[solved] VSFTPD + Virtual Users + different home directories

Similar Messages

• Migrating local user accounts/home directories to network user accounts

  Hi,
  I am planning on moving the user accounts from several Mac OS X client machines to a new Mac OS X Server machine (Quad core Xeon MacPro). I am very familiar with OS X client in a support environment, but do not have extensive experience with Server.
  I read over the instructions in this article
  http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c6um3.html
  and it appears to be fairly straight forward, although I do have some questions regarding the existing data (home folders) and how to set the clients to log in to the network account.
  Previously, in the event that I have needed to move a person's home directory to a new computer or recover from a corrupt OS (and Archive&install was not an option), in OS X client I would:
  1) Back up the home directory.
  2) Erase/reinstall OS X client.
  3) Log in as Root.
  4) Go into "Accounts" pref pane and create user with same short name as original/backed-up home directory.
  5) Replace the newly created home directory with the backed-up home directory.
  6) Go into Terminal and chown/chgrp the home directory to username/staff, respectively.
  This would result in a perfectly migrated user account. All settings and files working just as they did on the previous system/install of OS X.
  First Question: Could I employee a similar method to retain the content and settings from the local user accounts on the server as I migrate them to network users? Moving the user accounts to the server as described, then running terminal to set proper ownership...
  Second Question: What do I do on each client system to tell it to recognize the networked home directory for each user? Do I just change the user's home folder path in Netinfo Manager to the automount location?
  Thanks in advance for any help you can offer,
  -David
  MacPro 2.66 Quad Core (MA356LL/A)     Mac OS X Server 10.4.8

  A network account is really existing only on the server but if you use "portable homefolders" (Tiger client and server) you could "migrate" the local account to a "server" one by:
  Login locally as another user with administrative rights.
  Change the name of the old account folder in /Users.
  Remove the "old" account locally (woun't remove the "old" folder as you changed the name) only Netinfo data.
  Login using the serveraccount login/password thus creating a homefolder on the server.
  Logout and back in, enable portable homefolder.
  Logout and then in as a local admin and remove the new user folder.
  Change the name on the old userfolder to what the new one had.
  I'm not a 100% sure Netinfo has the server account UID now (added by logging in and creating the portable account?) but if it does:
  (http://forums.macosxhints.com/archive/index.php/t-12077.html)
  "Finding and changing UIDs across the filesystem is a one-liner command:
  sudo find / -user UID -exec chown userName {} \;
  (replace UID with the old UID number and userName with the new user name to associate file ownership.)"
  (A portable account must have got some "kind" of UID?)
  Let the machine "sync" with the server account.
  If you want an "on network only" account I don't know what you need to remove locally afterwards.
  HTH

• Portable Home Directories in 10.8 Server?

  I have a Mac mini Server running 10.6.8. Now that 10.8 is out, Apple will probably stop supporting 10.6 (as is their policy) and that means either slowly eroding security or moving to 10.8. I have been looking at the documentation and it seems underneath it all is still by an large the same basic unix-stuff like postfix, dovecot, a dns system, etc. Giving the lack of support for GUI-managing the more complex setups, I'll probably be doing it command-line (stuff like multiple virtual mail domains, multiple web domains, etc.). Not fun (and a business opportunity for some enterprising software engineer).
  But what I haven't been able to see in the documentation or anywhere else is Portable Home Directories. In my current setup, I have a 10.6.8 Server and 10.7 clients. On these clients is a single local administrator acocunt and the rest are 'managed mobile accounts'. These are local acocunts. They work when away form the network on which the server is, but when in range of the server, the server may push settings and stuff. And on login/logout and when connected to the LAN and during work, the home directory of the user is constantly synchronized with a copy of the user's home directory on the server. This means my users can take any computer and get their own account and a synchronized copy of their home directory. They can also take a laptop off line for a while and when they return to my LAN (either physically or by VPN), any changes will be synced. This is a sweet setup and it works with 10.7 clients and 10.6.8 server.
  But what I haven't been able to find if this will still work with 10.8 Server. I have looked at teh 10.8 Server documentation and haven't found anything about it. Will it still work somehow and if not, is there a good alternative?

