The padlock under 'Directory Utility' isn't functioning

Similar Messages

• Where is Directory Utility or it's heir in Yosemite. Want to put icon in dock to get at root.

  I want to put an icon in the dock, for Directory Utility or it's Yosemite heir. Can't see it in Core Services. Is it now a hidden file?  Spare me the lecture on the evils of the root user please. My usual idea is to enable root temporarily.

  Hi Robert,
  Hmmm,  I'm still seeing it in my System > Library > CoreServices > Applications.
  You can also try the steps in this article, which still apply.
  OS X Mavericks: Enable and disable the root user
  Take care,
  Nubz

• The padlock symbol isn't appearing when I proceed to enter my credit card details

  I've noticed since updating firefox to the current version, the secure padlock symbol isn't appearing when I purchase something online. I have made one transaction like this but am now concerned my details aren't safe! Please could you advise me

  In Firefox 4 you no longer have the Status bar that showed the padlock in previous Firefox versions.<br />
  The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.<br />
  So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.<br />
  The functionality of the padlock has been replaced by the [[Site Identity Button]] on the left end of the location bar.<br />
  See also:
  * http://www.dria.org/wordpress/archives/2008/05/06/635/
  * https://support.mozilla.com/kb/Site+Identity+Button
  You can use this extension to get a padlock on the location bar.
  *Padlock: https://addons.mozilla.org/firefox/addon/padlock-icon/

• I have an external hard drive from my time capsule that stopped working on me. I am attempting to access the data with a hard drive reader on my MAC. I am able to see the drive in disk utility and under system info USB. But I am unable to access the data.

  I have an external hard drive from my time capsule that stopped working on me. I am attempting to access the data with a hard drive reader on my MAC. I am able to see the drive in disk utility and under system info USB. But I am unable to access the data and it does not show on the desktop when connected.

  Ok if disk utility was able to verify the drive I doubt there is any problem.. are you trying to open a TM backup??
  You need to mount the sparsebundle then check the actual info inside the bundle.
  Don't use disk warrior.. if the disk has verified then unless you deliberately deleted files there is nothing that is going to do.
  Pondini has a lot of stuff about getting access to the sparsebundle.
  http://pondini.org/TM/17.html
  But if you have copied info to the TC that is now gone.. and the disk is ok.. I am not sure.. the TC will not have deleted the files itself.

• Trouble getting the default  user directory under Windows XP

  I m trying to get the default user directory under windows XP SP3.
  To do so, I'm using
  System.getProperty("user.home");
  I was expecting to get a path like "C:\Documents and Settings\user", nstead of that I get "C:\Documents and Settings\user\Destop".
  I checked the %USERPROFILE% and %HOMEPATH% window's environment variables and both of them are correctly set ( set to "C:\Documents and Settings\user").
  Is there any way to get the right path other than using : System.setProperty("user.home", "C:\\Documents and Settings\\user"); ?

  Thanks WalterLaan,
  The System.getenv("USERPROFILE") method will, at least, fix the problem under win XP.
  I guess i'll have to write a more refined method to be able to deploy my application under differents OSes.
  Regards.

• I have tried to transfer Mail from iMac to Macbook pro. It isn´t functioning, the program always hang up.

  I have tried to transfer Mail from iMac to Macbook pro. It isn´t functioning, the program always hang up. Mac OS 10.9.4.

  Tried how? Using what? Step-by-step details and the results you get along way should elicit a cogent response.
  iMac refurb (27-inch Mid 2011), OS X Mavericks (10.9.4), SL & ML, G4 450 MP w/Leopard, 9.2.2

• Directory Utility keeps telling me the name and password do not match

  Installed Leopard Server on my Mini a few days ago, and I enabled Open Directory server.
  Added the server in my home network with directory utility on my laptop, and it works perfect both when I'm on the local network, and when I'm elsewhere.
  Tried doing the same at my Leopard iMac at work today. Finds the server just fine, but when trying to configure my machine locally I get an error message during Authentication that simply says "The name and password you entered for the user account on the server do not match".
  Now. I KNOW the username and password is correct. And I have the same username and password on this machine (both the long name, and the short one).
  So what am I doing wrong here?

  Christian,
  I've experienced similar issue recently. The most likely solution will be to delete the user and recreate it using same uid and username. I'm going to look for other solutions prior to that.

