Misconfiguration detected in hash 'Global UID':
2009-11-11 13:28:27 EST - T[0x0000000100783000] - User 'root' (/LDAPv3/127.0.0.1) - ID 0 - UUID 50518200-F0D2-4497-A282-6BBE836687C9 - SID S-1-5-21-68834345-3193862298-1725808020-1000
2009-11-11 13:28:27 EST - T[0x0000000100783000] - User 'root' (/Local/Default) - ID 0 - UUID FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000 - SID S-1-5-18
I launch dscl and
list LDAPv3/127.0.0.1/Users/
diradmin
root
vpn_30717237d42a
root user in open directory that is new in SL.
list Local/Default/Users/
_amavisd
_appowner
_appserver
_ard
_atsserver
_calendar
_carddav
_clamav
_coreaudiod
_cvmsroot
_cvs
_cyrus
_devdocs
_dovecot
_eppc
_installer
_jabber
_lda
_locationd
_lp
_mailman
_mcxalr
_mdnsresponder
_mysql
_pcastagent
_pcastserver
_postfix
_qtss
_sandbox
_screensaver
_securityagent
_serialnumberd
_softwareupdate
_spotlight
_sshd
_svn
_teamsserver
_timezone
_tokend
_trustevaluationagent
_unknown
updatesharing
_usbmuxd
_uucp
_windowserver
_www
_xgridagent
_xgridcontroller
com.apple.calendarserver
com.apple.mailuserforservices
com.apple.notificationuser
daemon
nobody
notjunkmail
root
Which also has a root user. So yes I have 2 root users. I have never seen a root user in the ldap database is this new and expected?
Is this wrong?
should I line up the generated UIDS?
read LDAPv3/127.0.0.1/Users/root/
dsAttrTypeNative:altSecurityIdentities: Kerberos:[email protected]
dsAttrTypeNative:apple-generateduid: 50518200-F0D2-4497-A282-6BBE836687C9
dsAttrTypeNative:authAuthority:
;ApplePasswordServer; blah blah blah blah blah
[email protected]:192.168.1.1
dsAttrTypeNative:cn:
System Administrator
dsAttrTypeNative:gidNumber: 0
dsAttrTypeNative:homeDirectory: /private/var/root
dsAttrTypeNative:loginShell: /bin/tcsh
dsAttrTypeNative:objectClass: inetOrgPerson posixAccount shadowAccount apple-user extensibleObject
dsAttrTypeNative:shadowExpire: 0
dsAttrTypeNative:shadowLastChange: 0
dsAttrTypeNative:sn: Administrator
dsAttrTypeNative:uid: root
dsAttrTypeNative:uidNumber: 0
dsAttrTypeNative:userPassword: ******
AltSecurityIdentities: Kerberos:[email protected]
AppleMetaNodeLocation: /LDAPv3/127.0.0.1
AuthenticationAuthority:
Change: 0
Expire: 0
GeneratedUID: 50518200-blah-blah-blah-blah
LastName: Administrator
NFSHomeDirectory: /private/var/root
Password: ******
PrimaryGroupID: 0
RealName:
System Administrator
RecordName:
root
System Administrator
RecordType: dsRecTypeStandard:Users
UniqueID: 0
UserShell: /bin/tcsh
read Local/Default/Users/root
AppleMetaNodeLocation: /Local/Default
AuthenticationAuthority: ;ShadowHash; ;Kerberosv5;;root@LKDC:SHA1.3 blah;
GeneratedUID: blah blah-blah-blah-blah-blah blah blah
NFSHomeDirectory: /var/root
Password: ******
PrimaryGroupID: 0
RealName:
System Administrator
RecordName: root
RecordType: dsRecTypeStandard:Users
SMBSID: S-1-5-18
UniqueID: 0
UserShell: /bin/sh
What to do...

Similar Messages

Misconfiguration detected in hash global uid/sid

running on a mac os x sever network 10.6.8 with over 2,000 users and over 50 groups. for about 1 full year now in sever admin we get this error NON stop witch seems to happen when ever someone logs in. It will say
"misconfiguration detected in hash global UID" OR
"misconfiguration detected in hash global SID"
this is nonstop. From what i have read this is due to the same user or group having the same ID. Where can i go to psychically see if they have the same ID (in WGM it does not show any doubled ID's)
with over 2,000 users and people logging in all the time this error comes out about every 1 minute. Is there any fix for this?

running on a mac os x sever network 10.6.8 with over 2,000 users and over 50 groups. for about 1 full year now in sever admin we get this error NON stop witch seems to happen when ever someone logs in. It will say
"misconfiguration detected in hash global UID" OR
"misconfiguration detected in hash global SID"
this is nonstop. From what i have read this is due to the same user or group having the same ID. Where can i go to psychically see if they have the same ID (in WGM it does not show any doubled ID's)
with over 2,000 users and people logging in all the time this error comes out about every 1 minute. Is there any fix for this?