  Gerben Wierda wrote:
  Or: you create the users anew in the network directory, you replace their home directories with the content of what is on the MacBook (TDM is your friend) and do the chmod. Easier still.
  That way, I suggest the migration in that way; because, you can test everything out before the data gets moved over. There's nothing like something going wrong in the setup/migration, and you have to do it all over again.
  Kirk, you can always put the Home directories/folder on an external. But if you do, you'll probably want to run this command in Terminal:
  sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount AutomountDisksWithoutUserLogin -bool YES
  That sets the system-wide setting to mount external HDs on startup. The default behavior  in OS X, probably around 10.3 onward (but Apple may have flip-flopped on this), is to mount externals on user GUI-login, not on startup like internal HDs. The default behavior is a huge problem with network users, whose home directories reside on the external, since the external on GUI login often mounts "too late" and new "phantom" home directories are created (along with warning messages that the home directory can't be found) and you sometimes get duplicate mount points. In short, the default behavior creates a bit of mess. To spare you some frustration, run that command, which will mount the externals on startup, so the home folders are always available.
  It's also handy if you plan on creating other shares on the external; it prevents some flaky behavior.
  Gerben's "general description" can be applied to Lion and Mountain Lion, although with Mountain Lion you have fewer tools, and you'll often be working in Server.app rather than some of the older tools like Server Admin.
  Again, basically you need to:
  (1) Setup file sharing, where you designate a directory/folder as a share to hold the network home directories. On the default install, Apple makes /Users a share, and you could (similar to what Gerben did) use that to hold not only local accounts' but also the network accounts' home directories. In that setup all users' home directories reside in the same place. All you have to do then is check the box "Make available for home directories over" and leave "AFP". See below; note the very last checkbox; that needs to be checked:
  I preferred to keep the local and network users separate, so I actually use a different share for the network users, and not /Users. If you go that route, pay attention to the permissions, it's somewhat easy to get them wrong. I think I cheated and used Carbon Copy Cloner to clone the /Users directory to another HD, then just renamed the directory. FYI you're actually not seeing this in these screen shots, since I'm using a "fresh install" virtual machine to make the screen shots.
  Also if you don't need it, I'd probably uncheck "Share with Windows clients (SMB).
  2. You need to setup Open Directory, so you can manage Network Users. Since you want portable home directories, then you might consider using Profile Manager (introduced in Lion Server), which is Apple's latest tool for that. You can also download separate Workgroup Manager as well. Not sure which is better, or exactly why there are both. I think the documention indicated for older pre-Lion OSes, Workgroup Manager is still around.
  2a - If you go straight to Profile Manager, and set it up, it will first make you setup Open Directory, then the rest of the setup for Profile Manager itself.
  2b - Or you can always "two-step", first setup Open Directory, then later if you want "Profile Manager".
  3. Once you have OD (step 2), and the share setup for network home directories (step), you use Server.app to create the network users, and assign their home directory to the share not local. Note the entry "Home Folder"; use the pull-down menu to select your share. See below.
  If you forget to set the Home Folder, you can always "edit" the user and change the Home Folder to the share, and not Local Only.
  4. To get portable Home directories, I'm pretty sure you're going to have to setup and activate Profile Manager or use Workgroup Manager. Sorry not much details I can provide there, I've only played with it a bit, and was planning on upgrading my MacBook Pro to Mountain Lion before giving it a go again.