• How do I close the Directory Utility Window?

  The Directory Utility window was opened and I have not been able to close it.
  Upon restarting, a pop-up message reads that the window must close in order to complete the operation.
  Only the minimize (yellow) button is available for click and the Systems Preference window is closed.

  Click on Tools.

• I've accidentally deleted the System Administrator entry in Directory Utility. How do I recreate it?

  How do I recreate the "System Administrator" entry in Directory Utility. It was accidentally deleted.

  If you see this article: http://www.stupidlittleblog.com/2011/technology/apple/mac-os-x-lion/mac-os-x-lio n-root-user-sigin-error/#.To_DWOsb6jV
  I was having the same root user password login problem.
  So I followed the instructions in it, but instead of deleting "AuthenticationAuthority" setting for System Administrator, I accidentally deleted the whole "System Administrator".
  Therefore, I'll need to recreate the "System Administrator" entry in the Directory Utility. Maybe you can send me a screen capture of the System Administrator settings so I can try to recreate it. Or else if you know how I can recreate is (maybe from Terminal command line), it will be appreciated.
  Thanks.

• I just downloaded FF4 and now the "SEARCH" tab located at the center of my home page isn't functional. I unisntalled and reinstalled but the result is the same.

  Question
  I just downloaded FF4 and now the "SEARCH" tab located at the center of my home page isn't functional. I uninstalled and reinstalled but the result is the same.

  I think what I did was right clicked on the toolbar when I went to the tab and properties to find out the name of it. I then opened the extensions and add-ons and found what it was there (I don't remember the extension)., You will find the mess involves the homepage tab you have. Click on your tool bar for customization and put the home page away. This doesn't remove it but it will stop bing from showing up. Instead, my tabs now go to a Google page but I can't put in a homepage. Instead I bookmarked Google to my menu bar and when I open a tab I just click that! Cheaper than a trip to a computer vet.
  The only option you will have is to remove google, but if you do, you loose all your goodies. Though I did not try this myself, I fear saving your tabs,bookmarks , etc. will store with it, whatever this bing thing is. Hope this helps

• I face issue 16 in my iPad it is not working I connected it to the MAC to update or restore i face the same issue the iPad under Guarantee but in my country their isn't representative for Apple can you help me ??

  I face issue 16 in my iPad it is not working I connected it to the MAC to update or restore i face the same issue the iPad under Guarantee but in my country their isn't representative for Apple can you help me ??

  Resolve iOS update and restore errors - Apple Support
  and
  iPhone 4 restoring error (16)

• Under firefox 4 i no longer see the padlock icon in the lower right of the screen when i log onto a secure site

  The padlock icon is no longer visible for any site that requires a login

  One of the main principles of Human Computer Interaction [HCI] is that there should be immediate visibility to the system's status. Forcing the user to "click" the identity site key and try to locate the lock-pad encryption icon is poor design. The icon has become a default standard expectation of the INTERNET user community across browsers. Internet Explorer, of which, I'm not a fan - has done away with a bottom bar, yet retained the padlock in the top right of the menu bar [it is conditionally displayed only when the site is secure]. Firefox has made a fundamental UI mistake, and amazingly trumped by the generally inferior Microsoft team. Don't follow the FF team and parrot the propaganda - 'yea we screwed up but you can determine the same thing by taking several extra steps- because we are FF team and you are just the peon users". Death of the open source community?

• A question viewing certifcate information via the padlock symbol in IE 11 (works on Chrome brower)

