New open directory account doesn't create mail account

Similar Messages

• Unable To Create New Open Directory Master

  I have a brand new installation of MacOS X Mountain Lion Server, latest version, in a brand new Mac Mini. This Mac Mini is being co-located in a data centre, and I am setting it up via remote access (screen sharing). The data centre has setup DNS zone records for my domain, including a reverse DNS PTR record, and everything in the DNS is working fine.
  During the installation of Server, when the installer asked for the type of 'Host Name', I selected 'Host name for Internet'. The installer was able to use the IP address of the Mac Mini to automatically find the correct host name, and configure it. Once the installation was complete, no services were turned on - not even DNS, as the installer probably figured out that DNS services were being handled externally.
  The first thing I went to try and do was to turn on Open Directory. I turn the service on, and a sheet comes down, where I select to "Create a new Open Directory Domain". I click 'next', and on the next sheet I enter the OD Administrator's details, and password. Click 'next' again, and then I get the following message:
  "This computer's host name is invalid.
  The host name does not resolve to any configured address of this computer. Please ensure the host name is correct."
  Opening Terminal app, and typing "hostname", I get the correct hostname, as showing in Server app itself.
  Entering "sudo changeip -checkhostname" in Terminal app, I get all correct details for the IP address and host name of the machine, and the message: "The names match. There is nothing to change. dirserv:success = 'success'"
  I finally tried getting Server app to change the host name itself - going into the Server pane, select the 'Network' tab, and in the 'Names' section, next to the host name, click on the "Edit..." button. Again, went through the wizard, and the wizard again was able to find the hostname automatically from the machine's IP address. Once the 'changing' process was completed, I went to try and initialise Open Directory, and again, got the same message.
  Can anyone shed any light? Any suggestion would be welcome at this stage...

  MrHoffman, thank you for your guidance. You have, however, given me a bit of a headache.
  MrHoffman wrote:
  127.0.0.1 is likely going to be incorrect here.  Please reference the DC DNS servers, and not a local server.  If you're in a DC and particularly with a public-facing host without an outboard firewall to block DNS traffic, you likely do not want to be running your own local DNS services.
  As described previously, the server was referencing the DC DNS servers. The server was not running its own DNS service. Open Directory was not able to detect that the ip address and the hostname were correct with this setup - even though the command line on the server as well as externally showed that all DNS records were setup correctly, and that the IP address and hostname matched. The server's own installation wizard and 'Change Host Name' wizard automatically detected the hostname from the machine's ip address - by consulting the reverse DNS PTR record in the DC DNS servers.
  Starting the server's own DNS server - and adding '127.0.0.1' to the top of the DNS list in Preferences - allowed me to create the Open Directory master, finally. Of course, the internal DNS server was setup so that only the server itself could access it - it was closed to any other machines - and even then, I had it running only momentarily: once Open Directory created its master domain, I switched DNS service off, and removed '127.0.0.1' from the DNS list in Prefences.
  With that setup, everything seemed to work fine. All users were able to login, access their share points and their mail.
  MrHoffman wrote:
  For the host name, the host name would usually be the FQDN fully-qualified domain name, and "example.com" isn't usually a host name.  You'd usually find somehostname.example.com here
  That is the only machine in the domain. All public sub-domains - like 'mail', 'www' or 'calendar' - point to the same machine. The reverse DNS PTR record points to the higher-level domain "example.com".
  Your warning, however, made me worried:
  MrHoffman wrote:
  I'd probably rebuild the OD configuration, as I'd wonder of OD now had a bogus host name.  Once bad DNS gets involved, the entanglements can be quite pernicious..
  So I decided to heed your advice, and rebuild OD. I deleted the Open Directory master, and tried rebuilding it with DNS service turned off. As before, OD insists that "the host name does not resolve to any configured address of this computer", and refuses to create the new Master. I ended up following the procedure above again - switching DNS service on temporarily to get OD to work.
  The problem is, that now no user can connect to the server anymore. Everyone keeps getting a message stating that their password is wrong - including users on their iPhones and iPads.
  I suspect that when I created the new OD Master, it created a new certificate, and that is what is causing problems. While I could try to get the desktop users to delete the old certificates from their keychain, this is not really an option for iPhone/iPad users.
  Where do I go from here? After almost 24 hours straight dealing with this, I'm at the end of my rope...