• You are unable to log in...; Network Home directories; 10.4 & 10.5 Servers

  I have a solution!
  Note: this is a new post because all previous posts dealing with this topic have been archived, MANY without an answer.
  Problem:
  Users with Network Home directories can't log in. After entering their correct username and password, the following error message appears:
  "You are unable to login to the user account 'username' at this time. Logging in to the account failed because an error occurred."
  Problem occurs with v10.5 Leopard client attempting to login to a Network Home directory hosted on a v10.4 Tiger server.
  _Significant Troubleshooting Symptom:_
  Client mac Console log (all Messages) contains the following entry at the time the user attempted to login to their Network Home directory:
  authorizationhost[509] ERROR | -[HomeDirMounter
  mountNetworkHomeWithURL:attributes:dir:Path:username:] |
  PremountHomeDirectoryWith Authentication( url=afp://server.example.com/Homes, homedir=
  /Network/Servers/server.example.com/Volumes/ServerHardDisk/Homes/username,
  name=username )
  returned 2
  _Computing/Network Environment:_
  v10.5 Leopard server doing: DNS; Open Directory with Kerberos for Single Sign-On; AFP for half of all users' Network Home directories.
  v10.4 Tiger server doing: AFP for the other half of the Network Home directories. Also, note that Open Directory is not running on this server, BUT IT IS CONFIGURED (using Server Admin) as "Connected to a Directory System" and has joined the Kerberos realm on the v10.5 Leopard server.
  v10.5 Leopard clients.
  Solution:
  v10.5 User Management manual
  http://manuals.info.apple.com/enUS/User_Managementv10.5.pdf
  says share points for Network Home directories have to have Guest Access ENABLED. See step 5 on page 117 and step 12 on page 118. Note that these are two different settings, but seem consistent with each other.
  I had followed/complied/set Guest Access according to steps 5 (page 117) and 12 (page 118) on BOTH the v10.5 Leopard AND the v10.4 Tiger servers. The solution that allows users to log on normally is:
  Uncheck/disable Guest Access (as set in step 12 page 118) for the v10.4 Leopard server only. Leave "Share this item using AFP" checked. Uncheck "Allow AFP guest access."
  The above worked for me. Your milage may vary. If anyone knows how to report this to Apple for fixing in the server software and/or clarification in User Management manual, please do. If anyone knows that this solution "breaks" other stuff, please post back.

  Other posts that dealt with this same issue and other potential solutions:
  http://discussions.apple.com/thread.jspa?messageID=5700241&#5700241
  http://discussions.apple.com/thread.jspa?messageID=5784186&#5784186
  http://discussions.apple.com/thread.jspa?threadID=1215039&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=9204496&#9204496
  http://discussions.apple.com/thread.jspa?threadID=1522353&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=10226660&#10226660

• Using local home directories and OD

  I'm setting up 10.5 server and OD. I have 10 mac workstations (all 10.4), each with established users and home directories. I have set up new users on the server, in the directory domain the exact same as they are set up on the local workstations (same long name, short name, and password. Obviously they have different UIDs and GIDs). I have user home folder paths set to None, accept the diradmin folder, which is set to /Users.
  When I log in as a OD user other than diradmin from a workstation, I see my home folder as "99". I'm not sure why this is, but it appears to create this home folder locally. I don't like this.
  When I log in as diradmin from a workstation, it creates a folder home folder called "diradmin" on the local mac. This is better.
  Ideally, what I'd like is the home folder always be located on the workstation, even if logging in from a different machine, so preferences, email, tunes, etc. are there. I DON'T want home directories on the server due to bandwidth limitation of our network. I want home directories to say as-is ((on local machines) and just change how users log onto their workstations (using LDAP instead of NetInfo).
  Questions:
  1. Can I have the same long/short name and password on the workstation, and in the shared directory? If not, will just changing the long name be enough to differentiate, or does the short name also need to change?
  2. Is it possible to have my home folders set up as described (living on the local workstation and shared in logging in from a different mac)? If so, how? I've read the apple docs and nothing seems to clearly describe how to do this.
  Thanks much.

  Let me understand what it is you're trying to do.
  You want user 'joe''s home directory to be stored on machine A.
  Any time 'joe' logs in on any machine you want it to connect to his home directory on machine A?
  Likewise, user 'jane' has her home directory stored on machine B.
  When she logs in on any machine you want that machine to connect to her home directory on machine B?
  I don't see the difference between doing this and having all the home directories stored on one central machine - you're still using the network to access each user's home directory from a different machine, except maybe for the times when the user logs on to the machine that hosts their own home directory.
  It doubtless can be done - just set each user's home directory in Open Directory to be the AFP URL that points to the machine with their home directory, but each machine in the network would have to act as an AFP server to share out the home directory, and you wouldn't have any central control of home directory content for backups, etc.
  You'd also need to edit UIDs since that's how all file ownership is tracked. Right now every user probably has the same UID since they're all working on standalone machines. When you move to a central user database that breaks, so you'll need to assign new, unique UIDs to each user in Open Directory, then change all the files in their home directory to match the new UID.

