New users can't log into /mydevices or /profilemanager

Hi all,
I've got Profile Manager up and running and have deployed about 25 iPads using the current setup.
My configuration has not changed but all of sudden, new users created today can not log into /mydevices or /profilemanager.  Says the username or password is incorrect, but they're entered properly.  Again, the configuration of the server has NOT changed since users entered (and working) last week.
Anyone have this issue?  If anyone can shed some light, I'd really appreciate it.
Apple: Lion Server is buggy as ****.  Profile Manager is buggy as ****.  I've spent hours on the phone with Apple support with one issue after another.  I'm getting sick of the instability and crankiness of Lion Server.  These forums are chalked full of people having such a massive range of issues that I can only draw one conculsion: Lion Server is half baked.
Please help (again),
Chris

I got my problem solved - and here is a few things to note and some steps to resolve the issue.
1) you do not need to create augmented users - unless you need extra settings for local logins (you most likely won't have users logging into your mav) - if you are using AD that is - if not just create local users
2) server is buggy - perhaps - but after dealing with this issue for a few days - as much as i want to agree with it i want to say that now it is running very smoothly - and it boils down to order of steps in the install
4) do not change hostnames once it's set up - that will scre it up even worse
here is what i woudl suggest to blow it away and reset it up
1) system pref - users and groups - login options - network account server - edit - unjoin the domain
2) blow away your open directory and profile manager in command line
sudo /usr/share/devicemgr/backend/wipeDB.sh
sudo slapconfig -destroyldapserver
3) reset apache web config
sudo /serveradmin command web:command=restoreFactorySettings
4)make sure your hostname is correct
5) join domain (if needed)
     on command line veryfiy ad is working by typing
     user "username" where username is username of AD user
6) if AD set up - check dns search order - make sure no local host (127.0.0.1) is in the list
     system preferences - network - ethernet - advanced -dns - remove 127.0.0.1 if there (only if using AD)
6) server admin - open directory - settings - change - set up as standalone
configure yoru ldap server - this will reissue signing authority certificate that you will need if you want to sign your configurations profiles for clients (iOS and Mac)
7) then configure profile manager
Reboot after step 2 - step 3, step 6
if you have a firewall infront of the server there will be aditinal ports required for SCEP
http://support.apple.com/kb/TS1629
you will need port 80,443 and 1640
If you have a reverse proxy you will need to set up a trust to the cetificate on the proxy to the authority configured in the open ldap - different topic - but just tought it was worth mentioning

Similar Messages

  • Sold my wifi iPad and reset b4 selling but new owner can't log into apple keeps asking for old( mine) Apple id

    Sold my wifi iPad and reset b4 selling
    New owner can't sign into his Apple ID keeps asking for old (mine) Apple ID
    Thought would have erased with resetting iPad

    Hello, your iPad is 'Activation Locked' as a part of 'Find My iPad'.
    Log onto www.icloud.com, go to 'Find My iPhone'. Then select 'All Devices', your old iPad will probably show here, select 'Remove from Account'.
    If there is no option to 'Remove from Account' ask the current owner to switch iPad off for a while, and remove from account should show in 5 minutes or so.

  • Users can't log into network

    I have just set up an OSX snow leopard server on a mac mini. I have 36 user accounts. All of the accounts were set up at the same time. Two of the imac users cannot access the server. We get a message that it is an invalid password. I tried to change those password of those two users and, but I get a -14120 error. I tried to delete the users accounts and close Workgroup Manager, but they come back when I open Workgroup Manager. I can create new users without any problems.
    Does anyone have a solution?
    Thanks,
    Rich

    If you believe this is an OD issue, then enable OD debug logging.  On server and/or client, do this:
    sudo killall -USR1 OpenDirectory
    This will create a a new log file in /Library/Logs/DirectoryService called DirectoryService.debug.log.  Beware, this file can be rather large if allowed to continue to collect data.  Try to isolate an occurrence as much as possible to limit the amount of data coming in.
    Another good method is to enable ssh on a problem workstation.  Then from a control device SSH into the machine that is failing to permit login and start watching system log, top, and if needed the DS debug log.  Use multiple ssh sessions to view everything you are trying to see. 
    Note on DS debug.  Apple changed the way to do this after 10.6.  For future versions you can use the odutil command to change logging levels.