• Error creating new Open Directory domain

  The wizard for creating a new Open Directory domain in Server.app on Mountain Lion responds with the following error message:
       "An error occurred while configuring My Server as a directory server.  Please check your network configuration and try again."
  Not very helpful.  How do find out what the actual error is?
  Thanks.

  Can anyone translate these log messages?
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]: label: default
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]:         dbname: od:/Local/Default
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]:         mkey_file: /var/db/krb5kdc/m-key
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]:         acl_file: /var/db/krb5kdc/kadmind.acl
  Aug 12 05:22:26 myhost com.apple.launchd[1] (com.apple.Kerberos.kpasswdd[60241]): Exited: Killed: 9
  Aug 12 05:22:26 myhost com.apple.launchd[1] (com.apple.Kerberos.kpasswdd): Throttling respawn: Will start in 10 seconds
  Aug 12 05:22:26 myhost com.apple.launchd[1] (com.apple.Kerberos.kadmind[60242]): Exited: Killed: 9
  Aug 12 05:22:26 myhost com.apple.launchd[1] (com.apple.Kerberos.kadmind): Throttling respawn: Will start in 10 seconds
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]: WARNING Found KDC certificate (O=System Identity,CN=com.apple.kerberos.kdc)is missing the PK-INIT KDC EKU, this is bad for interoperability.
  Aug 12 05:22:26 myhost.mydomain.com kdc[60240]: KDC started
  Aug 12 05:22:26 myhost.mydomain.com Server[46707]: An error occurred while configuring My Mac Mini Server as a directory server:
          Error Domain=XSActionErrorDomain Code=-1 "A child action failed" UserInfo=0x7fb854a2ad90 {XSActionErrorActionsKey=(
              "Creating Open Directory master"
          ), NSLocalizedDescription=A child action failed}

• Move user files and preferences to new open directory log in

  I have a machine that I have been using for a few months. I log in to the machine as an admin user. We just put in a new MAC OS X server and are going to be using Open Directory and probably Mobility on the users.
  Is it possible to move or duplicate current state (preferences, passwords, bookmarks, email, etc.) of my computer to a new Open Directory log in on the same computer. If i can what is going to be the easiest way.
  Both the sever and my machine are 10.5.6.

  If you're logged into the old drive, select GO from the FInder menu while holding the option key down. Select Library from the submenu. This is your Home Library.
  The Mail folder will contain all accounts, mailboxes, and account preferences.
  The Mail application preferences will be stored in the Preference folder.
  For "what files you need" , that depends on what you're trying to accomplish. What are you trying to do?

• Can't  create mail account for gmail

  Can't  create mail account for gmail in my new man pro 15 retina later 2013 ME294

  I'm having trouble settinng up my @mail.com account on mac's default mailing service. When i et to tthe incoming mail server part I'm lost. I don't know what to put.

• HT201320 i get a pop up "this iphone is restricted from creating mail accounts" ??

  My new Iphone keeps popping up a message on my email "This Iphone is restricted from creating mail accounts" what canI do ?
  under setting is does not let me select the "add account" or "fetch new data".

  I had to completely disable all restrictions and then re-enable.  General>Allow Changes>Accounts>Don't Allow Changes created the issue.

• When i integrate Mac client to the domain open directory, he don't ask me account DirAdmin, Why ?