Misconfiguration detected in hash 'Global SID'

Greetings
I have the above message in my Directory Services Error log, repeated over & over. I read other posts about this which seem to relate to overlapping user or group IDs. I don't have that issue, and in fact this seems to relate to computer records rather than users or groups. As a test, I deleted & recreated the Guest Computer record, but still get the same issue.
eddie.waveneyrivercentre.co.uk is the name of the server, and if I am understanding the log correctly it's computer record is somehow conflicting with the guest computer record?
Mac Mini OS X Server 10.6.2
Here's the log:
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Misconfiguration detected in hash 'Global SID':
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Misconfiguration detected in hash 'Global SID':
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
does anyone have any ideas?
TIA
JAmes

Greetings
I have the above message in my Directory Services Error log, repeated over & over. I read other posts about this which seem to relate to overlapping user or group IDs. I don't have that issue, and in fact this seems to relate to computer records rather than users or groups. As a test, I deleted & recreated the Guest Computer record, but still get the same issue.
eddie.waveneyrivercentre.co.uk is the name of the server, and if I am understanding the log correctly it's computer record is somehow conflicting with the guest computer record?
Mac Mini OS X Server 10.6.2
Here's the log:
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Misconfiguration detected in hash 'Global SID':
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000101D05000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Misconfiguration detected in hash 'Global SID':
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'guest' (/LDAPv3/127.0.0.1) - ID -1 - UUID CE6FD001-9FAD-40EF-89D0-6993842825D5 - SID S-1-5-21-621501553-3013919606-753330415-998
2009-12-29 21:45:41 GMT - T[0x0000000100786000] - Computer 'eddie.waveneyrivercentre.co.uk$' (/Local/Default) - ID -1 - UUID 4D69A263-5232-4AB4-A7F7-63C57E7F2F70 - SID S-1-5-21-621501553-3013919606-753330415-998
does anyone have any ideas?
TIA
JAmes

Misconfiguration detected in hash 'SID' / 'GID'

Hi!
We are having strange issues with a Snow Leopard Server (10.6.2). Every now an then, it will hang. There seems to be a connection to TimeMachine starting. Authentication via OD is then not possible, especially people can't access the wireless network via RADIUS. We have changed the RAM to no avail.
The only error messages I can find that might have to do with it are copied below - apparently a misconfiguration is detected: It seems there are two groups that both have ID 502 (com.apple.local.ard_reports, com.apple.access_radius); we also have two each with 501 (com.apple.local.ard_admin, com.apple.monitorallservices) and 500 (com.apple.adminallservices, com.apple.access_ssh). Can I just change the IDs or would that make matters worse? Could I delete one or the other to have it auto-regenerated?
We have a group radius with ID 5100 where we keep the users that are allowed access through radius as configured in Server Admin/RADIUS/settings/users.
Could someone please point me in the right direction?
Regards,
Torsten
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'Global GID':
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'Global SID':
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'GID':
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Misconfiguration detected in hash 'SID':
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.access_radius' (/Local/Default) - ID 502 - UUID 225D0F16-2BDB-4223-98AA-7D3F34B117AA - SID S-1-5-21-1369265768-2395346185-594960456-2005
2009-12-12 16:46:37 CET - T[0x0000000106987000] - Group 'com.apple.local.ard_reports' (/Local/Default) - ID 502 - UUID 38251EE2-BE65-4863-B8DE-0DDBC399C261 - SID S-1-5-21-1369265768-2395346185-594960456-2005