  • Win svr 2008 r2 ent - user can not log into remote desktop after installing march's 2015 important updates

    we installed march's 2015 important updates onto all of our servers.  three of our servers are not allowing RDP.  
    these servers have windows server 2008 r2 enterprise sp1  installed.  
    we enter in the username and password in the rdp dialog box and click on ok.  the rdp dialog box comes back for us to enter in the username and password.  
    we do have kb3046049 and kb3002657 installed.  
    is there a v2 of kb 3002657 for windows server 2008 r2 enterprise?  
    on one of the servers
    1. I disabled rdp
    2. stop and start the following services 
    remote desktop configuration
    remote desktop services
    remote desktop services usermode port redirector 
    remote procedure call
    3. enabled rdp
    4. added the users allowed to rdp into  server
    This allowed us to RDP into that box with the username and password.  
    But the other two servers the steps performed above did not work.  
    Any solutions for Win Svr 2008 R2  enter sp1?

    Thursday, March 19, 2015
    This is a summary of the new and changed content scheduled for release on Thursday, March 19, 2015.
    New security content:
    This has nothing to do with this issue in this thread, it just happens to have been published today and yet no kb is public.
    Security Update for Windows Server 2003 (KB3048051)
    Locale: All
    Deployment: Windows Update, Microsoft Update, Automatic Updates, WSUS, and Catalog
    Classification: Security Updates
    Target platforms: Windows Server 2003 and Windows XP
    Approximate file sizes:
    Windows Server 2003 update: ~ 196KB
    Description:
    Install this update to resolve an issue which requires an update to the untrusted certificate store on Windows systems and to keep your systems up to date. After you install this update, you may have to restart your system.
    http://support.microsoft.com/kb/3048051
    It is related to the SSL cert revocation and Microsoft is very lame these days and gets the code on MU but can't sync up the KB.
    See:
    * Microsoft Security Advisory (3046310)
    - Title: Improperly Issued Digital Certificates Could Allow Spoofing
    - https://technet.microsoft.com/library/security/3046310
    - Revision Note: V2.0 (March 19, 2015): Advisory rereleased to
    announce that the update for supported editions of Windows
    Server 2003 is now available. See Knowledge Base Article 3046310
    for more information and download links.

  • New users can't log in to services on a replica

    I'm having a strange issue with one server that is set up as an OD replica to an OD master. Both servers are running 10.6.6.
    The issue is that while a user that I create on either server can log in to a service on the OD master it can't on the OD replica unless I destroy the replica (convert to standalone) and re-create it.
    Any ideas?

    D. Kriener wrote:
    Passwords aren't stored in the archive, and had to be restored manually, so be aware to do it in a live environment
    The entire password database is stored in and OD archive. Check the OD manual.
    After you have archived and restored the OD master, you will need to decomission and recomission the replica.

  • 10.6.8 Server. New Users can not authenticate

    We have two Xserves (one OD Master, one replica) running OS X 10.6.8 Server and about 100 client macs all running 10.6.8.
    We have a problem when adding new users in WorkGroup Manager. Users seem to be added correctly (no errors), and all info matches existing/previous users in WGM (including Kerberos and apple password entries). New users can not log into their Macs, nor authenticate to mount any volumes that also authenticate through our Master OD server. What's odd is that we can edit passwords, etc in existing/previous users and they are updated on the client end. We have also verified logs and compared new users authentication logs to existing and the logs say that the users authenticate successfully.
    We are at a loss as what to do next. Any ideas?

    We have two Xserves (one OD Master, one replica) running OS X 10.6.8 Server and about 100 client macs all running 10.6.8.
    We have a problem when adding new users in WorkGroup Manager. Users seem to be added correctly (no errors), and all info matches existing/previous users in WGM (including Kerberos and apple password entries). New users can not log into their Macs, nor authenticate to mount any volumes that also authenticate through our Master OD server. What's odd is that we can edit passwords, etc in existing/previous users and they are updated on the client end. We have also verified logs and compared new users authentication logs to existing and the logs say that the users authenticate successfully.
    We are at a loss as what to do next. Any ideas?

  • User can not log in

    I have a Document Center protected document - it's a test one, that simply needs a valid AdobeID and Password to open it.
    A new user can not log in and view it, older users are OK. He can log in, change has password etc, but when he tries to open the pdf, it will not accept his user name/password saying "The email address or password you entered is incorrect or you need to update your Adobe Online Centre Account. Please enter your email address or password again, or click the Manage My Account button below for help with your account". He has tried both but gets nowhere - with Manage My Account, He can log in and see his details, change password - but still can not open the pdf!
    Can anyone please help?
    I notice the link to Document Centre support now fails - is there any support for Document Center anymore?  

