SL bound clients can't logon Lion Server network accounts

Similar Messages

• Lion Server network accounts not working on some computers.

  Hello all -
  I'm currently having an issue with network accounts working on some Macs but not others. I have a Mac Mini and a MacBook Pro. The Mac Mini works fine and I can login and sync my network account with the server just fine. However, I cannot connect to it from my MBP.
  When I try and connect I get an error that says "You are unable to log in to the user account "xxxx" at this time. Logging in to the account failed because an error occurred."
  If I login through console (by typing in ">console" in the username field) I get an error that says the user does not have a home directory...
  I have searched numourous other forums but I have not found a solution that seems to solve this problem. I have unbound and re-bound my client to the open directory and I have restarted file sharing. Neither has solved the problem. I have a feeling the issue originates somewhere on the MBP since I can log in to the Mac Mini without any problems.
  Anymore suggestions?

  Thanks for your suggestion, SolidWood. Unfortunately it didn't help.
  After a 90 minute phone call with AppleCare, this issue has finally been resolved. Here is what the solution was. Turns out it was pretty simple but it took a while to find it.
  First we created a test user and left the home folder set to Local Only in the Server App. I was successfully able to login with the test user on both clients but since there were no mobility preferences set, it was pretty basic.
  Then, we removed the Users sharepoint from file sharing, turned off file sharing to disconnect any users, and restarted the server. Then we created a new folder on the Server HD with a random name. We chose Darron. We created a new sharepoint in file sharing (with it still turned off), and shared the new folder called Darron. Double click on the sharepoint and scroll to the bottom and check the box that says "Make available for home directories over AFP". Then we restarted file sharing.
  Then we opened Workgroup Manager, clicked on the problem user in the left sidebar, clicked on the Home option at the top, and there were three things listed:
       (None)
       afp://servername.com/Users
       afp://servername.com/Darron
  Then we removed the Darron sharepoint from file sharing, and found that it was still listed as a home directory under the problem user.
  This was the root of the problem. The system didn't know which path to use as the home directory.
  Sooooo...
  In the server app, we opened the Directory Utility (Tools in the menubar, Directory Utility). Clicked on Directory Editor. Authenticate to the directory using the diradmin login. Changed view settings to match this below:
  In the left column, there were two paths listed for home mounts. We deleted both of them, saved changes, and closed directory editor.
  Then, we restarted workgroup manager and both paths had been deleted from the users home listings. This was begining to solve the problem.
  In the Server App, we recreated the users sharepoint, made it available for home directories, and restarted file sharing and workgroup manager. Now only one path is listed for the home folder for all the users.
  This solved my problem of not being able to login on the MBP. The system synced the home folder and all was well. On the Mac Mini, I had to delete the problem account, un-bind from the network server, re-bind, and recreate the account. Now both clients are sycning perfectly and all is well.
  Thank God I bought AppleCare! Thanks to everyone else for their help and suggestions.
  As a recap, the problem of not being able to login to the MacBook Pro was caused by having multiple paths to the multiple home folders. These rogue paths were added somewhere in the troubleshooting process to try and recreate the home directories before I called AppleCare. To solve this, we had to remove the directory listings from accounts using Directory Editor, remove and recreate the users sharepoint in file sharing. The syncing problem on the Mac Mini was also created when multiple paths were introduced. The system didn't know which files to use.
  Taylor

• Lion Server Network Account loses all created files after logout

  Hi,
  I am new to Server, I got Lion Server working on a Mac Mini and everything was alright until I added users from existing client machines. I created new Users on the Server App with the same name and passwords as on the existing client machines, logged in as root on the Server and copied the client user home folder contents from an external HD into the User home directory on the Server. After that I ran Batchmod on all the User folders on the server and everything seemed to be working alright, now the only problem is, if you create a file or folder on the desktop it is not there anymore the next time I log back in. The accounts are setup as Network Accounts, and they are available from any computer in the office, they just don't save any settings that have been changed or any files and folders.
  I have found the "Convert a local Home into a Network Home" post to late, http://www.afp548.com/article.php?story=20050331212133607&query=migrate%2B
  does this sound like a permissions issue, and if so, can I still repair it or is it better to start fresh?
  Thank you

  I think your problem has a rather simple solution, since all files in a directory aren't modified unless you tell the OS or a program you've installed to.
  To keep the external hard drive mounted even when nobody is logged into your server, enter the following into terminal:
  sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount \
  AutomountDisksWithoutUserLogin -bool YES
  I think your server is looking for the external Hard Drive, but can' tfind it and thus defaults back to the internal HD.