So, we too are having this issue. We have several systems that are all pointed to an OD that was upgraded from 10.5.8 to 10.6.0 (then 10.6.2), and all the systems a few times a day report:
Dec 23 10:00:00 server DirectoryService[29]: Misconfiguration detected in hash 'Global GID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
Dec 23 10:00:00: --- last message repeated 5 times ---
Dec 23 10:00:00 server DirectoryService[29]: Misconfiguration detected in hash 'GID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
Dec 23 10:09:03: --- last message repeated 5 times ---
When you look in DirectoryService.error.log, you get:
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/LDAPv3/od.example.com) - ID 1 - UUID 5860426A-2F8A-4CB8-932C-548A6351DAF7 - SID S-1-5-21-4096-2147483678-1391576524-1003
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/Local/Default) - ID 1 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000001 - SID S-1-5-21-4171259825-3059450906-1974363594-1003
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/LDAPv3/od.example.com) - ID 2 - UUID 218C138E-0861-4354-AD5E-EFBEE973A167 - SID S-1-5-21-4096-2147483678-1391576524-1005
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/Local/Default) - ID 2 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000002 - SID S-1-5-21-4171259825-3059450906-1974363594-1005
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/LDAPv3/od.example.com) - ID 3 - UUID 41B0EEF7-6BDE-4AE2-9D74-FBC5B4E57A43 - SID S-1-5-21-4096-2147483678-1391576524-1007
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/Local/Default) - ID 3 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000003 - SID S-1-5-21-4171259825-3059450906-1974363594-1007
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/LDAPv3/od.example.com) - ID 4 - UUID 343B0640-571C-4210-99FA-585F274128AC - SID S-1-5-21-4096-2147483678-1391576524-1009
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/Local/Default) - ID 4 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000004 - SID S-1-5-21-4171259825-3059450906-1974363594-1009
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'Global GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/LDAPv3/od.example.com) - ID 5 - UUID C7B00423-F511-4F09-BF56-13F06AE30B37 - SID S-1-5-21-4096-2147483678-1391576524-1011
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/Local/Default) - ID 5 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000005 - SID S-1-5-21-4171259825-3059450906-1974363594-1011
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/LDAPv3/od.example.com) - ID 1 - UUID 5860426A-2F8A-4CB8-932C-548A6351DAF7 - SID S-1-5-21-4096-2147483678-1391576524-1003
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'daemon' (/Local/Default) - ID 1 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000001 - SID S-1-5-21-4171259825-3059450906-1974363594-1003
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/LDAPv3/od.example.com) - ID 2 - UUID 218C138E-0861-4354-AD5E-EFBEE973A167 - SID S-1-5-21-4096-2147483678-1391576524-1005
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'kmem' (/Local/Default) - ID 2 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000002 - SID S-1-5-21-4171259825-3059450906-1974363594-1005
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/LDAPv3/od.example.com) - ID 3 - UUID 41B0EEF7-6BDE-4AE2-9D74-FBC5B4E57A43 - SID S-1-5-21-4096-2147483678-1391576524-1007
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'sys' (/Local/Default) - ID 3 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000003 - SID S-1-5-21-4171259825-3059450906-1974363594-1007
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/LDAPv3/od.example.com) - ID 4 - UUID 343B0640-571C-4210-99FA-585F274128AC - SID S-1-5-21-4096-2147483678-1391576524-1009
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'tty' (/Local/Default) - ID 4 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000004 - SID S-1-5-21-4171259825-3059450906-1974363594-1009
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/LDAPv3/od.example.com) - ID 5 - UUID C7B00423-F511-4F09-BF56-13F06AE30B37 - SID S-1-5-21-4096-2147483678-1391576524-1011
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'operator' (/Local/Default) - ID 5 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000005 - SID S-1-5-21-4171259825-3059450906-1974363594-1011
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Misconfiguration detected in hash 'GID':
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/Local/Default) - ID 0 - UUID ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000 - SID S-1-5-21-4171259825-3059450906-1974363594-1001
2009-12-23 10:37:43 PST - T[0x0000000103381000] - Group 'wheel' (/LDAPv3/od.example.com) - ID 0 - UUID 9E733C05-88DE-4F83-9E09-038A887F1327 - SID S-1-5-21-4096-2147483678-1391576524-1001
To me, it sounds like there are groups defined in the OD (wheel, mysql, daemon, etc) that are also defined on the local machine. They probably shouldn't be defined on the domain because they're local accounts by design (and don't really need to be directory accounts).
So, one would think they could just be deleted from the directory, but obviously don't want to do that unless it's the right call.
Anyone see an issue with that? Is my analysis incorrect?

Misconfiguration detected in hash 'Kerberos'