  When i integrate Mac client to the domain open directory, he don't ask me account DirAdmin, Why ?
  I don't want all people can integrate mac client to the open directoy without authentification
  I want he ask me account diradmin for integrate client mac os x to the domain open directory of Lion Server
  I have made a magic triangle
  Thanks

  Malik-O wrote:
  When i integrate Mac client to the domain open directory, he don't ask me account DirAdmin, Why ?
  I don't want all people can integrate mac client to the open directoy without authentification
  1 ) I want he ask me account diradmin for integrate client mac os x to the domain open directory of Lion Server
  Authentication (with open directory admin username & password) is off by default. In Mountain Lion there is no longer a GUI to manage that and some of the other binding options. In Lion, I think you could use Server Admin (or was it Workgroup Manager) -- I can't remember, but there were little checkboxes.
  To make authentication mandatory in Mountain Lion, you can use this on the Server:
  sudo slapconfig -setmacosxodpolicy -binding required
  Use the following to check the binding policies:
  slapconfig -getmacosxodpolicy
  You might want to check the slapconfig man page, you'll find some of the other options that were in Server Admin in Lion, e.g. disable cleartext, block man-in-middle, etc.
  Edit, I just saw you're still using Lion Server, not Mountain Lion. I'm pretty sure the above commands will work on Lion Server as well.

• I bought the new iphone. I want to create an account. Your system wanted my credit card number, but I don't have any credit card. How can I create an account?

  I bought the new iphone. I want to create an account. Your system wanted my credit card number, but I don't have any credit card. How can I create an account?

  as shown by a link describing the "none" option is not

• If I have 3 family memebers sharing the same account, can we create sub accounts to seperate their log in and they have access to music already purchased?

  If I have 3 family members sharing the same account, can we create sub accounts to seperate their log in and they have access to music already purchased?

  There is no such thing as "sub-accounts".
  Multiple Apple ID's can be used on a single device.
  Created unique Apple ID's for each user and use those Apple ID's on the appropriate devices from iCloud and iMessage.  This will not affect the media on the device.

• Can't create new open directory user

  hi.
  If I use the workgroupmanager to create a new user it automatically creates one with a "crypt" password.
  first it is shown as open directory, but then if I re-load, it says "crypt" password.
  If I try to change it to open directory the system tells me that I am not authorized to do so.
  it does not matter if I try the workgroupmanager locally or via my macbook remotely.
  if I create them via the server preferences it works fine.
  since I am a newbie here, maybe I am doing something wrong... ideas? please.
  thanks.
  martindavid

  Check out this tread, you are not alone but there doesn't seem to be a single solution...
  http://discussions.info.apple.com/thread.jspa?threadID=2262981
  I had this code and MY solution came from the fact that I had turned OFF DNS because I couldn't see that "I" was using it. turning it back on and ensuring that it was correctly configured solved it for me!

• Strange Permissions problem when creating new Open Directory user

  I just set up a mac lab to authenticate to an Open Directory server which also stores home folders. All of the initial users I created work fine, there were about 50 users that I set up. When I added a new user this morning though, it would not allow him to access anything within his home folder (i.e. nothing worked)
  I went back to the server and took a look at the Users share and noticed that when his accound was created, instead of setting the owner of the folder to his username (xxx123) it was set to his userid number (1024). I did a chown on his directory to his username and he was then able to access his home directory from the clients.
  I realize I found a fix, but I would prefer to not have to do this every time I create a new user. Why is this happening?

  Have you used the "Role" drop-down to "SYSDBA"? - if not, you get the ORA-01017 error.

• I can receive emails but can't send them. Auto set up created mail account separate from account migrated from a PC. Migrated account receives but doesn't send; other account didn't work

  Phoned internet provider, TPG & talked through resetting passwords then the migrated email temporarily allowed emails to send, then quit again, but still receives emails.
  Why will my Mac receive emails but not send them? The mails settings for POP & SMTP are same.
  Closed the original mail account on the PC but didn't help - had to reopen it to send this email.
  Detail from Mail Connection Doctor on my MacBook Pro, under WROTE says:
  VIDL 437,
  then later quits.
  Is this relevant? Does this mean anything?
  I'm a bit technically challenged.Good at Adobe software but not mail, internet or hardware.  Has anyone fixed a similar problem?
  Theger.