• I need Home directories on local machines, not on server

  I'm setting up 10.5 server and OD. I have 10 mac workstations (all 10.4), each with established users and home directories. I have set up new users on the server, in the directory domain the exact same as they are set up on the local workstations (same long name, short name, and password. Obviously they have different UIDs and GIDs). I have user home folder paths set to None, accept the diradmin folder, which is set to /Users.
  When I log in as a OD user other than diradmin from a workstation, I see my home folder as "99". I'm not sure why this is, but it appears to create this home folder locally. I don't like this.
  When I log in as diradmin from a workstation, it creates a folder home folder called "diradmin" on the local mac. This is better.
  Ideally, what I'd like is the home folder always be located on the workstation, even if logging in from a different machine, so preferences, email, tunes, etc. are there. I DON'T want home directories on the server due to bandwidth limitation of our network. I want home directories to say as-is ((on local machines) and just change how users log onto their workstations (using LDAP instead of NetInfo).
  Questions:
  1. Can I have the same long/short name and password on the workstation, and in the shared directory? If not, will just changing the long name be enough to differentiate, or does the short name also need to change?
  2. Is it possible to have my home folders set up as described (living on the local workstation and shared in logging in from a different mac)? If so, how? I've read the apple docs and nothing seems to clearly describe how to do this.
  Thanks much.

  I had the same question and had some very helpful responses in this thread.
  http://discussions.apple.com/thread.jspa?threadID=1334079&tstart=0

• Getting rid of phantom home directories in WGM

  My users have home directories listed in Workgroup Manager that they are no longer using, but the buttons to edit and remove these entries are grayed out. Even when I try to make a new user with no preset, these entries show up in the list and cannot be modified. I have configured a new share to automount for home directories, and unshared and deleted the old folders, but WGM still insists on listing their paths. Restarting AFP and the server doesn't help.
  How do I convince WGM these folders don't exist?
  Thanks!
  Mitch

  These are automounts you had set up for your user homes, you need to delete the records for them.
  Using the "All Records" (bullseye) tab (enable it in WGM Preferences) delete the outdated entries under 'Mounts".
  - Norbert

• Vsftpd and virtual users - SOLVED!

  I have followed the wiki to build my vsftpd server, which works fine with local users
  However, I wanted to build the server with virtual users, and I have made everything as described in the wiki,
  but it doesn't work - I got a 530 error - Login incorrect.
  I think it should be a problem with the password database file, but how to solve it?
  here's my vsftpd.conf:
  CODE:
  listen=YES
  anonymous_enable=NO
  local_enable=YES
  write_enable=YES
  dirmessage_enable=YES
  xferlog_enable=YES
  connect_from_port_20=YES
  xferlog_file=/var/log/vsftpd.log
  #ftpd_banner=Welcome to blah FTP service.
  chroot_local_user=YES
  pam_service_name=ftp
  guest_enable=YES
  guest_username=virtual
  virtual_use_local_privs=YES
  Last edited by scar (2010-05-07 05:43:33)

  I don't think so :
  cat /etc/passwd | grep virtual
  virtual:x:1002:1002::/srv/ftp:/bin/bash
  ls -l /srv/
  drwxr-xr-x 2 virtual virtual  4096 máj    6 22.20 ftp
  cat /etc/pam.d/ftp
  auth required /lib/security/pam_userdb.so db=/etc/vsftpd_login
  crypt=hash account required /lib/security/pam_userdb.so db=/etc/vsftpd_login crypt=hash

• Pure-ftpd - different permissions for virtual users?

  I seem not to be able to find out how I could declare different permissions for different virtual users. In /etc/pure-ftpd.conf exists one line to declare permissions using
  #umask file:folder
  umask 133:133
  umask matches the numbers to 'UserGroupOthers'.
  Now that virtual ftp users belong to a real existing unix user / group, I wonder who is Users, Group and Others?
  Users = virtual ftp user ?
  Group = virtual ftp group ?
  Others = anonymous visitors?
  How can I tune it, so one virtual user can add files - f.e. to be used by a scan station - while others shall only read, having anonymous disabled?
  This gives me a headache.

  Ok, let me think.  What did I do? 
  I had different users.  User X, Y and Z.
  Then, I had a shared directory above their home directories.
  While in the system, (not in pure-ftpd) I symlinked.
  (Note that doing something in user X's directory, like ln -s ../shared didn't work---I had to do ln -s /usr/home/ftpuser/shared).
  Then, I ~think I played with the permissions on shared and got what I wanted. 
  Then, after a few hours on this, they changed their minds about what they wanted, everyone was allowed to use shared, but different companies had to have their own directories, so I no longer have that config.
  For what it's worth, you can take a quick look at my page
  http://www.scottro.net/qnd/qnd-pureftpd.html
  but I don't think it covers that situation.
  HTH, though I doubt that it did.