I am having difficulty troubleshooting this error. I have attached a section of the /var/log/opendirectoryd.log file while in debug mode. This is a 10.7.3 Open Directory master with no replicas. I put logging into debug mode to try to get to the root of this problem but I am not finding an answer to this issue. I am getting this same error message with multiple users, but they can all log in and function just fine. We are doing Radius auth to OD from our Cisco ASA for VPN connectivity and that works fine as well.
Any help would be greatly appreciated. Thanks!
2012-03-12 11:30:09.119 PDT - Multiple names for non-user record 'wleler' - will be cache miss for others
2012-03-12 11:30:09.119 PDT - Module: SystemCache - Attaching Kerberos id '[email protected].
OFFICE' to record 'wleler'
2012-03-12 11:30:09.119 PDT - Setting item 'wleler' with expiration 406137
2012-03-12 11:30:09.119 PDT - Adding item 'wleler' with expiration 406137
2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalGUID - adding entry wleler (0x43E09310) - node 0x45903830
2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalUID - adding entry wleler (0x43E09310) - node 0x45903B30
2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - UserName - adding entry wleler (0x43E09310) - node 0x45903C60
2012-03-12 11:30:09.119 PDT - Module: SystemCache - Misconfiguration detected in hash 'Kerberos':
User 'wleler' (/LDAPv3/127.0.0.1) - ID 1043 - UUID C66E0823-A91D-4C27-9A37-4BA25090F3AC - SID S-1-5-21-2682738804-2853610044-371931698-3086
User 'cvaraghur' (/LDAPv3/127.0.0.1) - ID 1055 - UUID 062DA3EC-8197-460A-94DA-8F94008B4B0F - SID S-1-5-21-2682738804-2853610044-371931698-3110
2012-03-12 11:30:09.119 PDT - Module: SystemCache - RBtree add - GlobalSID - adding entry wleler (0x43E09310) - node 0x45903DE0
2012-03-12 11:30:09.119 PDT - Module: SystemCache - Merged record 'wleler' (0x459033E0) into 0x43E09310 - new authority 'Name'
2012-03-12 11:30:09.120 PDT - Finalizing request 6369 object 0x7fb445d3b860
2012-03-12 11:30:09.120 PDT - Finalizing request 6366 object 0x7fb445902f30
2012-03-12 11:30:09.130 PDT - 1458.6370 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
2012-03-12 11:30:09.130 PDT - 1458.6370 - Adding to global request list - new count 1
2012-03-12 11:30:09.130 PDT - 1458.6370 - ODQueryCreateWithNode request, NodeID: 425F4A0A-25C3-4E46-8A8E-EC4C2DD3465B, RecordType(s): dsRecTypeStandard:AFPUserAliases, Attribute: dsAttrTypeStandard:RecordName, MatchType: EqualTo, Equality: CaseExact, Value(s): wleler, Requested Attributes: dsAttributesAll, Max Results: 1

Hi,
your log tells me that the users wleler and cvaraghur have the same values in "AltSecurityIdentities" -> something like "kerberos:[email protected]".
Go to: Systemsettings -> User & Groups -> Login options (the little House Symbol).
Then Klick the edit button beside the networkaccount server entry. In the new opened window click the open directory service button. Choose the right tree (Users) - (/LDAPv3/127.0.0.1) and authenticate yourself with the diradmin user. Check every single users entry "AltSecurityIdentities" and change untitled_1 to the users short name.
Example, change: "kerberos:[email protected]". to "kerberos:[email protected]" for your user wleler and
"kerberos:[email protected]" for user cvaraghur.
thats it

Lion Server: Misconfiguration detected in hash 'UserGroupGUID'

Hi,
I'm new to OS X Server - the price had me installing and doing things manually prior to Lion. Previously I managed users and groups manually, but now I'm giving open directory a go. I'm seeing these messages in opendirectoryd.log:
2011-08-21 08:38:06.479 EDT - Module: SystemCache - Misconfiguration detected in hash 'UserGroupGUID':
        Group 'workgroup' (/LDAPv3/localhost) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-987654321-987654321-987654321-3051
        Group 'workgroup' (/LDAPv3/127.0.0.1) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-4096-2147483670-3416910327-3051
2011-08-21 08:38:06.482 EDT - Module: SystemCache - Misconfiguration detected in hash 'UserGroupGID':
        Group 'workgroup' (/LDAPv3/localhost) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-987654321-987654321-987654321-3051
        Group 'workgroup' (/LDAPv3/127.0.0.1) - ID 1025 - UUID 96520719-99D8-4168-8AF1-11AD55FB389F - SID S-1-5-21-4096-2147483670-3416910327-3051
I also see this:
2011-08-21 08:38:04.990 EDT - Discovered configuration for node name '/LDAPv3/127.0.0.1' at path '/Library/Preferences/OpenDirectory/Configurations/LDAPv3/127.0.0.1.plist'
2011-08-21 08:38:04.990 EDT - Registered subnode with name '/LDAPv3/127.0.0.1'
2011-08-21 08:38:04.991 EDT - Discovered configuration for node name '/LDAPv3/localhost' at path '/Library/Preferences/OpenDirectory/Configurations/LDAPv3/localhost.plist'
2011-08-21 08:38:04.991 EDT - Registered subnode with name '/LDAPv3/localhost'
"workgroup" is the default group that was there - I didn't create it (or any other groups), though I did add members. I'm curios why it is referencing both "/LDAPv3/localhost" and "/LDAPv3/127.0.0.1", and I suspect that may be the issue. If so, any ideas on how I caused this, and how to fix it? My guess is that I could remove one of the .plist files, but if I have done something in the gui to cause this, I'd like to fix it there so that some config chagne doesn't end up re-creating the problem. So far I haven't done any "manual" editing of configuration files.
Thanks very much!