  Hello All
  Can someone please help me with the following questions,
  J
  1:
  I have a CA whose CA certificate has an Issuance (aka certificate) Policy.
  Next I created a CSR for a WEBServer certificate, I created the CSR by first creating a .inf (request file) containing the usual including the following
  [RequestAttributes]
  CertificateTemplate=WebServer
  OID=1.3.6.1.5.5.7.3.1
  IssuancePolicy="My Certificate Policy"
  OID=1.3.6.1.4.145389.1.1.1
  Turned the above into a CSR (base64 encoded) then submitted and retrieved the relevant certificate from the CA
  If I open the certificate flat file the resultant certificate has the relevant Issuance Policy listed under the section
  ‘This certificate is intended for the following purposes’
  So all good so far
  Next I install the certificate to the WEB Site and bind it etc. When I go the WEB Site e.g.
  Https://TestSite the certificate works and the traffic is encrypted etc… e.g. click on the padlock in Internet Explorer provides the expected information, but when I click on View Certificate via this padlock symbol; in Internet
  Explorer the certificate come up OK but under
  ‘This certificate is intended for the following purposes’
  It does not show my issuance policy e.g. just the standard application policy for a WEBServer cert.
  If I then look under the details/extensions tab of the certificate it does show certificate policy under the certificate policies extension, so looks OK from the extensions tab, but policy does not show up under ‘This certificate is intended for the following
  purposes’ when certificate is viewed via padlock on IE but does show up if I open the certificate flat file (either original certificate file or copy to file then view certificate as a flat file).
  The OID for the policy is registered in both active directory and local OID databases.
  So the question is why do I not see the issuance policy when viewing cert via padlock in IE but does when viewing flat file.
  I am using IE 11.x
  When doing the same thing from Chrome browser the certificate policy does show up OK, therefore is this a possible bug with IE 11.x
  Thanks All
  AAnotherUser__
  AAnotherUser__

  Hello Brian
  Thanks for the reply,
  The OID is in the Issuing CA Certificate (online CA) e.g. was part of the CAPolicy.inf file when installing the Issuing CA. The OffLine Root and OffLine Policy CA have the All Issuance Policy set in their CA Certificates.
  briefly as mentioned above when opening the cert (.cer) as a flat file by double clicking on it you can see the Issuance Policy listed as expected. When viewing the same cert via Internet Explorer (v11.x) PadLock > View Certificate it shows the Application
  Policy, but not the Issuance Policy (e.g. in the general tab) but does show the Issuance Policy under Extensions Tab. If I use Chrome, click on the PadLock > View Certificate it does show the Issuance Policy (as it always does when opening the flat
  file).
  Therefore was kind of wondering if a Bug in IE, when doing a CertUtil -f -urlfetch -verify Cert.Cer it passed all tests and shows it was validated against the Issuance Policy OK, therefore  perhaps bug in IE
  No big deal, just wanted to know if any one else saw this or was another explanation
  Thank you
  AAnotherUser__
  AAnotherUser__

• "The home folder...isn't located in the usual place or can't be accessed" after 10.9 AD bind.

  Okay a little backstory here because I'm trying to eliminate or identify what I feel might be a bug in OS X Mountain Lion and Mavericks.  Just FYI, I'm not our institution's AD admin, I just have rights to bind and query for this and that, but I can't make changes or really investigate our AD domain server/s:
  So we're an educational institution with lots of adjuncts that come and go each year.  Recently in August, I had about 5 cases where these adjuncts couldn't log in because of a cryptic "login failed" error.  I have my macs setup to create mobile accounts without confirmation.  I don't want ANY syncing going on just local user accounts created, but something in the profile creation process demands access to their network home folder.  Well these 5 users were brand spanking new and somehow didn't have permissions to their own network home folders that everyone else hasn't had a problem with before.  I had our admins fix the permissions, and they were able to login thereafter.  Our admins are still looking for what might have caused this, but still don't know....
  Recently I've been testing the same AD bind script I've always used on Mavericks.  It's a simple bash "dsconfigad" customized for our institution.  It seems to work successfully but on the login screen I get no usual "arrow" that allows me to back out and click "Other" and login to AD.  I reseated the Ethernet cord and checked the AD configuration in Directory Utility - it was all set correctly as per the script parameters.  When I clicked OK and exited out to the login screen, the Other option was working correctly.  I was able to login with my own credentials just fine.
  I needed to tweak my image a little so I wiped and reloaded the machine with the new image (nothing relevant to binding and users was changed).  Got the same "no arrow" issue and tried the same steps, which again worked after some monkeying around.  I tried to login with my credentials - failed.  Now I get "The home folder for user 'my username' isn't located in the usual place or can't be located."  I went into a local user admin account and tried to add my home folder manually, nogo.  I logged onto a windows machine and tried to mount the same home folder in Windows - access denied - this is the SAME type of thing that ended up happening to my adjuncts.  I don't know if they are related but it's certainly a strange coincidence.
  How could testing AD binds change my home folder permissions, or possibly even corrupt the folder altogether?  The network share/home folder that our macs smb communicate with as per the bind settings are on a windows server (to the best of my knowledge).  My guess previously with the adjuncts error is that despite the fact that I don't need or want the profiles created to sync, the default options turns this on for mobile accounts even though it doesn't select any actual folders for syncing, but because it still tries some sort of "handshake" or something initially, first logins fail without network home folder permissions.  Now it seems like something in the initial profile creation process might actually be corrupting the network home folder or changing its permissions.
  I would post the bind script but I'm not sure it's relevant, as another mac admin in a different area ran into the same error with one of his new users and he bound manually, not with a script.
  I'm kind of new to this sysadmin stuff, so does anyone have any ideas or suggestions to track down the cause of this and possibly fix it?  The network share admin can fix my permissions, but if I could break it when it was working once, I foresee this happening again.