• [Solved] Pure-ftpd only virtual users

  Dear arch-users
  I'm using pureftpd from extra. I've created a lot of virtual users for my LAN, everything is working fine.
  But it is possible for system users to log on an see their whole /home/users directory, with their user/pass combo. I've disabled it, by setting the minUID to a very high number, but I think their is a more decent solution for this problem.
  So what is the best solution to only allow virtual-users to log on?
  Last edited by YscO (2007-07-15 10:49:16)

  Solved the case
  # If you want to enable PAM authentication, uncomment the following line
  PAMAuthentication no
  # If you want simple Unix (/etc/passwd) authentication, uncomment this
  UnixAuthentication no

• Multiple simutaneously logged in users accessing AFP home directories?

  Hi,
  Many of our problems are described in this guy's blog:
  http://alblue.blogspot.com/2006/08/rantmac-migrating-from-afp-to-nfs.html
  The basic capability we want is to have multiple simultaneously logged in users to have access to their AFP mounted home directory, which is configured in a sane, out-of-the box setup using WGM and Server Admin.
  Multiple user access could take the form of FUS (fast user switching), or simply allowing a user to SSH into a machine that another user is already logged into and expect to be able to manipulate the contents of her home directory.
  From my extensive searches, I have no reason to believe this is currently possible with 10.4 Server and AFP.
  (here's the official word from apple: http://docs.info.apple.com/article.html?artnum=25581)
  I've read that using NFS home directories will work, though.
  I want to believe that Apple has a solution for this by now (it's been almost a year since we first had difficulty), or at least a sanctioned workaround. If Apple doesn't have one, maybe someone else has come up with something clever. I find it hard to believe that more people haven't wanted this capability! (not being able to easily search the discussion boards doesn't help, though...)
  Thanks for your help!
  Adam

  Parallels Issue. Track at http://forum.parallels.com/showthread.php?p=135585

• How to configure Airport Extreme AFP disk sharing to host multiple users' home-directories (Lion, using autofs)

  I have this working, but only by completely bypassing access control, using guest access with read+write permissions.
  Do I need to buy Lion Server, to do this. All my past unix/linux experience says Lion Server should _not_ be necessary.
  This seems like a simple & obvious setup objective, but it is proving to be harder than I would imagine.
  Setup:
  multiple users, sharing two mac mini's running OSX Lion
  connected to an Airport Extreme (4th gen) with a USB disk shared (either via disk password, AEBS password, or using AEBS user's passwords).
  After much experimentation and web research, I finally have managed to get the mini's to auto mount the Airport Extreme's AFP shared USB disk. Well almost... It only works if, on the Airport, I set the guest access permissions to read+write and select the "Secure Shared Disks" method to "With disk password" or "with Airport Extreme password".  In other words, it only works if I essentially bypass/disable access control by using the guest authentication mechanism to the AFP shared disk.
  On the Lion side of this, I am automounting the users directories via "autofs". The config files for this are
  /etc/auto_master:
  # Automounter master map
  +auto_master            # Use directory service
  /net                    -hosts          -nobrowse,hidefromfinder,nosuid
  /home                   auto_home       -nobrowse,hidefromfinder
  /Network/Servers        -fstab
  /-                      -static
  /-                      auto_afp
  /etc/auto_afp:
  # Automounter AFP master map
  # https://discussions.apple.com/thread/3336384?start=0&tstart=0
  /afp/users -fstype=afp afp://;AUTH=No%20User%[email protected]/Users/
  Then, after rebooting and verifying read+write access to the /afp/users directories, I change each user's home directory: In System Preferences > System > Users & Groups, I right-click over the users to access the Advanced Options, changing the Home directory field to point at the AFP-mounted /afp/users/Users/* home directories.
  I experimented with alternate UAM specifications, as well as both OSX and AESB users & passwords. Using guest access is the only thing that has worked.
  Any pointers would be appreciated...