• Trying to connect IMac to Lion server (network account)

  Hello,
       I have been trying to get this to work for a few weeks now.  I have 2 Imacs and a Macbook, i am trying to login to a network account.  I did the step by step to set up my server.  I can screen share and see all the shared folders.  I have a network user in the work group, and when i go to users on my macbook, and say join the server, i get host not found, but the server is active.
       My network is a DSL modem ( in bridge mode), then to a time capsule, that is hard wired to my server and one Imac, everthing else is wireless.  My time capsule hands out the Ip's, and a DNS server is running on my lion server. 
       Am I having a DNS problem, I am not sure what DNS has to go where starting with the time capsule.  Should i have my time capsule just server one IP to my lion server and have the server hand out the other IP's over DHCP? 
       My goal is to have network user account on my server, and no matter what computer you use, you can get the same information.  Then set up mobile account for when my macbook is not on the network.
       I setup profile manager, and tried to push my settings to my account, but it also fails every time.
       I tried to follow apple's doc's on this but I have luck with some things, and now with others.
      I am running lion server on a mac mini server.
  Thank you,
       Justin

  HI,
  my experience is as follows:
  1. You have to setup a home folder for network/mobile users with Server.app
  2. Create a group for network users with the workgroupmanagement.app from serveradmin tools
  3. Create users with  correct settings under "preferences" in workgroupmanagement.app, especially "rules"
  4. Put the users in the group
  4. Set the appropriate permissions to the home folder and share it over the network with server.app
  After playing around I could login from a MacBook Pro and synchronize the users library and complete home folder. After testing and restarting the machines (Lion Server is on a Mac Mini) I could relogin with the network/mobile user.
  My problem actually is, that I could not login from any other Mac. Everytime the system told me, that there is a fault with login.
  Before I want to login with the network/moblle user on another MacBook i logout the user form the MacBook Pro.
  No luck :-(
  I test it with other users with same settings.
  No luck :-(
  I integrate the MacBooks in the Computer settings in the workgroupmanagement.app.
  No luck :-(
  I hope this thread give answers the next days, because I need a working synchronize and account management solution for different users and machines :-)
  Cheers
  Ishan

• Lion Server network accounts not available after 10.7.4 update

  I installed the incremental update for Server 10.7.3 to 10.7.4, and now my network accounts can't log in. That would be all users of the machine then. How can I fix this?
  Unimpressed!

  Exact same thing happened to me on my 2010 MacBook Pro, running Lion as well. Updated to 10.7.4 and whammo, no more DVD drive. Tried numerous discs and the computer just mulled over whether it was going to play the discs for a few attempts then spat them out. All the discs I tried were in perfectly good working order.
  Just saw this thread, but created one of my own before (https://discussions.apple.com/thread/4026857). Still waiting for some help....

• Mountain lion server network accounts are not mounting network home directory, rather its creating a blank local directory

  I have set up a scratch mountain lion server with open directory.  copied over old user account directories and added my users that match the directory ids.  Currently if a networked user logs into a networked computer, instead of mounting the network home directory, its creating a local home directory.  suggestions?
  thanks,
  Dave

  Additional info: it appears that certificates are not working either: setting up ical: "the certificate for this server was signed by an unknown certifying authority."...

• 10.4.11 Client can't Logon to 10.5.4 server but 10.5.4 client can?

  Hey Guys,
  I'm setting up a new server, I'm using Win2k3 AD for my users etc as there are windows clients as well as mac clients and a 10.5.4 server which hosts home directories. My Tiger clients (10.4.11 MacBooks) can't logon to a network account they are getting the error :
  My leopard clients (10.5.4 iMacs) are working just fine? Anyone got any ideas? I think I heard once it was something to do with WGM; change the sharepoint string for home directories because there was something that wasn't compatible in Tiger clients like /Network/Servers should be change to just /Servers or something like that?
  Any help would be greatly appreciated,
  Regards,
  r00tb00t

  thank you for the reply!
  couple more queries:
  any idea on price?
  and...sorry to ask this, as I presume you would have mentioned something else, but is that the ONLY solution? I am traveling a lot, away from home, for the next 6 weeks. does this mean no OS X 10.6, no itunes, until I can get the dvd in my hands?

• Can a Snow Leopard client connect to a Lion Server?

  I have an XSAN setup with two Mac Mini servers.
  I have a few Xserve lying around and I want to make use of them.
  One Duo Core which is not working at the moment. I think I can install Lion on that one? Right?
  Then I have two G5 - none intel, which I'm thinking I'll reinstall Snow Leopard on and use them as clients.
  Can they connect to a Lion Server? I have a few XSAN licenses left which I think I need for OS's older than Lion?
  I short, can a Snow Leopard client connect to a Lion Server?

