Replica Password Server Issue

Similar Messages

• OD Replica Password Server Not Running

  I have two Intel xServes running 10.5.1 server. The first server I created the OD master and that worked great. The second server I setup as an OD replica. They are both on the same network and no port are blocked between them. In fact they are in the same rack. When I created the replica it all started to work great. It authenticated and downloaded the OD database over SSH. Then it got to the point in the process on the replica that it said, "Starting replica service on Master". It just hung there and wouldn't go any further. I was watching the master OD the whole time and it showed the replica as being bound and enable and that everything was great, but the OD replica was still just sitting there waiting. So I closed the OD assistant window and when I did that the replica acted ok. LDAP server shows running and so does the Kerberos server. But Password server says stopped and I don't know why and want it fixed. Any help would be greatly appreciated.
  -Brian

  Same problem here running 10.5.2 server. You can start the Password server replica using slaconfig -starpasswordserver, but it not be a replica from master. If look at the Master's Password Service Replication log it states "DoSync: This password server does not have replicas."

• Unable to read Password Server response - socket error on socket

  Hi,
  I'm experiencing the following at the OD replica:
  2014-06-03 12:13:06.424616 FET - 592.1446486 - Client: Python, UID: 93, EUID: 93, GID: 93, EGID: 93
  2014-06-03 12:13:06.424616 FET - 592.1446486, Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - unable to read Password Server response - socket error on socket fd 12: Resource temporarily unavailable (5205)
  Any ideas are appreciated. Thank you in advance.

  Hi Raja- It seems to be a data quality issue.
  Check for the value @ 1447 position in the xml message that you are trying to send to web service..
  may be a date filed/decimal value which is not in expected format.

• Password Server not working

  Running a Lion Server 10.7.5 on a Mini and I would love to move that OD to another machine. I have tried this on three machines now. Three Mini's, two on 10.8.3 and one on 10.7.5. I cannot migrate using the GUI, command line (slapconfig -backupdb), nor can I create a replica of this OD Master.
  The issue specifically and consistently points to the fact that the Password Server cannot start. Two examples:
  1. When trying to create replica, I get this:
  5/31/13 11:00:45.429 AM servermgrd: -[PasswordServerPrefsObject loadXMLData]: Unable to locate passwordserver config record's plist attribute: -1 Can't contact LDAP server
  5/31/13 11:00:45.430 AM servermgrd: -[PasswordServerPrefsObject getSearchBase]: Unable to locate search base: -1 Can't contact LDAP server
  5/31/13 11:00:45.430 AM servermgrd: -[PasswordServerPrefsObject saveXMLData]: ldap_modify_ext_s of the passwordserver config record's plist attribute: -1 Can't contact LDAP server
  2. When I try to migrate data from the GUI or CLI (slapconfig -restoredb)
  Logs indicate Password Server needs to abort.
  I have confirmed that the database is alright by running:
  sudo /usr/libexec/slapd -Tt
  This has confirmed that my database is good. So it is just the Password Server portion of OD that is not cooperating.
  I have seen nothing about his anywhere. Any ideas?
  Thanks

  I'm using a new iMac and I'm getting the same problem - so badlly that my machine is running slowly.
  You got no replies, a year ago, so that's a bit of a worry!

• How to rebuild the Password Server?

  I have over a dozen customer servers running 10.4.3 now, which have been set up under either Panther or some older Tiger Server release.
  All of them show some kind of corruption in the Password Server database which means that after restarting the server passwords stop working, the Trusted Binding of client Macs fails etc. etc. - absolutely intolerable in every way.
  10.4.3 is supposed to prevent this widespread corruption from happening again, but it seems to been unable to heal an already damaged database. One might assume that reentering the passwords should create new working records, but so far I don't see this to be the case.
  So it looks like starting from scratch is the only save procedure here, but this is very tedious and likely to introduce new problems because you'll always overlook some detail somewhere.
  Anybody managed to just trash the Password Server database while keeping the rest of the Open Directory setup?
  Thanks,
  Norbert

