Mountain Lion server VPN configuration problem

Similar Messages

• How to import Lion Server VPN Configuration Profile into Profile Manager

  Greetings All,
  I'm working on configuring a Lion Server VPN (10.7.2) and I hit the following road block. I succesfully started the VPN server and profile manager. In fact, if I download the built-in "everyone" profile that has the pre-configured VPN to device such as an iPad things work just fine. However, I'd like to create other profiles with the same VPN configuration info so I can delegate more specifically to different groups and users. I was hoping I could simply import the VPN configuration profile that I saved in the Server dashboard when I setup the VPN service into profile manager somehow. The reason I'm going this route is because every time I try to just re-make the VPN profile it doesn't want to work. I'm not sure why, but I figure why re-invent the wheel if I don't have too. Any suggestions?

  After a lot of investigating I haven't found a way to do this, I'm assuming it cannot be done.

• Mountain Lion server vpn setup

  I have OSX Mountain Lion with server.  I use dynamic dns with dyndns.org.  I have a Virgin Media Router in modem only mode connected to a Time Capsule that provides DHCP and NAT.  I have all the correct ports open on the Time Capsule (500, 1701, 1723 and 4500).
  I have set up the Server VPN but every time I try to connect wither from within my LAN or externally I get the message:
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  I have tried everything I can think of (including trying VPN Configurator) but cannot get the VPN to work.  Any advice welcome.

  I had the same issue: 
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  PPTP was connecting from a PC without problem but trying to use L2TP (IPSec) from an iMac gave the above message.  I resolved this by:
  I went into Server > VPN and turned the service off for 30 seconds and turned it back on, all working.
  The wonder of OSX Server.  Lots of buggy problems.
  Steve H

• Mountain Lion Server VPN unable to route internet traffic

  Hi! I have set up a VPN server on my home network specifically so that I could connect via a VPN client remotely and tunnel all internet traffic through my home network (It is a long story but I need to be able to access services that are specific to my home IP . . . ) I have been tearing my hair out trying to get it work but can not. The VPN connection happens OK and I can set up the remote client to send all traffic via VPN but any internet traffic just times out . . . In other words I can not get the server to share my home network via the VPN connection.

  Hi and thanks for taking the time to answer.
  As I am sure you have guessed I don't have much experience or knowledge with this. So I will try to clarify what I am trying to do.
  I do not need a VPN server for the conventional reasons of being able to access a private network (i.e my home network) remotely, although this is a nice additional benefit. I need the VPN server so that I can log in remotely (when I am using my mobile broadband or when I am overseas for example) and make it look like the machine I am using is on my home network.
  The reason for this is that I have access to web services that are IP specific. That is I can ONLY log in if I am logging in from my registered home IP (which is static for this exact reason).
  I have been told on similar support sites that if I route ALL traffic through the VPN, then when I use my browser on the remote machine all web traffic will go through the VPN as well and it will look like the traffic is coming from the subnet of my home IP.
  I guess in other words I am trying to use my VPN as an "anonymous" proxy (anonymous in the sense that although the traffic is coming form somewhere else, it still looks like it is coming from my home IP).
  I know this will cripple the speed due to the narrow upstream bandwidth but I am willing to pay this price.
  Now as for your questions:
  I have the server set up on a machine on my home subnet and I have enabled VPN port forwarding on the ADSL router.
  I know the connection happens as when I connect the VPN either from my iPhone using 4G or my laptop using my mobile broadband I get the "connecting . . . authenticating . . . connected" messages and when I check in properties it shows it to be connected to my home IP as VPN server and has an IP address that looks like it is on my home subnet.
  By internet traffic timing out I meant web traffic.
  As I mentioned above, I need all web traffic to go through the VPN. So indeed not ALL traffic but definitely ALL web traffic. The only way I could find to do this is to enable the "Send all traffic" option.
  Now I guess the obvious question is why am I not using a proxy. I have tried (and spent ages setting up Squid) but could never get it to "hide" the true origin of the traffic completely.
  Now having written all this, I reinstalled mountain lion and server yesterday (out of sheer frustration rather than anything else) and it seems to work this morning. So if I log in via VPN on my mobile or laptop and use an IP checker on the web it comes up with my home IP : ))
  The only thing I have now noticed is that if the VPN server stops working (which seems to be as soon as the computer I run it on goes to sleep) web traffic reverts to using the normal channels which is potentially problematic for me.
  So my questions now are -
  Any ideas what I was doing wrong in the first place?
  Any suggestions on how I could set this up better?
  Any way to set up the remote device so that it only allows web traffic via VPN (so that if the VPN connection drops, it is unable to use it's own internet connection for continuing web traffic)?
  Thanks for any suggestions : )
  Cheers