    Hi Chetan,
    You may check this thread to find your solution:
    Re: Two licences but only one is visible
    Thanks,
    Gordon

  • Created three new users without Apple IDs and they can't log into either of my Macbook Pro or Mac Mini running Mountain Lion.

    I have created three new users without Apple IDs and they can't log into either of my Macbook Pro or Mac Mini running Mountain Lion.  These accounts are for my kids and originally were setup with parental controls and time constraints.  Thinking this was the problem I removed the time constraints, removed the parental controls, deleted and re-added them, and made them standard users.  I have reinstalled, used disk utility to repair permissions, and made them admins.   Any help is appreciated.

    Users don't need Apple ID's. That's not the issue. Have you tried repairing permissions their accounts?
    http://osxdaily.com/2011/11/15/repair-user-permissions-in-mac-os-x-lion/
    Repairing User Permissions in OS X Lion
    You’ll need to reboot to perform this, and then use the same resetpassword utility that is used to change passwords in Lion, but instead choosing a hidden option.
    When you use the Disk Utility app and Repair Permissions — it doesn’t actually repair the permission settings on folders and files in your Home folder where your documents and personal applications reside.
    In Lion, there is an additional Repair Permissions application utility hidden away. This tool is located inside boot Repair Utilities. Here’s how to access it.
    Restart Lion and hold down the Command and R keys.    You will boot into the Repair Utilities screen. On top, in the Menu Bar click the Utilities item then select Terminal.
    In the Terminal window, type resetpassword and hit Return.
    The Password reset utility launches, but you’re not going to reset the password. Instead, click on the icon for your Mac’s hard drive at the top. From the drop-down below it, select the user account where you are having issues.
    At the bottom of the window, you’ll see an area labeled ‘Reset Home Directory Permissions and ACLs’. Click the Reset button there.
    The reset process takes a couple of minutes. When it’s done, quit the programs you’ve opened and restart your Mac. Notice that ‘Spotlight’ starts re-indexing immediately.

  • Can not log into server computer with any accounts - "You are unable to login to the user account "abcdefg" at this time. Logging in to the account failed because an error occurred."

    I have a Mac mini running the latest version of OS X and Server. Been running fine and flawlessly. However, I had a strange problem with the iCloud preferences panel crashing when I tried to access it, so I rebooted. Now I can not log into the system with any accounts. My master admin account (along with all the others) gives me the error:
    You are unable to login to the user account "abcdefg" at this time. Logging in to the account failed because an error occurred."
    I am able to see the server from other macs and I can log into it using the same account, but it only shows me a few of the shared folders I have access to but NOT to my main directories.
    Rebooting into Command-R and doing a disk utility, I try and repair permission on that drive and get a bunch of errors like:
    ACL found but not expected on Users
    Repaired "Users"
    ACL found but not expected on Users/.localized
    Repaired "Users/.localized"
    ACL found but not expected on Users/Shared
    Repaired "Users/shared"
    ACL found but not expected on Users/Shared/.localized
    Repaired "Users/Shared/.localized"
    Permissions repair complete.
    But rebooting is no joy...same problem. Any idea what is going on or how to repair it? Should I do a time machine restore? Complete new OS X install? Any idea what is causing this or how to salvage it?

    Got everything to re-install and it worked fine...for a few hours. Then I came in to find ALL of my network users deleted. Just GONE. Then found out the Open Directory was trashed and was unable to open, recover or restore from a backup. Looks like I may have a bad drive here.
    I installed a new drive in the system, re-installed and so far (for a couple of hours anyway) the system seems to be working and stable.

  • User can't log in / Server can't create new users

    I recently updated to OS X Server 10.5.5. Now one of my users can't log in. Wrong username or password the system says. I've reset the password but it doesn't help.
    When creating a new user I get this error:
    "The server reported the error '-14120' while trying to create the user."
    How can I fix this?

    Well, to move the stuff, make a New Account, log into a different admin account & get BatchMod, it's much better/easier than the Finder for recursive Permission changes...
    http://www.lagentesoft.com/batchmod/index.html
    Now careful with BatchMod, it's crazy powerful, but easier than Command Line.
    Oh, this bad user isn't using FileVault I hope???
    OK, once BatchMod is loaded, you can drag the whole bad user's folder to it's icon and set the Ownership/permissions to the new replacement user, check Apply to Enclosed items, go.
    Oh, if you have room you might make a copy of that User's folder first & use the copy.
    Then open the bad User's folder, Select All, drag to new replacement User's folder.