  Phoned internet provider, TPG & talked through resetting passwords then the migrated email temporarily allowed emails to send, then quit again, but still receives emails.
  Why will my Mac receive emails but not send them? The mails settings for POP & SMTP are same.
  Closed the original mail account on the PC but didn't help - had to reopen it to send this email.
  Detail from Mail Connection Doctor on my MacBook Pro, under WROTE says:
  VIDL 437,
  then later quits.
  Is this relevant? Does this mean anything?
  I'm a bit technically challenged.Good at Adobe software but not mail, internet or hardware.  Has anyone fixed a similar problem?
  Theger.

• Brand new Open Directory server not authenticating 10.9, 3.3.2

  I'm hoping somebody here has ran into this as it's driving me up a wall.
  I'm on a completely clean install of OS X Mavericks, with the installation from the App Store.
  On top of that, a completely clean install of Server.app 3.2.2 is installed.
  This server has a FQDN, and when I check to see if the hostname resolves in DNS, it totally does. DNS is not turned on as a service, but DNS server settings are correct and the server can hit the outside internet just fine.
  So my steps are as follows: Install Mavericks, clean onto a new partition. Update with all patches. Set Static IP. Install Server 3.2.2 which installs without error. Check hostname settings. All good there. Verify permissions. Create OD Master. I cannot get a single newly created with Server.app Local Network user to log in, even with home folders all 100% local to the client machine. I've unbound and rebound the client machine. I've restarted everything. Nothing.
  When attempting to log in, if I set it to reset password at next login, the prompt to reset the password will appear. I know at least initial auth is taking place, or I wouldn't be getting a password reset screen. After attempting to reset the password, neither the original temporary nor reset password will work. Users cannot log in.
  Here are the errors generated, with my info edited out:
  Jan 14 17:49:35 server slapd[111]: passwd_extop: (null) changed password for uid=test,cn=users,dc=controller,dc=domain,dc=edu
  Jan 14 17:49:35 server slapd[111]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)
  Jan 14 17:49:35 server slapd[111]: conn=1181 op=3: attribute "entryCSN" index delete failure
  Jan 14 17:49:41 server slapd[111]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)
  Jan 14 17:49:41 server slapd[111]: conn=1197 op=3: attribute "entryCSN" index delete failure
  I understand this is common for users upgrading from 10.6.8 but this is completely clean. I'm not usually administering an OS X server; I'm completely lost.
  Have tried: Recreating master, rekerberizing
  Using scutil and host to verify the DNS on the server works perfectly. Am I missing something small with DNS? We are a fairly large org with DNS not being provided by this server. If you think a different log file would help, please let me know which one.

  What do you get from this:
  sudo /usr/libexec/slapd -Tt
  Anything in /Library/Logs/slapconfig.log?
  Also, have you tried the suggestion here:
  Open Directory - Local Network User/Group - GONE

• Network accounts doesn't create

  Hi.
  When I create a network account in server.app and set its permissions to services it all looks fine. When I look into Workgroup Mgr I can see the account. When I go to the location of my home folder, the account doesn't show up. I have created network accounts before, so I do have some that works, but now I can't create new ones and be able to login with them. Not even from the server computer directly.
  I've tried to delete the Library for the server, destroyed the OD Master and the result is still the same.
  Any ideas?
  Thanks.

  Hi.
  When I create a network account in server.app and set its permissions to services it all looks fine. When I look into Workgroup Mgr I can see the account. When I go to the location of my home folder, the account doesn't show up. I have created network accounts before, so I do have some that works, but now I can't create new ones and be able to login with them. Not even from the server computer directly.
  I've tried to delete the Library for the server, destroyed the OD Master and the result is still the same.
  Any ideas?
  Thanks.

• T-Bird requires new install but can't find original mail account - help!

  I've been running ThunderbirdPortable for about 3 months and now, all of a sudden the executable won't start. The message recommends that I re-install which I did in the same directory as the original (as recommended) but when I start the new executable it does not link to my original mail account.
  How can I "tell" my new installation where my original account data can be found.

  I've been running ThunderbirdPortable for about 3 months and now, all of a sudden the executable won't start. The message recommends that I re-install which I did in the same directory as the original (as recommended) but when I start the new executable it does not link to my original mail account.
  How can I "tell" my new installation where my original account data can be found.