• Mountain Lion Server VPN won't startc

  I just upgraded a MacMini running 10.6.8 client to Mountain Lion (10.8.1) and then downloaded Server.app.
  All I need it to do is run basic file sharing and VPN, however, the VPN service never starts up.
  Every time I flip the switch in Server.app to start VPN, it immediately turns back to the "off" position and the following lines print in the system.log
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (2,0)
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [63] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (100000,0)
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/launchdadd' [388] for authorization created by '/Library/PrivilegedHelperTools/com.apple.serverd' [63] (100002,0
  Aug 29 20:00:56 server.catsareawesome.com com.apple.serverd[63]: ERROR: SMJobSubmit: The operation couldn’t be completed. (kSMErrorDomainLaunchd error 9 - The job dictionary specifies that it is disabled.)
  Also of note, if I try to do anything using serveradmin in terminal, I get the following error:
  server:lib temp$ serveradmin
  dyld: Library not loaded: /usr/lib/libservermgrcommon.dylib
    Referenced from: /usr/sbin/serveradmin
    Reason: image not found
  Trace/BPT trap: 5
  That libservermgrcommon.dylib file is definitely not in /usr/lib
  I would really appreciate any help.
  Thanks

  Hi Jason
  I was getting the same behavior after Apple support had me delete some plist files to get Airplay going. I was also getting the following error:
  the error occurred while processing a command of type 'writesettings' in the plug-in 'server vpn'
  I went into ~/Library/Preferences/ and /Library/Preferences/ and deleted every plist contating the word server. I had to re-set up my server (meaning walk through some intial steps) but all of my settings were still there after that and everything started working again.
  Just a thought, obviously try at your own risk but it worked for me.
  Kellen

• Mountain Lion Server Workgroup Login Selections

  Hi All,
      I am installing a Mountain Lion Mac Mini server which is replacing our Snow Leopard Mac Mini server.
  The system is bound to 2008R2 ADS. When I log into the Snow Leopard Server from a client I am presented with which group I would like to log in to as in ADS I am a member of two groups. ie admins and staff. This is how we have set it up so all is good there.
  The issue that I am having is that the groups are not being being presented on the client when logging into Mountain Lion Server although the configuration on the two servers is the same.
  Has anybody experienced this problem before? Maybe this is now default behaviour with Mountain Lion server? The problem is its automatically logging us in with the most restrictive group so we have no admin rights on the clients.
  Thanks in advance for any info!!

  I had this problem on a clean install.
  The solution was incredibly simple for me, but only  after I saw Ross.M's note about opening the Users & Groups settings panel (in the OS System Prefs, not in server) and rebinding to OD server under Login Options.
  That was not the solution for me, but under Login Options I discovered a previously unnoticed pref for "Allow network users to login at login window."  I had this option set (apparently by default) to "Only these network users:"  but with an empty list.  Adding my users to the list made it work perfectly.
  Talk about KISS