  The other thing i did notice was that once and a
  while i got a overflow file and went in and opened
  the overflow in a text editor and found the user name
  and uid deleted the user deleted the overflow files
  and recreated the user without any issues. I was
  going 8 weeks without any overflow files until a
  recent power outage (APC got fried and died during a
  very large storm).
  Can someone explain what an overflow file is? We just had it happen to a server, running 10.4.3, and the password server quits after a bit. I'm not sure how many are logged in before it quits.
  Nanc

• Password Server stopped and damaged DirectoryService.pid

  I have a small design studio (three Macs and three Windows machines) using a Mac Mini Server running 10.6.8. It was running well until the end of July (coincided with my vacation), when staff reported they couldn't access the server using the normal passwords etc. I was able to talk them through Disk Utility etc so they could at least check the machine was accessible. One of the guys in the office managed to access it using a very old user/password combination, but nobody has been able to tell me exactly what else they did to access the files.
  Looking at it today using Server Utility I found the following:
  - Password Server is listed as 'stopped'
  - Open Directory error logs show multiple unexpected shutdowns
  - Password Service was shut down on 29th July and hasn't restarted
  - 'Damaged Files' folder has a file called '0674b6e6DirectoryService.pid' in it
  - Services like Mail and iChat are constantly on, even after turning them off.
  - Time Machine isn't backing up and hasn't done so since 29th July...
  No-one can access files using their allotted user names and passwords (the same ones that had been working for the last four years without issue). We can all access the server using this old user/password combination, but
  I was already preparing to buy a new server this year, however is there a way to resurrect the passwords/user accounts? Can I replace the damaged file with one from a Time Machine back up - if so how?
  Any help gratefully received.
  Richard

  I've even recreated the accounts in Active Directory (Mac Server's Computer account) and no luck.... any help/tips would be greatly appreaciated!
  thanks!!!!

• Outgoing Mail server issues

  ooutgoing mail server issues. Rebooted phone, changed password, changed port everything and still no luck !!

  Its something to do with my phone it's self. The exact details in another phone works !! Just can't figure it out.

• Mac mail server issue?

  All of a sudden, from out of nowhere, my mac mail connection has gone dead. This is one of the error messages I receive:
  "The SMTP server “smtp.mac.com” rejected the password for user _____."
  I re-enter the correct password... then I get this:
  "There may be a problem with the mail server or network. Check the settings for account “________” or try again.
  The server error encountered was: The connection to the server “mail.mac.com” on port 143 timed out."
  Repeat process... on and on and on.
  Can anyone help?

  There are server issues with .Mac - incoming and outgoing mail servers.
  I copied this from under Support via webmail access for my .Mac account.
  +100% of members might experience slower than normal response when using IMAP mail. Mail can be sent and received using .Mac webmail. Normal service will be restored ASAP.+

• Problems with password server after opendirectory master ip address change

  Hello,
  I had to change the IP address of our opendirectory master and am having trouble now. This is on Tiger Server 10.4.5
  I followed the directions to use the "changeip" command and the clients use DHCP-supplied LDAP server information.
  This seemed to work in that I could use 'id username' to see the network users on a client, but could not login.
  I was browsing the workgroup manager using the inspector and noticed that there were two entries under AuthenticationAuthority for each user "ApplePasswordServer" and "kerberosv5". Each of these had the old IP address in them. I changed them by hand and now logins work.
  The problem is that, new users created with password server passwords are being created with the old IP address, lame. Second, changing them all by hand is also lame..
  So can anyone tell me what I did wrong and how to change the server IP? I noticed that it exists in /Library/Preferences/DirectoryService/DSLDAPv3PlugInConfig.plist and /var/db/authserver/authserverreplicas as well. Just changing those pooches and rebooting didn't do anything but put them back the way they were.