Hah! Thanks for pointing that out! I've moved it over there:
https://discussions.apple.com/thread/3277778
Sorry about that!

Misconfiguration detected in hash 'GID'

So it seems somehow I have a conflict between a default user and a sharepoint with their ID
Any help to resolve this would be great.
There are no access restrictions on this machine
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Misconfiguration detected in hash 'GID':
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.sharepoint.group.6' (/Local/Default) - ID 106 - UUID F2BBAF71-A605-4F25-8FE5-8927BE578F81 - SID S-1-5-21-2431082434-2368188631-2040194005-1213
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.limited_admin' (/LDAPv3/127.0.0.1) - ID 106 - UUID 8622BF36-A93E-41C3-A390-6E584C1EEC5A - SID S-1-5-21-2431082434-2368188631-2040194005-1213
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Misconfiguration detected in hash 'SID':
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.sharepoint.group.6' (/Local/Default) - ID 106 - UUID F2BBAF71-A605-4F25-8FE5-8927BE578F81 - SID S-1-5-21-2431082434-2368188631-2040194005-1213
2010-04-27 13:09:35 EDT - T[0x0000000102B81000] - Group 'com.apple.limited_admin' (/LDAPv3/127.0.0.1) - ID 106 - UUID 8622BF36-A93E-41C3-A390-6E584C1EEC5A - SID S-1-5-21-2431082434-2368188631-2040194005-1213

Hi, the problem is in the Server Admin - Acess tab. Remove the Access restriction of the service.
I have the same problem with the "com.apple.access_radius", removing all the restriction the error stop.

Misconfiguration detected in hash -- but for a "group"? How to fix?

So I read the other threads about people with this problem -- but they get this for user accounts.
In my system.log file, I get these:
Nov 12 11:05:12 tts10 DirectoryService[29]: Misconfiguration detected in hash 'SID' - see /Library/Logs/DirectoryService/DirectoryService.error.log for details
But when I look in the error.log, it's referring to groups -- not users:
2009-11-12 11:05:12 EST - T[0x0000000103381000] - Misconfiguration detected in hash 'SID':
2009-11-12 11:05:12 EST - T[0x0000000103381000] - Group 'com.apple.sharepoint.group.1' (/Local/Default) - ID 101 - UUID FEC93DE0-2160-4841-83F9-8C3D4D92BF9D - SID S-1-5-21-447369889-2185500279-2677664303-1203
2009-11-12 11:05:12 EST - T[0x0000000103381000] - Group 'com.apple.access_screensharing' (/Local/Default) - ID 101 - UUID 193DC638-BF8C-44EF-8442-CF93E7B1B84C - SID S-1-5-21-447369889-2185500279-2677664303-1203
Which apparently seem to have the same ID.
However, I'm not seeing these groups in WGM. What should I be looking for to find the groups and their IDs?
(I'm suspicious of the group that says "group.1" being a duplicate group...)
This is a server that started at 10.5.6, was updated accordingly through 10.5.8 and was updated to 10.6.0/1 a month or so ago and had the 10.6.2 combo update installed a couple of days ago.
Thanks!

A bit more on this...
I looked at the groups with dscl.
Sure enough, they show the same "PrimaryGroupID":
/Local/Default/Groups > read com.apple.access_screensharing
AppleMetaNodeLocation: /Local/Default
GeneratedUID: 193DC638-BF8C-44EF-8442-CF93E7B1B84C
NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050
PrimaryGroupID: 101
RealName:
Screen Sharing Group
RecordName: com.apple.access_screensharing
RecordType: dsRecTypeStandard:Groups
/Local/Default/Groups > read com.apple.sharepoint.group.1
AppleMetaNodeLocation: /Local/Default
GeneratedUID: FEC93DE0-2160-4841-83F9-8C3D4D92BF9D
GroupMembers: FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000
GroupMembership: root
NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050 ABCDEFAB-CDEF-ABCD-EFAB-CDEF0000000C
PrimaryGroupID: 101
RealName: Public
RecordName: com.apple.sharepoint.group.1
RecordType: dsRecTypeStandard:Groups
/Local/Default/Groups >
I'm just not sure what I'm supposed to do now? On another box, "screensharing" is group "401" (and has a different "RealName"):
/Local/Default/Groups > read com.apple.access_screensharing
AppleMetaNodeLocation: /Local/Default
GeneratedUID: 739023F9-4456-4C1F-BEDB-0EB013B0415B
NestedGroups: ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000050
PrimaryGroupID: 401
RealName:
Screen Sharing ACL
RecordName: com.apple.access_screensharing
RecordType: dsRecTypeStandard:Groups
/Local/Default/Groups >
Thoughts? Suggestions?