• VPN to Mountain Lion Server issues

  Hi,
  I checked a lot of VPN threads here today, but I wasn't able to find a solution for my problem just now. I try to connect by VPN to my Mountain Lion Server, but I get an error message that the VPN server is not responding. I get this message from iPhone and Mac. The Mountain Lion Server is a new installation, no upgrade from an older server.
  Some informations on my setup:
  I installed the server with a hostname like myserver.mycompany.com and option 3 (internet access), as I want to use it for email at a later stage. All services are working fine (except VPN). DNS is active, but basically it only contains the adress myserver.mycompany.com and forwards everything else to our router.
  I changed the DNS settings of our domain ( hosted by an ISP - so not in the local DNS ! ). I created a subdomain vpn.mycompany.com which points to the static IP of our router.
  In the router I opened the UDP ports 500, 1701 and 4500, and for 1701 i made the same thing for TCP (I found this in a forum, but I think this is not necessary?), the ports are pointing to the ip of the os x server.
  In OS X Server I started VPN for L2TP using the vpn.mycompany.com hostname, and a shared secret.
  When I try to connect with I client from outside I try to connect using L2TP via vpn.mycompany.com using the shared secred and user-id and password. The user-id is created in OS X Mountain Lion server and is configured to use VPN service. When trying to connect I get the error message "L2TP-VPN server is not repsonding...".
  In the log file of the server I see some entries for each connect:
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: Connecting.
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IPSec Phase1 started (Initiated by peer).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 1).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 3).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
  Oct 10 20:21:48 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
  Oct 10 20:22:06 --- last message repeated 2 times ---
  Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (2,0)
  Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [1716] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (100000,0)
  Oct 10 20:22:06 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
  No more entries in log file now. Anyone any ideas what's going wrong. Might there be a problem as I use another servername outside as inside (vpn... instead of myserver...)?
  Thanks!

  Solved, first of all we tested to establish the VPN connection locally by adding the ip address of the server to /etc/hosts for vpn.mycompany.com. The VPN connected without problems then, so it was clear that it is a firewall/router problem, and not a server problem.
  After that we studied some more documentations and found that we don't have to open port 50, but ip protocoll 50 (ESP) on the firewall. After that was done, the connection was working from the internet as well.

• Configuring postfix on Mountain Lion Server

  I'm trying to upgrade from Snow Leopard Server to Mountain Lion Server and did an install of Mountain Lion Server on top of a working instance of Snow Leopard Server.  The "crippled" GUI on Mountain Lion Server is forcing me into using terminal to configure Postfix to handle incoming email.
  I would like to configure Postfix to only accept email that is forwarded from a gmail business account.  The public email address is [email protected] which is received by Google Mail, goes through their spam filters and then is auto-forwarded to  [email protected]
  The server WAN domain is nonpublic.com  The ip address is 96.231.165.126
  The server LAN is nonpublic.local  The ip address is 10.6.18.201
  The server is a MacMini running Mountain Lion Server 10.6.8 hostname server so the FQDN is server.public.com.
  The network on the MacMini is configured to handle both LAN and WAN traffic through the 1GB physical ethernet port which plugs into a CISCO 3750 switch.  The external traffic to the WAN flows through the switch as tagged packets.  The LAN traffic is not tagged.  The VLAN connection is running 802.1q
  When an email is sent through the WAN to [email protected] the Postfix SMTP log shows:
  Jun  7 19:29:22 server.public.com postfix/smtpd[42181]: connect from cisco.public.com[96.231.165.123]
  Jun  7 19:29:22 server.public.com postfix/smtpd[42181]: disconnect from cisco.public.com[96.231.165.123]
  I can send emails from a client on the LAN through this server with no problems.  The incoming mail server can connect to the machine via the Cisco router/switch but Postfix just shows "cisco" as the connection (that's the router's DNS name) and provides no more info.  I suspect Postfix possibly doesn't like the 802.1q connection and drops the SMTP request to connect on port 25.
  I have turned on "debug" logging in Postfix, but that is all that appears in the SMTP log file
  I've spent most of the week reading through everything I can find on how to install and configure postfix on Mountain Lion Server and work around the cripled GUI in the "server" application.  I'm barely OK using Terminal and not familiar at all with configuring Postfix directling editing the config file.
  What is the best approach to configure Postfix to allow SMTP connections from the outside to deliver incoming email that is forwarded from gmail.com?
  I did find an "aliases" file in /etc/postfix/aliases but I'm not sure how to add the aliases and if adding aliases with a text editor is going to cause the "server" app problems and if the changes will be lost when the machine is restarted.
  Any help would be appreciated.