  One Duo Core which is not working at the moment. I think I can install Lion on that one? Right?
  You can't install Lion on a Core Duo-based system It requries Core2 Duo as a baseline. The Core Duo is a 32-bit chip whereas the Core2 Duo is 64-bit.
  Then I have two G5 - none intel, which I'm thinking I'll reinstall Snow Leopard on and use them as clients.
  Nope, again. Snow Leopard requires an Intel-based system. The highest you can go with the PowerPC machines is Leopard (10.5.x)
  Can they connect to a Lion Server? I have a few XSAN licenses left which I think I need for OS's older than Lion?
  This may be irrelevant given the above, but define 'connect' please. There are a myriad of ways of 'connecting' a client to a server. In many cases they don't have to be the same OS, platform, processor or anything else (how many web servers do you think are running Mac OS X to match your client?

• Can't get Lion Server to work

  Hi
  As written above. I can't get Lion server to work.
  I have succesfully installed the program, and turn on some of the services. Then I have bought a domain, to connect to my server. But if I try to connect to my IP, from another computer, it doesn't connect. I have tried to "port forwarding" port 80 on my router, and given my Mac a static IP. I have checked with a "Check port opener" if the port 80 was in reach, it was.
  So my question is, what is the next I can do to make it work. First with the IP and then with my domain?

  Yes, SMTP used to work but stopped after new cert applied. IMAP works fine. Removed SSL and still doesn't work (although should it be restarted or is save for changes okay).
  Log:
  Nov 10 12:30:39 colquhoun postfix/postscreen[29668]: CONNECT from [168.144.32.45]:54598
  Nov 10 12:30:39 colquhoun postfix/postscreen[29668]: PREGREET 29 after 0.07 from [168.144.32.45]:54598: HELO www.unlocktheinbox.com\r\n
  Nov 10 12:30:39 colquhoun postfix/smtpd[29669]: connect from unlocktheinbox.com[168.144.32.45]
  Nov 10 12:30:42 colquhoun postfix/smtpd[29669]: lost connection after HELO from unlocktheinbox.com[168.144.32.45]
  Nov 10 12:30:42 colquhoun postfix/smtpd[29669]: disconnect from unlocktheinbox.com[168.144.32.45]

• I have Lion 10.7.3 can i install lion server

  I have Lion 10.7.3 installed on my iMac can I install Lion Server without having to do a clean install?

  Yes from what I read Lion server is just an Application that run on, ,and changes certain things, in the normal Lion OS.

• How can I configure Lion server to accept inbound VPN (L2TP) connections while connected as client to another vpn service?

  I have what I believe to be a unique need;
  I have a MacPro (1,1) running Lion with Server app.
  I require that this particular machine be connected as a client to a VPN server, while at the same time acting as a VPN server for my network.
  The PPTP connection configuration is such that "Send all traffic over VPN connection" is checked.
  If PPTP client is NOT connected, I can connect to Lion as VPN server. As soon as I make the connection from Lion as a client, I can no longer
  connect to Lion VPN server.
  I understand this is because I am forcing all traffic out the virtual interface (tun0) and eth0 is no longer listening on the local network.
  1. Is it possible to bind the VPN client (on Lion Server) to a particular interface? If I could tell the PPTP client to only use eth1 as the interface of choice, my assumption would be that eth0 would then be free to accept incoming connections.
  2. Is it possible to bind the VPN service  (on Lion Server) to a particular interface? if I could tell the vpn serviec to only listen on eth1, and in turn tell the PPTP client to NOT communicate on eth1 but only eth0 then perhaps I could separate the communications?
  In my head, it seems as though both of the above options would be required in order to use Lion as both a VPN server and VPN client
  Any and all help appreciated.

  This is a standard facet of most VPNs - the problem lies in your NAT router since both clients appear to come from the same IP address as far as the VPN server is concerned, and the router can't separate out the traffic.
  There are a couple of solutions.
  First, the built-in VPN server supports L2TP and PPTP protocols. You should be able to connect one system under each protocol, so that gets your two machines connected.
  Second, you can replace your NAT router with one that supports multiple VPN clients (often termed 'VPN passthrough').
  Third, setup a site-to-site tunnel so that your entire LAN is connected to the VPN (this saves you from having to run a separate VPN client on each machine, but is typically only worth it when you have more machines).