  Based on lots more experimentation which confirms the information in a parallel discussion (cf. Automount share as non ROOT or SYSTEM user! https://discussions.apple.com/thread/3221944), I have concluded that the Lion 10.7.2 implementation of AutoFS mechanism is broken. I submitted a bug report via apple.com/feedback.
  Work arounds..?
  Earlier I wondered if installing Lion OSX Server was necessary.  The more I contemplate this, the more I am convinced it _should_not_ be necessary. The client-server architecture is clear: my mac's are the file-server client's and the Airport Extreme is supposed to act as the file server. The only thing instaling Lion Server would do (besides enriching Apple.com) is enable me to configure one of the mac's as the file server. This would require it to be "always on" (thus enriching my electric utility as wel).  Okay, an additional benefit would be configuring software RAID disks attached to the Lion server, but Time Machine has worked fine for me in the past, backing up to disks mounted on the Airport Extreme.
  One solution is to create a disk partition for each user and instruct each user to connect / authenticate to the Airport Extreme AFP share at login.  The multiplicity of partitions is necessary since the first user to mount the AFP share, takes ownership of it, blocking other users from accessing that disk partition.  A user can "steal" ownership by reconnecting, but this will leave the other user's applications & open files dangling.
  This disfunctional situation really *****.  Before instaling Lion, I put a 64 GB SSD (solid state disk) in each of our mac's. I did this expecting to easily configure the /Users/* data on external networked storage. I'm having a dejavu "Bill Gates"-ware moment; problems like this were why I abandoned Windoz.
  I will make a few more experiments using the depreciated /etc/fstab mechanism.  Maybe that will bypass the broken-ness of AutoFS...? Alternately, I guess I could also try to run Kerberos authentication to bypass whatever is broken in AutoFS, but that would require a running a Kerberos daemon somewhere.  Possibly I could configure a Kerberos service to run on both my mac's (without installing Apple's Lion Server)...?
  Stay tuned...

• Problem changing the location of multiple users home directories...

  I've just set up a new entry level model iMac for my Mum. Without getting into a discussion about the benefits or otherwise of doing so, I partitioned the hard disk into two with the first partition for the system and the second a scratch disk for files etc. I set up two users, one for my Mum and one for my younger brother. I then copied the users folder across to the scratch disk and in advanced options in the users list set each account's home folder to the relevant user on the scratch disk. This is the same set up as I have on my own system and with which I have no problems and which runs well and cleanly. I have only one account on my system. However on the iMac, the second user (my brother) is unable to write to the new home directory. Downloads don't work and preferences including right click for magic mouse, dock etc are forgotten instantly. It seems there's a permissions issue.
  I've set the machine up this way in order to keep all their files separate from the system after their last Mac got very bogged down. I expected it to work in exactly the same way as my own. Does anyone know how to successfuly set up both user accounts in this way?
  Any advice would be much appreciated...
  Message was edited by: Jimmy Hat
  Message was edited by: Jimmy Hat

  Jimmy Hat wrote:
  I've just set up a new entry level model iMac for my Mum. Without getting into a discussion about the benefits or otherwise of doing so,
  still not advisable though IMO.
  I partitioned the hard disk into two with the first partition for the system and the second a scratch disk for files etc. I set up two users, one for my Mum and one for my younger brother. I then copied the users folder across to the scratch disk and in advanced options in the users list set each account's home folder to the relevant user on the scratch disk. This is the same set up as I have on my own system and with which I have no problems and which runs well and cleanly. I have only one account on my system. However on the iMac, the second user (my brother) is unable to write to the new home directory. Downloads don't work and preferences including right click for magic mouse, dock etc are forgotten instantly. It seems there's a permissions issue.
  how exactly did you copy the home directories? did you do it using drag and drop in finder from one account? then the copied home directories both are owned by that account and the permissions need to be changed. please clarify if that's what you did.
  I've set the machine up this way in order to keep all their files separate from the system after their last Mac got very bogged down. I expected it to work in exactly the same way as my own. Does anyone know how to successfuly set up both user accounts in this way?
  Any advice would be much appreciated...
  Message was edited by: Jimmy Hat
  Message was edited by: Jimmy Hat