  MrHoffman, thank you for your response to my challenge to get the new test server working.  This is a migration from Snow Leopard Server to Mountain Lion Server.
  Here is the "checkhostname" test results:
  blue:~ admin$ sudo changeip -checkhostname
  Password:
  Primary address     = 96.231.165.211
  Current HostName    = blue.pderby.com
  DNS HostName        = blue.pderby.com
  The names match. There is nothing to change.
  dirserv:success = "success"
  blue:~ admin$
  Here is the response from postconf -n
  blue:~ admin$ postconf -n
  biff = no
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  daemon_directory = /usr/libexec/postfix
  data_directory = /var/lib/postfix
  debug_peer_level = 2
  debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5
  dovecot_destination_recipient_limit = 1
  html_directory = /usr/share/doc/postfix/html
  imap_submit_cred_file = /Library/Server/Mail/Config/postfix/submit.cred
  inet_interfaces = loopback-only
  inet_protocols = all
  mail_owner = _postfix
  mailbox_size_limit = 0
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  message_size_limit = 10485760
  mydomain_fallback = localhost
  newaliases_path = /usr/bin/newaliases
  queue_directory = /Library/Server/Mail/Data/spool
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = _postdrop
  smtpd_tls_ciphers = medium
  smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
  tls_random_source = dev:/dev/urandom
  unknown_local_recipient_reject_code = 550
  use_sacl_cache = yes
  blue:~ admin$
  I agree that I should change the LAN domain from .local to something like .internal or whatever.   I've been running with .local for 5 years  on snow leopard server and never had any problems so that was a low priority.
  I hope I'm just not seeing some obvious setting in main.cf

• Error configuring services from Snow Leopard Server to Mountain Lion Server

  I am trying to upgrade a Snow Leopard Server Mac Mini to Mountain Lion Server.
  We have two Mac Mini servers at our office (production and backup) so I migrated the everything from our production server to the backup using the migration assistant when setting up the backup computer.
  I now have the backup at home trying to upgrade it to Mountain Lion Server.  I have downloaded and installed Mountain Lion as well as the Server App version 2.2.  I basically followed the simple directions found in the Apple documentation.
  I started the server app and it got to the part where it said "Upgrading services".  After running for a few minutes, I get a window that states "An error occurred while configuring your server."  It also sayd "The following actions failed or were not attempted:" with a red dot next to "Upgrading services".  The other three items:  "Authenticating to local directory", "Reading directory configuration" and "Authenticating to local directory services" have gray dots so I'm sure they were not even attempted.
  Our Snow Leopard server is setup for SMB file sharing, LDAP services, FTP, Web, DNS, DHCP.
  Can someone point me to where I can figure out what exactly is failing?  Are there specific log files I need to look into?
  Thanks

  Have EXACTLY the same issue - also tried reinstalling mountain lion server fresh and still had the same problem...

• Password problem after migrating to Mountain Lion Server

  Hello everyone,
  Yesterday, I migrated our Lion Server to Mountain Lion Server. Everything seemed to work fine. Except since this morning, none of the network user cannot connect to their calendar, reminders, and wiki. They can connect to their account and to their mails. The following line appears multiple times in ApplePasswordServer.Error.log:
  Aug 16 2012 16:52:50 700250us    client response doesn't match what we generated
  It seems that only web services are concerned (vpn, mobile accounts, and mails are working). My initial guess is that the hash computed on the basis of the user password is not computed on the same way on the client machine (which is running Mountain Lion by the way) and on the server. On the other hand, this would be very surprising, since all this stuff is based on standards and unlikely to have changed since Lion.
  I tried to create a new "Test" user. Even this new user, created after the migration, cannot connect to its calendar, etc. I also tried to reset my user password using the Server App. It makes no difference, the same lines appear in the logs.
  Is anyone experiencing a similar problem ? Does anyone have a clue of what to try next ?
  Thanks a lot !