How can I detect if a global bolean variable has changed

I have a boolean global variable that change its value from time to time. At hte beginning of my program I take the actual time, but everytime this value change I have to reset this previous value and take the actual one. I've tried to do this with the event structure but it doesn't work because this is a global variable and not a control in the panel. Some idea to solve this problem? Thanks in advance,
Angel

It's mainly because you are reading value change events for the indicator, not the control. Value change events are only fired for changes given by a user. The indicator however is not updated by the GUI, but by programmatic input from the control. By replacing the reference with a reference to the control it will work. Or you can write the value to the indicator by using a Value (Signaling) property, that will trigger a change event for the indicator.
Note: You should not register the event inside the loop, do that only once - outside the loop.
If the boolean you are to monitor is not changed from the GUI you can as I mentioned above make it fire an event by setting the value using the value signalling property inst
ead of wiring the new value directly, but the property node has it's downsides so another option is to create a user event, put that reference in the global, and then run the generate user event function whenever the boolean changes.
I see you read the ms timer when the value changes. Why? If you want the time get the time, if you want the time since the last update you could use the ms timer, keep the previous value in a shift register and then calculate the difference, but the ms timer rolls over now and then so that can give false results...What is the purpose of the time and how often does the value change?
Attached is an exmaple that use a user event and the generate event function.
MTO
Attachments:
example_Rev3.llb ‏54 KB

Misconfiguration detected - Failed to insert key ' T CN=Apple Root CA,OU=Apple Certification Authority,O=Apple Inc.,C=US S CN=com.apple.idms.appleid.prd.

Al of a sudden after trying to get profiles running with server app I can no longer log into the system with my user account. I can however log in with the root user.
Ihave tried a ton of support articles from apple support site and web based searches to no avail?

Al of a sudden after trying to get profiles running with server app I can no longer log into the system with my user account. I can however log in with the root user.
Ihave tried a ton of support articles from apple support site and web based searches to no avail?

Duplicate UIDs, authentication AD

We have lab machines that are bound to Active Directory, no Open Directory, just Active, being managed with local MCX settings. I have a two users who have somehow gotten the same UID from the Macintosh. Now when one of them logs in, it is trying to use the other's home directory, can't find and gives the error message the users home directory can't be found in the usual place. It logs the user in, but sees him as the other user.
Active Directory does not have this attribute anywhere and I'm trying to find out how to get rid of the duplicate UID and have one of the users get a new one.
What I don't understand is why it is saving that information. For the lab machines, the accounts are deleted on logout (and login), so there should be no record of any of the users.
Here's the message Console gives me:
2011-04-15 11:30:46 EDT - T[0x000000010200B000] - Misconfiguration detected in hash 'Global UID':
2011-04-15 11:30:46 EDT - T[0x000000010200B000] - User 'userA' (/Active Directory/student.ads.xxxx.xxx) - ID 506956629 - UUID 9E378B55-22AD-47AA-B0AE-AE56CB387A47 - SID S-1-5-21-3326139827-3656363311-3723297674-111390
2011-04-15 11:30:46 EDT - T[0x000000010200B000] - User 'userB' (/Active Directory/student.ads.xxxx.xxx) - ID 506956629 - UUID 1E378B55-A39A-4D72-96B8-46417E225A00 - SID S-1-5-21-3326139827-3656363311-3723297674-36961
Thanks for any help!

I had to submit a trouble ticket to AELP and found out, it's the alogrithm, they use in generating the uniqueID. Something about it takes the GUID and the some other attribute and comes up with a uniqueID that follows that user.
I was told it was a million to one shot that it would happen, but it could happen, and it did. The best resolution was to delete one of the accounts and recreate and then it would get a different GUID and then OSX will generate a new (really new) uniqueID.
I did try the unbind and bind first, but obviously that didn't do anything for the user.
Thanks for the response and hopefully, the next one in a millionth user will find this answer helpful!