• Can Tiger 10.4 clients connect to Mountain Lion server

  We are in the process of an upgrade and are doing the servers first.
  Clients are mostly running OS X 10.4.11, we have already upgraded one server ( 10.7.5 Lion) and the 10.4 clients can connect no problem.
  The next 2 servers we bought now have 10.8.1 Mountain Lion and the 10.4 clients can't even see them on the network.
  Does anyone know how to fix this?
  Thanks, Jim

  Found the answer with an Enterprise Support call from Apple, Austin, TX.
  Yes, they will work with the Mtn. Lion Servers.

• Can I use Lion server to push updates to my mac clients

  Hi Everyone,
  I was wondering if I can run Lion server and use my clients (OS X ranging from 10.5 to 10.7) to pull updates from this server instead from Apple. Is it easy to setup Mac Update server?
  Thanks,

  There is a simple way for unmanaged clients.
  To point an unmanaged client to your update server, enter the following command in terminal:
  sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://<your_server>:8088/index-lion-snowleopard-leopard.merged-1.sucatalog
  (replace <your_server> with the dns name of your update server.  If the unmanaged client runs snowleopard or leopard, adjust the url accordingly. For snowleopard clients, remove the "lion-" part. For leopard clients, remove the "lion-snowleopard-" part

• Can I use Lion server to set-up a WPA2 wireless network in place of an AEBS?

  I'm contemplating replacing my Airport Extreme Base Station with my Core i5 Mac mini as the wireless network server, because this will get rid of a "box" (that I can sell!) and reduce power consumption, since my iMac is on all the time as my iTunes media source anyway. At present my AEBS creates a WPA2 LAN network connected in bridge mode to my Billion modem/router, so DHCP serving is performed by the Billion router. I could replace the AEBS with the Mac mini running Lion simply by using internet sharing, but this has low security (WEP) and I understand there are often connection problems when clients awake from sleep. (Furthermore, my Airport Extreme at the back of the house probably wouldn't connect to that WEP network?)
  So, I wonder.... If I upgraded to Lion Server (only $49), can I set-up the Mac mini as the WPA2 network host in place of the AEBS? My mini is right next to the AEBS anyway, so it's in a suitable position to distribute the radio signal. As I understand it, the Lion Server software would need to allow the Mac mini to connect to the Billion router via ethernet in bridge mode - just like the AEBs, but I can't find any info that tells me whether this is possible.
  Does anyone know if what I want to do is possible? A simple solution may be to turn off the DHCP server functions of my Billion router, letting Lion Server become the DHCP server, but I don't think that's possible. I also don't want to replace the Billion with a simple modem because my Billion router provides VoIP for my home phone (and has done so reliably since 2005).
  Of course, if it's all too hard, I'll leave things as they are, because I don't have any need for the other Server functions of Lion Server.
  thanks

  Hello Chris,
  chrisfromnewtwon wrote:
  So, I wonder.... If I upgraded to Lion Server (only $49), can I set-up the Mac mini as the WPA2 network host in place of the AEBS?
  I don't know. I'm also looking for the same function because I want to
  make my iMac running Lion the router and the firewall of my personnal
  wireless network. The key advantage will be to have the firewall, its rules
  and its logging on the same server.
  What I already know is that turning the Internet sharing on turns a
  MacOS X Lion into a DHCP server on the wireless side.
  dan

• How can I configure Lion server or mail.app to show IMAP subfolders with mailboxes?

  I'm sure we've all seen the weird IMAP glitch where mail subfolders appear down lower on the mail.app pane instead of nested neatly under the mailbox itself.  Usually you can get around this by changing the Inbox IMAP prefix to "" or "INBOX" or "/" or some such path that the server recognizes as the root path to your IMAP folder.  Unfortunately, this sometimes means you are unable to work with those folders or introduce other problems.
  Since I am running Lion (Client) and Lion Server as my mail host, I would think that there is an appropriate answer to this either on the mail.app client settings, or perhaps with a Lion Server configuration through DOVECOT.  I don't mind if the solution is a command-line one, but I need to be able to easily set up my mailboxes so that mail subfolders appear properly under each mailbox, instead of being hidden away lower on the page where it is very inconvenient to find, especially when you are using multiple email accounts.
  Client Machine Lion 10.7.3
  Server Machine Lion Server 10.7.3
  Please Help!!!!

  I've tried editing /etc/dovecot/conf.d/10-mail.conf on Lion Server to add the following:
  namespace private {
    type = private
    separator = /
    prefix = INBOX/
    inbox = yes
  This puts me in a catch-22:
  If I leave the "IMAP Path Prefix" setting in the account Advanced tab empty, I can see the subfolders and move messages in and out of them, but can't add or edit the folders or heirarchy.
  If I set the "IMAP Path Prefix" to "INBOX" I can add and edit subfolders, but they don't appear nested under my inbox.
  Please help!