  I found out the following:
  After looking at the contents of the password server database using the slot numbers of several user accounts, it seems that all users where WEBDAV-DIGEST authentication is failing, have two entries for the digest method "*cmusaslsecretDIGEST". This is obviously wrong. All users who can authenticate successfully have only one such entry.
  Deleting and recreating the user account has no effect. In fact, updating the password server with a new entry may actually trigger this error. It could be that all users where this is failing have changed their passwords after the server was updated to Mountain Lion.
  It would be interesting to know if you also see duplicate entries for "*cmusaslsecretDIGEST" in the database. You can display a password server record via the user account's slot number (in your example, the 0xd6ace...) using the command
  sudo mkpassdb -dump <slot-number>
  At the end of the record dump, you should see 10 digest entries with their method identifiers.

• How to configure Mountain Lion Server to run Web2py with wsgi?

  I am trying to config Mountain Lion Server to run Web2py with mod_wsgi. I get an error saying: "Premature end o scritp Header" wsgihandler.py (which is the wsgi file for Web2py).
  I had it working fine in Snow Leopard and Lion Servers but not in Mountain Lion Server.
  Thanks for your help.
  Flavio.

  I don't run web2py framework so can't tell you specifically.
  That error means your script is not writing an http header to the browser so the browser can't decode whatever string it is getting. Your script is running as a plain old Python script. This is most likely because the Server.app in 10.8 now includes mod_wsgi built-in and configured from the GUI.
  You can insert an intercept anywhere in your code to check any variable by saying this:
  ##########   PROGRAMMING HERE  ###############
  print("Content-type:text/plain\n\n")
  print(someVariable)
  # raise SystemExit
  The above sends an "http header" so the browser knows what to do. These headers are invisible in the browser window. But depending on your Python version, the pring statement may not work (I am running Python3). The SystemExit statement is optional, just in case your script crashes downstream.
  WSGI sends a header like this:
  startResponse("200 OK", [("Content-Type", "text/plain")])
  but it sounds like mod_wsgi is not even being invoked. Normally your WSGI script is named *.wsgi and your Apache is set up to run the Python script as CGI under the mod_wsgi handler using this directive:
  AddHandler wsgi-script .wsgi
  The file having the config is located at
  /Library/Server/Web/Config/apache2/httpd_wsgi.webapp.conf
  where webapp is the name of your webapp. I would suggest copying the file called httpd_wsgi.conf and renaming it to your webapp name. When Server.app is configured properly, you enable wsgi webapps in the GUI Advanced wndow for your domain.

• Mountain Lion Server with Windows 8.1 Client communication problems

  We have a Mountain Lions Server and several diffent Clients that need access to it.
  Macs work fine  Linux clients work fine
  Windows 8.1 only "sees" the router but not the Server or the Printer
  the "Windows proofs" tell me its a Problem with the server
  has anyone an Idea what I can do?
  And pls don't tell me I should change all Windows clients to Mac. If I had so much money I would, but at the moment the existing systems need to stay.
  @ Templeton Pack
  I know this is a Mac Community
  and no google doesn't solve all Problems

  Well no, Google doesn't solve all problems, but its a great place to start.
  As far as your issue goes, you need to provide more details before anyone could begin to guess, as we're not mind readers here.
  What do you mean by "Windows only sees the router, not the server"?  What does "sees" mean in this context?
  Who / what is Windows proofs?
  How are you trying to access the server?  SMB file sharing?  If so, how are you trying to connect?  What happens when you try?  Do the users trying to authenticate to the server have an account on it and access to the necessary services?