  Hi,
  it turned out the problem was due to a mismatch in the ACLs between the ASA and the remote site 2911.
  We had no matching line in the ASA config for traffic between the office and the extranet server.  On the office router, we had:
  permit ip 192.168.1.0 0.0.0.255 host 3.3.3.3
  So, on the ASA, we had to add:
  access-list office101 line 8 extended permit ip host 3.3.3.3 192.168.1.0 255.255.255.0 
  I'm not sure why the behaviour was different between the ASA versions i.e. why we did not experience any issues when we had the misconfig at version 8.4(3) but it caused problems with higher versions.  Also, cannot explain why it only really seemed to be one site that was affected (we had the same config mismatch at other sites which were seemingly alright) 
  However, ultimately, it was the config mismatch that was causing the problem and, after rectifying that, we were able to upgrade and our remote site VPN connectivity remained stable.

• Regarding Sun Java System Application Server Issue with JVM

  Regarding Sun Java System Application Server Issue with JVM
  Hi
  I have installed SJSAS9.1 on solaris system. I m trying to deploy war file which i compiled in windows enviorment by jdk1.5.0_05. Every time i got the following error :
  type Exception report
  message
  descriptionThe server encountered an internal error () that prevented it from fulfilling this request.
  exception
  org.apache.jasper.JasperException: PWC6033: Unable to compile class for JSP
  PWC6199: Generated servlet error:
  [javac] javac: invalid target release: 1.5
  [javac] Usage: javac
  [javac] where possible options include:
  [javac] -g Generate all debugging info
  [javac] -g:none Generate no debugging info
  [javac] -g:{lines,vars,source} Generate only some debugging info
  [javac] -nowarn Generate no warnings
  [javac] -verbose Output messages about what the compiler is doing
  [javac] -deprecation Output source locations where deprecated APIs are used
  [javac] -classpath Specify where to find user class files
  [javac] -sourcepath Specify where to find input source files
  [javac] -bootclasspath Override location of bootstrap class files
  [javac] -extdirs Override location of installed extensions
  [javac] -d Specify where to place generated class files
  [javac] -encoding Specify character encoding used by source files
  [javac] -source Provide source compatibility with specified release
  [javac] -target Generate class files for specific VM version
  [javac] -help Print a synopsis of standard options
  note The full stack traces of the exception and its root causes are available in the Sun Java System Application Server 9.1 logs.
  I have cheked jvm version on both system the only difference is :
  Solaris points to jdk 1.5.0_09
  Windows point to jdk1.5.0_05
  Even i tried to run blank jsp also but again i got the same error.
  Can any help me to sort out the problem or give me any idea so i can do something by my own.
  Thanks in Advance
  Gagan

  Do you have ANT installed and available?
  Thanks,
  Kedar

• DNS Name in OD Password Server field?

  So, I got a new juniper firewall the other day to reduce the amount of work my main server has. Fire it up, configure it, and I notice that password server requests are going out the NAT, then back into the public IP of the server.
  My question is this: would it be wise and/or acceptable to change the IP address to a URL in OD (in WGM, Click on target, config in the popup, passwordserver in the list, value in question is PasswordServerLocation and dsAttrTypeNative:apple-password-server-location)?
  I would rather do this as the internal DNS points the proper name to the internal IP, while the external does the same for the public IP, so password server would work properly no matter where a user is.

  Hi,
  johan wrote:
  > Is it possible to put a DNS name in an Exception filter ?
  No.
  > And can i open a filter for a range of destination addresses like 10.0.6.*
  Well, sure. You use a Network as destination (vs. a HOST).
  CU,
  Massimo Rosen
  Novell Product Support Forum Sysop
  No emails please!
  http://www.cfc-it.de

• HT4859 After the i-cloud server issue Nov 26, 2012, I had to change some mail account settings to get my i-cloud mail to work again.  However, all of my received e-mails are gone.  How do I retrieve my e-mails from the server?

  After the i-cloud server issue yesterday, November 26, 2012, my i-cloud mail account on my Macbook Pro stopped receiving mail.  I changed some mail account settings to fix the issue, and was able to start receiving e-mails.  However, all of my historical e-mails are gone.  How do I retrieve all of my old e-mails from the server?