  • I damaged my iphone 5 and have been sent a new one, but i do not have enough storage to back up my phone and do not want to pay for more storage. can i get all of my contacts, photos, etc. on my new phone just by logging into my icloud account?

    i damaged my iphone 5 and have been sent a new one, but i do not have enough storage to back up my phone and do not want to pay for more storage. can i get all of my contacts, photos, etc. on my new phone just by logging into my icloud account?

    Not photos, just data synced with iCloud shown in Settings>iCloud.  If you don't have sufficient storage to back up to iCloud, back up to your computer instead using iTunes (connect you phone to your computer, open iTunes, click on the name of your phone in iTunes, go to ths Summary tab of your iTunes sync settings and click Back Up Now).  Also transfer your purchases to your iTunes library (connect your phone to your computer, open iTunes and go to File>Devices>Transfer Purchases). If you have photo stream photos older than 30 days tha you wan to save, save these to your camera roll before backing up (tap Select, tap the photos, tap the share icon -- box with upward facing arrow, then tap Save to Camera Roll).
    When setting up your new phone, when given the option choose Restore from iTunes Backup and restore the backup you made earlier.

  • So I just transferred my stuff from my first iPhone I my new one. Now I'm trying to log in to iTunes/apple account but it's not letting me. I can still log into apple on old phone

    So I just transferred my stuff from my first iPhone Ito my new one. Now I'm trying to log in to iTunes/apple account but it's not letting me. I can still log into apple on old phone

    What happens when you try?

  • Got new AIM ID, logged in a few times, now can't log into AIM or Jabber

    I got a new AIM ID using my gmail address, and it worked fine for about a week, but now I can't log into AIM or Jabber using my gmail address. All my passwords are correct!

    Jabber is working now -- I fixed a setting -- but AIM still is not.

  • Can't log into user accounts

    Before the Christmas break, our Mac OS X Server was happy and running smoothly. Upon return, the individual clients cannot log on and the XRAIDs are acting strange (lights won't turn off on power down). I've since completely powered down and unplugged the 2 (of 4) RAID arrays that were acting up and they have all rebooted normally now--although I still se nothing in RAID Admin. On the client computers, however, we still can't log into our individual accounts--only the Admin account.
    What gives?

    Hi
    Check the physical structure of your network, switches are switched on, cables connected etc. If you can’t communicate with the XServe RAID using RAID Admin is it possible someone has removed the network cables?
    Hope this helps, Tony

  • Can't log into my new Ichat account

    I can't Log into my ichat account. I have tried changing the account name and passwords in preferences........all it says is that my account name or server isn't valid. Previously it seemed to have retained a very long password that I didn't write.

    Hello Josie,
    Welcome to Apple Discussions.
    We need more info when you post back.
    What Mac do you use?
    What OS? and version?
    Where are you located (country)?
    How are you trying to log in (AIM, Rendezvous, Bonjour, Jabber)?
    Assuming you are using iChat AV 3, how far can you get in Starting Out With iChat AV 3.x?
    We will be happy to try to provide more specific responses based on your additional info.

Maybe you are looking for

  • Satellite M70 - blue screen during the WinXP installation

    hi I bought a new M70 with Win XP HOME installed on it! but i want to install my Win XP PROFESSIONAL on the notebook. So i put in the WinXPpro-CD and boot from CD/DVD-Drive. The first blue screen with some information in the bottom grey line come, an

  • Keynote is not downloading?

    It was downloading with my update but froze so i deleted it to re-install. When i went back to re-install the application, it just says "installed" but is no where on my launchpad. How can i re-download it? P.S. i already restarted my computer

  • Indicating the reference document inside the main document.

    Hi, We have a requirement that indicating the reference document inside the main document.  for.e.g: Indicating the sub manuals inside the main manual. Is this possible in SAP DMS. Please suggest me. Thanks & Regards, Prasad Edited by: RPrasad on Jan

  • Can't make or receive calls from iphone 4 - all i get is static

    I cannot receive or make phone calls on my iphone 4 -- al i get is static.  very loud screaching... I have rebooted my phone and updated to 7 but it still is the same.  I am extremely frustrated -- I am paying for a phone i cannot use

  • Setting up time machine/time capsule after fitting a New Hard Drive.

    I have replaced my hard drive in my imac 24inch and restored the system from my time capsule. My question is now my time machine is trying to back up to my time capsule but it is already 3/4 full from the old drive in my imac. How do i best set up my