• Can't get Mountain Lion Server Server to upgrade properly - Configuring services

  Hi All,
  First of all thanks for any answers or suggestions you might have. We are a small business with about 25 employees. We have been running Lion Server for email and collaboration without much issue. Today we decided to upgrade to Mountain Lion Server, which was a big mistake apparently. We downloaded and installed Mountain Lion which went fine. We then downloaded and installed the new Server app and that's where things got hairy.
  The Server app got to the part where it says Configuring Services and just sat there spinning. After about an hour I figured something was up and noticed in the console that there were a bunch of errors trying to update certain things. Needless to say we had to force quit the Server app after a long while and nothing got updated/migrated. We were left with a non functional server. Luckily we had set up the Lion Server to clone to another drive and we were able to boot to that to get back to work.
  None of us have much experience with command line, part of the reason we got Lion Server in the first place was it's ease of use and GUI. So has anyone else had similar issues? We are kind of at a loss as to where to go next. Thanks!

  It is indeed an option to wait, although I did manage to upgrade four servers that all have working forward and reverse DNS from Lion Server to Mountain Lion 10.8.
  After installing OS X Server on top of that server specific items like mailboxes returned

• Mail Server problems with Mountain Lion Server

  Well, I don't see a section here for Mountain Lion yet so I'll ask here. I installed Mountain Lion Server and for the most part everything is working well. I am have issues with the Mail Server though. As long as I dissable everthing but the Blacklist filter all works fine. If I enable Junk Mail or Virus filters I get this:
  postfix/smtp[52062]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
  From doing some serching it seems to have something to do with amavisd but I don't think it is installed on my system. If it is I can't seem to find it. Should it be installed with the Server Software?
  I'm really lost here so any help would be great.
  Thanks,
  Tom  