• Update from 10.5.6 to 10.5.8 and lost all users and their home directories

  My server has been working flawlessly for many months. I did the upgrade to 10.5.6 and everything has been fine. I decided to do the software update to 10.5.8. When it was finished I could not log in as admin or anyone else. I finally got in as root...then it gave me an error in Workgroup Manager. Said I was not logged in and there was an error of -14008.
  All my users are gone and so is their home directories....I hate to say it but this is ridiculous...doing a simple update and losing all the users? I expect this from Windows but not my xSERVER.
  Does anyone have a fix to correct this? I really hate having to tell all the users tomorrow morning a simple update wiped all their data.
  Carl

  Hi
  I saw your issue and I feel your pain. I did the same upgrade path to 10.6 and found that I had no users!. This is not your typical apple upgrade, the same as all other 10-X from day one. I cheated and used a new drive as I feel that upgrades may cause issues and I also used that as an opportunity to upgrade to a larger hard drive. After booting up on the new system with the upgraded drive I found the same issue to be true. I used the original drive, modified all my users to allow my new admin account to have rights to a user that I called 'move' on the old system. I booted up the old system modified all the users to allow user 'move' then I copied them to the new directory I set up that I called 'move' on the old drive, The next step I set up a new user 'move' on the new system drive and copied all the data from the old system drive 'move' to the new system drive 'move' I created all of my users on the new system drive. I set up all of my user accounts with a simple password 123456 on the new system I copied the users to there new directory. You could restore your backup on spare drive or an external drive with the old OS loaded. Postits on all the users monitors for Monday morning and... grumbling users with all of the data from Friday, get KrispyCreams and leave by the coffee pot [this step i forgot]. The users will talk about how nice it was that you brought doughnuts and not how there login is messed up [ha ha....}
  I know that this is not an elegant or a quick solution but it worked for me and my 36 user accounts. If you know Unix script or Python or Apple script the procedures would be faster as you could batch the whole mess.
  Hope this helps and good luck.

• Users on network home directories hang after sleep

  Hi,
  I have the following problem: I have a 10.5 server with network home directories. I can login from Snow Leopard (10.6.1) however whenever the machine goes to sleep and comes back from sleep, the user hangs then if you wait a bit then it will come with the message that the share has been disconnected and it asks you to manually unmount. It will stay there forever. When you click disconnect, the system will unmount and remount the home directory but in the mean time, Mail will have reported disk i/o errors in the logs and throw errors (ranging from type in your password to 'rebuild index').
  Going through the log files (and verbosity high) it seems that when going to sleep, the system doesn't unmount the network home directory. After it wakes up from sleep it attempts to unmount the home directory share which off course fails because it's in use and then it locks up, after you click disconnect, it says "spins reported" in the logs and goes on with remounting the shares.
  The issue doesn't happen if the user is local. If anybody has an idea as to how this works or if they have it working, please let me know. I have tried just about anything. AFP shares, NFS shares, I have tried with or without the intr, nolocks, locallocks mount options - they all have the same issue. I have even tried another Mac Mini with a fresh install of Snow Leopard.

  I found a possible cause and solution.
  This has been on 10.6.1 with Mac Mini's. Then we got a new Mac Pro with 10.6 out of the (Apple) factory which I updated to 10.6.1, same issue. What I didn't think about is that by default I install a heap of software (including XCode, Adobe CS4 and Office 2008) with customized packages and workgroup manager preferences.
  So I was mucking around with Cocktail (the tool to clean up caches etc.) and I noticed Snow Leopard hung every time after cleaning & recreating some caches. Now that I had a reliable way to hang Snow Leopard I investigated what could cause it.
  I noticed during a PackageMaker session that Adobe CS4 installs a Version Cue startup script in /etc/machinit_peruser.d. I deleted it, rebooted, used Cocktail again and it went all the way through without hanging. Rebooted again, according to the logs it pre-linked & cached the kernel and several kernel extensions and that was it, no more hangs, no more issues logging in after sleep or screensaver.
  So possible causes:
  - VersionCue installs itself as a kernel module or something (the location says "mach" which is the kernel after all) which is not compatible with Snow Leopard.
  - The caches and kernel extensions were 'dirty' out of the box but VersionCue (or something else that interacts with it) blocked my or Snow Leopard's automated attempts to clean them.
  - VersionCue reinitializes (it sits on the network after all) after a sleep or screen saver timeout in a way that gives issues with Snow Leopard