Mobile-accounts FULL PATH badboy

Our goal is to get Mobile Accounts with Portable Home Directories working. The home folders are stored on an external hard drive on Mac OS X Server 10.6.3. It's more or less working... but not quite ARGHH! HELP!!
The short question is: What value do I use for the 'full path'
The obvious answer, causes problems.
THE GORY DETAILS (+aka. 'argh!!'+):
Since all the files for user1 are stored on macsrv1 in /Volumes/team1/users/user1 I believe that in WGM I should have:
Share Point URL: afp://macsrv1.disney.ch/users
path to home: user1
full path: /Volumes/team1/users/user1
but when I try to log onto user1 on mac1, for the first time, it fails.
In /var/log/secure.log I read +"user1 not known"+.
And +"Could not get the user record for 'user1' from Directory Services"+
(see *error1 at the bottom of this msg)
IF I CHANGE the full path to:
full path: /Network/Servers/macsrv1.disney.ch/users/user1
THE LOGIN WORKS (I'm asked if I want to create a mobile account and when I say yes, a local folder is created on mac1, and any syncing does indeed cause files to appear on macsrv1 in /Volumes/team1/users/user1
HOWEVER (+aka. Oh no!+):
When the user does an ssh into macsrv1, his home directory (cd ~ or echo $HOME) is /Network/servers/macsrv1.disney.ch/users/user1 which is really just /users/users1 which is a virgin/template-like folder.. certainy not /Volumes/team1/users/user1
BUT (goodnews here)
If I now set the full path back...
full path: /Volumes/team1/users/user1
Everything works. Loggging into mac1 ok. SSHing into macsrv1 ok.
But logging into mac2 fails (until I switch out the full path again)
*a. WHAT SHOULD BE THE CORRECT VALUE FOR FULL PATH?*
b. If it should be /Volumes/team1/users/user1 then how can I convince the client macs to create the mobile account?
2. I have a 2nd question concerning the automount re-mounting the drive... causing a double mount! I've described the problem here: http://discussions.apple.com/thread.jspa?threadID=2461695&stqc=true
I've hunted through the forums, where appartently the answer lies, without success. Please help!
/shawn
THANKS FOR ANY INSIGHT/help.
Helpers get free beer if they come to Switzerland.
p.s. I might add that the afp Share point on macsrv1 for /Volumes/team1/users is called 'users' (configured via WGM). Does that help? Maybe there is some weird conflict between there existing a /Users in root, and there being a mount called 'users'?
*error1:
After the login window, the user is informed that "Zou are unable to log into the user account. An error has occurred". In system.log on mac1 I read +"edu.mit.Kerberos.CCacheServer[927]: launchctl start error: No such process"+
+edu.mit.Kerberos.CCacheServer[927]: launchctl start error: No such process+
Message was edited by: DrKdev

Other observations:
*1. from /Library/Logs/DirectoryService/DirectoryService.error.log*
2010-06-18 14:04:11 CEST - T[0xB0185000] - Misconfiguration detected in hash 'Global UID':
2010-06-18 14:04:11 CEST - T[0xB0185000] - User 'user1' (/LDAPv3/macsrv1.disney.ch) - ID 1035 - UUID 80699B6C-A90E-4D2F-9B07-FB78F72E9709 - SID S-1-5-21-4063190502-2217233148-2094676766-3070
*2. user IS showing up in the login window.*
If I configure the login window to show all users (including network users), then user1 does indeed show up.
*3. Logging into user1 via ssh works.*
*4. dscl on macsrv1*
dscl /LDAPv3/127.0.0.1 -list /Users
does indeed show user1 (and any other user I create)
So why can't I login/create user1 on the client mac without toggling the FULL PATH to /Network/Servers/macsrv1.disney.ch/users/user1 first? arghh!

Mobile accounts are not being issued kerberos tickets

Hi
If I set mobile accounts to expire as soon as they log out, as soon as the user logs back into the same mac with the same account, it does not get issued another kerberos ticket at login.
If I turn mobile accounts off, it works every time.
running 10.6, 10.6 open directory server and the user accounts are AD accounts server 2003.
I am pulling my hair our here. Is this something that is intentional?