  I'm sorry i did it wrong (but I think it's this editor that makes the spaces, because before I update this text, there is no space); here the new one
  server:~ delsup$ sudo launchctl load -w /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.a mavis.amavisd.plist
  launchctl: Dubious ownership on file (skipping): /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.a mavis.amavisd.plist
  nothing found to load
  server:~ delsup$ sudo more /var/log/amavis.log
  /var/log/amavis.log: No such file or directory
  server:~ delsup$
  and system.log:
  Sep  5 17:49:37 server.delsup.org System Preferences[832]: *** WARNING: -[NSImage compositeToPoint:operation:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  Sep  5 17:49:37 server.delsup.org System Preferences[832]: *** WARNING: -[NSImage compositeToPoint:fromRect:operation:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  Sep  5 17:49:37 server.delsup.org System Preferences[832]: *** WARNING: -[NSImage compositeToPoint:operation:fraction:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  Sep  5 17:49:37 server.delsup.org System Preferences[832]: *** WARNING: -[NSImage compositeToPoint:fromRect:operation:fraction:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  Sep  5 17:49:37 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.preferences' by client '/System/Library/PrivateFrameworks/Admin.framework/Versions/A/Resources/writeco nfig' [838] for authorization created by '/Applications/System Preferences.app' [832] (100002,0)
  Sep  5 17:49:43 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 17:49:43 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 17:49:46 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 17:49:46 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 17:51:34 server.delsup.org WindowServer[99]: Received display connect changed for display 0x1c80e590
  Sep  5 17:51:34 server.delsup.org WindowServer[99]: No display devices are on-line. Switching to virtual display mode
  Sep  5 17:51:34 server.delsup.org WindowServer[99]: Received display connect changed for display 0x3f003d
  Sep  5 17:51:34 server.delsup.org WindowServer[99]: Received display connect changed for display 0x3f003e
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d02: GL mask 0x4; bounds (0, 0)[1 x 1], 2 modes available
          off-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 2, Rotation 0
          UUID 0xffffffffffffffffffffffff003f003e
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d01: GL mask 0x2; bounds (2304, 0)[1 x 1], 2 modes available
          off-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 1, Rotation 0
          UUID 0xffffffffffffffffffffffff003f003d
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d00: GL mask 0x1; bounds (0, 0)[1920 x 1080], 11 modes available
          Main, Active, on-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 0, Rotation 0
          UUID 0x00000472000000be0390ca1100000000
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Created shield window 0x73 for display 0x41dc9d02
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Created shield window 0x74 for display 0x41dc9d01
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Created shield window 0x75 for display 0x41dc9d00
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display added
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display removed
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d00: GL mask 0x1; bounds (0, 0)[1920 x 1080], 11 modes available
          Main, Active, on-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 0, Rotation 0
          UUID 0x00000472000000be0390ca1100000000
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d02: GL mask 0x4; bounds (2944, 0)[1 x 1], 2 modes available
          off-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 2, Rotation 0
          UUID 0xffffffffffffffffffffffff003f003e
  Sep  5 17:51:35 server.delsup.org WindowServer[99]: Display 0x41dc9d01: GL mask 0x2; bounds (2945, 0)[1 x 1], 2 modes available
          off-line, enabled, built-in, Vendor 756e6b6e, Model 76697274, S/N 0, Unit 1, Rotation 0
          UUID 0xffffffffffffffffffffffff003f003d
  Sep  5 17:51:37 server.delsup.org WindowServer[99]: **DMPROXY** (2) Found `/System/Library/CoreServices/DMProxy'.
  Sep  5 17:51:37 server.delsup.org WindowServer[99]: Created shield window 0x7d for display 0x41dc9d00
  Sep  5 17:51:37 server.delsup.org WindowServer[99]: Display 0x41dc9d00: VirtualDisplay Unit 0; ColorProfile { 1, "Default(sRGB IEC61966-2.1)"}; TransferFormula (1.000000, 1.000000, 1.000000)
  Sep  5 17:51:37 --- last message repeated 1 time ---
  Sep  5 17:51:37 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 17:51:37 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 17:56:27 server.delsup.org postfix/smtpd[870]: error: get user record: unable to open user record for user=diradmin
  Sep  5 17:56:27 server.delsup.org postfix/smtpd[870]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 17:56:27 server.delsup.org postfix/smtpd[870]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:01:24 server.delsup.org postfix/qmgr[112]: warning: connect to transport private/smtp-amavis: Connection refused
  Sep  5 18:06:26 server.delsup.org postfix/smtpd[926]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:06:26 server.delsup.org postfix/smtpd[926]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:06:26 server.delsup.org postfix/smtpd[926]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:16:26 server.delsup.org postfix/smtpd[975]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:16:26 server.delsup.org postfix/smtpd[975]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:16:26 server.delsup.org postfix/smtpd[975]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:26:27 server.delsup.org postfix/smtpd[1027]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:26:27 server.delsup.org postfix/smtpd[1027]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:26:27 server.delsup.org postfix/smtpd[1027]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:30:37 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:30:37 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 18:36:27 server.delsup.org postfix/smtpd[1085]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:36:27 server.delsup.org postfix/smtpd[1085]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:36:27 server.delsup.org postfix/smtpd[1085]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:39:41 server.delsup.org screensharingd[1106]: Authentication: SUCCEEDED :: User Name: Sara Delsupehe :: Viewer Address: 192.168.19.50 :: Type: DH