  What settings did you change, what were the changes, have you visited www.icloud.com to see what mail is actually there? and do you have a backup?

• HP Connected server issues

  My printer has been working well *. since I purchased it earlier this year. until about a week ago when I upgraded to the next level Instant Ink plan. Since then when I try to print the display on the printer shows a rotating circle with the word Printing. This remains for around 2 minutes, without printing anything, and then I get a message on the display that tells me that "The printer cannot connect to HP Connected". At the same time I get a pop up on my PC that "warns me" that the printer cannot connect to HP Connected and that this may cause my printer to stop printing. The terrible message concludes with the meaningless "OK" statement, having urged me to follow the printer's on screen display to make the connection.  When I try to follow the instructions on the printer it merely confirms that the printer is connected. I usually cancel out of the setup and then, as if by magic, whatever I tried to print suddenly starts printing.  So, my questions are?
  1) Is this a common or at least know problem?
  2) Is it caused by my having changed Instant Ink plans and if so what has HP done to cause this?
  3) I have not knowingly changed anything on my system other than the HP Instank Ink plan so why does the printer no longer connect to the HP Connected server to update that system with details of my print usage?
  4) Is there a fix/workaround that will prevent me from having to manually coax my printer to work again?
  I have already used the HP Updates function and have reset/restarted both the wireless router and my PC.
  * I do occasionally get messages saying that the scan function isn't available because it's lost connectivity but this seems to rectify itself without having to do anything else.

  Hello GaryG888,
  Welcome to the HP Support Forums!
  Thank you for the very informative post. With that great info I think I know what has happened. Over the weekend (24th, 25th & 26th) there had been Web Service server issues. As of right now, here is the fix and or workaround: Re: How do I correct the date on my HP Envy 4500?
  Please follow up and let me know if this helps you.
  JERENDS
  I work on behalf of HP
  Please click “Accept as Solution” if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos Thumbs Up" to the left of the reply button to say “Thanks” for helping!

• Password inconsistancy issue with RFC users in ECC 6.0 System after upgrade

  Hi,
  We have upgraded the system from 4.7 to ECC 6.0, but facing the password inconsistancy problem for RFC users. We have set the parameters like "login/min_password_lng" as "8" and "login/password_downwards_compatibility" as "3" & RFC user Type is "system". Could you please suggest how to resolve the password inconsistancy issue.

  Hi Chandan,
  you need to run the txn. SECSTORE and there it will shows you all the RFCs that have inconsistent passwords. Please maintain the correct passwords there.
  In case the existing passwords are no longer acceptable due to new security policies as per the new SAP version, you will have to change the password from SU01.
  Regards,
  Shitij

• Sorry, we are having some temporary server issues. You can work off line if you plan to insert pictures from your computer

  We have about 200 users that connect to three terminal servers. On the servers we have Office 2013 installed. Several users are stating that when they attempt to search for templates or insert Online Pictures, they are getting error messages of "Sorry,
  we are having some temporary server issues. You can work off line if you plan to insert pictures from your computer"
  Remember, they are connecting to a terminal server, all have roaming profiles, and for some users this works fine.
  We've Googled the error message and found no help. A lot of responses was to reset the IE settings, which we've tried to no avail.
  Also as a test, we took one of the users that was having the issue and deleted their profile. When they logged back on the server, the same problem occurred again.
  We're currently at a loss as to why it works for some users and not others?
  Any ideas out there?

  You can refer to this link and find the possible solution which is to delete the offending registry key:
  HKCU\Software\Microsoft\Office\15.0\Common\Internet\WebServiceCache\AllUsers\office15client.microsoft.com
  http://angrytechnician.wordpress.com/2013/05/15/office-2013-error-sorry-we-are-having-some-temporary-server-issues/
  There we can also find information about deploying logon script to all roaming profile users to resolve this issue.