Other observations:
*1. from /Library/Logs/DirectoryService/DirectoryService.error.log*
2010-06-18 14:04:11 CEST - T[0xB0185000] - Misconfiguration detected in hash 'Global UID':
2010-06-18 14:04:11 CEST - T[0xB0185000] - User 'user1' (/LDAPv3/macsrv1.disney.ch) - ID 1035 - UUID 80699B6C-A90E-4D2F-9B07-FB78F72E9709 - SID S-1-5-21-4063190502-2217233148-2094676766-3070
*2. user IS showing up in the login window.*
If I configure the login window to show all users (including network users), then user1 does indeed show up.
*3. Logging into user1 via ssh works.*
*4. dscl on macsrv1*
dscl /LDAPv3/127.0.0.1 -list /Users
does indeed show user1 (and any other user I create)
So why can't I login/create user1 on the client mac without toggling the FULL PATH to /Network/Servers/macsrv1.disney.ch/users/user1 first? arghh!

Thousands of "netboot" users

Over the weekend several users reported that they could no longer connect to certain sharepoints on our 10.6 server. I checked and sure enough, I couldn't connect either. Looking through the logs I found errors like the following, which I've seen in several discussions here about Directory Services errors:
2010-04-28 10:16:21 EDT - T[0x000000010070A000] - Misconfiguration detected in hash 'Global UID':
2010-04-28 10:16:21 EDT - T[0x000000010070A000] - User 'labuser3' (/LDAPv3/127.0.0.1) - ID 1028 - UUID 485094AA-EF5D-45D9-B59B-ED23485FA66D - SID S-1-5-21-2096087002-3884103120-606929893-3056
2010-04-28 10:16:21 EDT - T[0x000000010070A000] - User 'netboot1028' (/Local/Default) - ID 1028 - UUID E2B2072F-1A2F-4C7B-B548-390E9AFF60F2 - SID S-1-5-21-367286870-2546797680-2483472567-3056
I can see that I have two users with the same UID (1028). However, one is a user that was created years ago, the other is "netboot1028". Curious as to why there was a random netboot user in the directory, I looked in the System Records and it shows over a thousand similar "netbootXXXX" users in the directory starting with "netboot100" and going through "netboot1297". Any users whose UID overlaps with the netboot user of the same number cannot access any sharepoints with ACL permissions.
I realize that the problem is the duplicate UIDs, but how and why are these netboot users getting created, and why is it not skipping over existing UIDs?

this happens automatically as a function of bootpd/netboot.
the man page describes the process a bit. you should look at the following two parameters to see if modifications help you:
afpuidstart (Integer) The starting uid used when creating AFP machine users. The default is uid 100.
afpusersmax (Integer) The number of AFP machine users to automaticaly create. The default is 50. Note: the
server will never remove a user once it is created, so decreasing this value once the server has
read it will have no effect.

Plist files keep being duplicated (for mobile accounts)

We are running a Max OS X Server 10.6.8 on a local network. On the same network we have several users under mobile accounts. Some of the mobile account users are experiencing a lot of issues recently. They were running on Snow Leopard, we upgraded them to Mavericks, but the problems persist. In their ~/Library/Preferences folder, they have a lot of plist files duplicated, example for iTunes:
com.apple.iTunes.plist
com.apple.iTunes-network.plist
com.apple.iTunes-network-2.plist
com.apple.iTunes-network-3.plist
com.apple.iTunes-network-4.plist
com.apple.iTunes-network-5.plist
And it's doing that for most of the plist files in the ~/Library/Preferences folder.
The same behavior is noticed for iPhoto in the ~/Pictures folder, and each one of the duplicate is pretty big (we are talking about an iPhoto Library around 30GB):
iPhoto Library
iPhoto Library-network-2
iPhoto Library-network-3
iPhoto Library-network-4
Is there a way to avoid this duplication and to clean the preferences files properly?
Thank you

Other observations:
*1. from /Library/Logs/DirectoryService/DirectoryService.error.log*
2010-06-18 14:04:11 CEST - T[0xB0185000] - Misconfiguration detected in hash 'Global UID':
2010-06-18 14:04:11 CEST - T[0xB0185000] - User 'user1' (/LDAPv3/macsrv1.disney.ch) - ID 1035 - UUID 80699B6C-A90E-4D2F-9B07-FB78F72E9709 - SID S-1-5-21-4063190502-2217233148-2094676766-3070
*2. user IS showing up in the login window.*
If I configure the login window to show all users (including network users), then user1 does indeed show up.
*3. Logging into user1 via ssh works.*
*4. dscl on macsrv1*
dscl /LDAPv3/127.0.0.1 -list /Users
does indeed show user1 (and any other user I create)
So why can't I login/create user1 on the client mac without toggling the FULL PATH to /Network/Servers/macsrv1.disney.ch/users/user1 first? arghh!

Misconfiguration detected in hash 'Global UID'

Similar Messages

Maybe you are looking for