  Sep  5 18:40:48 server.delsup.org login[1115]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800.
  Sep  5 18:40:48 server.delsup.org login[1115]: in od_record_check_pwpolicy(): retval: 0
  Sep  5 18:40:48 server.delsup.org login[1115]: in od_record_attribute_create_cfstring(): returned 2 attributes for dsAttrTypeStandard:AuthenticationAuthority
  Sep  5 18:40:48 server.delsup.org login[1115]: USER_PROCESS: 1115 ttys000
  Sep  5 18:41:27 server.delsup.org mail_groups[1128]: sleeping for: 1 hour(s)
  Sep  5 18:41:35 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:41:35 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 18:41:35 server.delsup.org servermgrd[410]: -[AccountsRequestHandler(AccountsSystemConfigurationObservation) registerForKeychainEventNotifications]: SecKeychainAddCallback() status: -25297
  Sep  5 18:41:41 server.delsup.org sudo[1131]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/bin/launchctl load -w /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.a mavis.amavisd.plist
  Sep  5 18:41:42 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:41:42 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 18:46:24 server.delsup.org postfix/qmgr[112]: warning: connect to transport private/smtp-amavis: Connection refused
  Sep  5 18:46:26 server.delsup.org postfix/smtpd[1152]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:46:26 server.delsup.org postfix/smtpd[1152]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:46:26 server.delsup.org postfix/smtpd[1152]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:48:32 server.delsup.org sudo[1171]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/usr/bin/more /var/log/amavis.log
  Sep  5 18:48:32 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:48:32 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 18:48:54 server.delsup.org sudo[1174]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/usr/bin/more /var/log/system.log
  Sep  5 18:48:55 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:48:55 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 18:56:24 server.delsup.org postfix/qmgr[112]: warning: connect to transport private/smtp-amavis: Connection refused
  Sep  5 18:56:26 server.delsup.org postfix/smtpd[1211]: error: get user record: unable to open user record for user=diradmin
  Sep  5 18:56:26 server.delsup.org postfix/smtpd[1211]: error: validate response: unable to lookup user record for: diradmin
  Sep  5 18:56:26 server.delsup.org postfix/smtpd[1211]: warning: unknown[192.168.19.50]: SASL CRAM-MD5 authentication failed
  Sep  5 18:57:53 server.delsup.org sudo[1225]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/bin/launchctl load -w /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.a mavis.amavisd.plist
  Sep  5 18:57:54 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 18:57:54 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 19:00:28 server.delsup.org sudo[1235]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/bin/launchctl load -w /Applications/Server.app/Contents/ServerRoot/System/Library/LaunchDaemons/org.a mavis.amavisd.plist
  Sep  5 19:00:28 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 19:00:28 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 19:00:48 server.delsup.org sudo[1237]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/usr/bin/more /var/log/amavis.log
  Sep  5 19:00:49 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 19:00:49 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  Sep  5 19:01:59 server.delsup.org sudo[1248]:   delsup : TTY=ttys000 ; PWD=/Users/delsup ; USER=root ; COMMAND=/usr/bin/more /var/log/system.log
  Sep  5 19:01:59 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (2,0)
  Sep  5 19:01:59 server.delsup.org com.apple.SecurityServer[19]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [67] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [115] (100000,0)
  server:~ delsup$  

• Unable to add/remove users in Mountain Lion Server (Options are greyed out)

  For some reason, im unable to add/remove users in Mountain Lion server. The + and - are greyed out. It seems like something is wrong with the permissons because it looks like it cant write the the Ldav3 file (although that may be speculation). Does anyone have any advice for me? I URGENTLY need to add users.
  Maybe theres a way to restore default permssions for the boot drive (if that in fact is the issue). Hopefully there is a way that I can fix this while leaving all users, groups, their permissions and shares intact.

  Anything interesting and relevent in the server logs?
  Anything interesting in the server alerts?
  Since it's far and away the most common cause of problems with OS X Server and with distributed authentication (Open Directory is entirely based on network encryption and digital certificates and on responses from your local DNS server(s)), verify your local DNS configuration is working and requires no changes with the following Terminal.app (Applications > Utilities) harmless, diagnostic command:
  sudo changeip -checkhostname
  sudo requires an administrative password.  You might get a one-time warning about the sudo, and that can safely be ignored.  The command will display some details, and indicate whether the local configuration appears valid and no changes are required, or further diagnostics for (most) common errors that can arise.