  Here's the script I used previously that is not connecting to AD "completely" that causes the errors mentioned (I'm replacing institution info with "xxx"):
  echo -n "This computer needs to be renamed and bound to Active Directory.  Please enter the XXX Inventory Number from the affixed XXX label on the machine: "
      read userinput
      echo -n "Enter the XXXAdmin password (you will still be asked to enter this for system configuration changes): "
      read -s xxxpassword
      scutil --set ComputerName $userinput
      scutil --set LocalHostName $userinput
  # Active Directory Bind Script For OS X Client
      # Modified by Wade Wei according to previous popular bind script
      # Adapted for xxx by xxx
      echo "Binding to Active Directory…"
      echo -n "Enter AD admin username: "
      read adusername
      echo -n "Enter AD admin password (please wait after password submitted, do not press any keys): "
      read -s adpassword
      #Basic parameters
      computerid=$userinput
      fqdn="ad.xxx.edu"
      username=$adusername
      password=$adpassword
      #Advanced parameters
      alldomains="enable"
      localhome="enable"
      protocol="smb"
      mobile="enable"
      mobileconfirm="disable"
      useuncpath="enable"
      user_shell="/bin/bash"
      admingroups="domain admins,enterprise admins,xxx,xxx"
      namespace="domain"
      packetsign="require"
      packetencrypt="require"
      localuser="XXXAdmin"
      localpassword=$xxxpassword
      # Bind to AD
      echo "Binding to AD - do not interrupt…"
      dsconfigad -add $fqdn -username $username -password "$password" -computer $computerid -force -packetencrypt $packetencrypt -localuser $localuser -localpassword $localpassword
      sleep 5
      #Configure advanced options
      echo "Configuring AD for Mac OS X…"
      dsconfigad -localuser $localuser -localpassword $localpassword -alldomains $alldomains -localhome $localhome -groups "$admingroups" -mobile $mobile -mobileconfirm $mobileconfirm -namespace $namespace -packetsign $packetsign -useuncpath $useuncpath -protocol $protocol -shell $user_shell -nopreferred
  Can anyone tell me if I need to update the script for Mavericks, and how?  Or should this be working and the bug is in Mavericks itself?

• EDSPermissionError(-14120) problems with LDAP, SSL and Directory Utility

  Hello everyone,
  Apologies for the repost but I think I may have made a mistake by posting this originally in the Installation, Setup and Migration forum instead of the Open Directory forum. At least I think that may be why I didn't receive any responses.
  Anyway, I've been trying to get my head around Open Directory and SSL as they are implemented in Mac OS X Server 10.5 Leopard, and have been having a few issues. I would like to set up a secure internal infrastructure based around a local Certificate Authority that signs certificates for other internal services like LDAP, email, websites, etc.
  I only have one Mac OS X Server and it is kind of a small office so I have gone against best practice and simply made it a CA (through Keychain Utility). I then generated a self-signed SSL certificate through Server Admin, and used the "Generate CSR" option to create a Certificate Signing Request. This went fine, but I did have some problems signing it with the CA, because the server documentation suggested that once I signed it it would pop open a Mail message containing the ASCII version of the signed certificate - it did not, and it took me a loooong time to realize that I could simply export the copy of the signed certificate it put in my local Keychain on the server as a PEM file and paste this back into the "Add Signed or Renewed Certificate from Certificate Authority" dialog box in Server Admin. Hopefully this can be fixed in a forthcoming patch, but I thought I would mention it here in case anyone else is stuck on this issue.
  Once I did this I was able to use this certificate in the web server on the same machine and sure enough I was able to connect to it with with clients who had installed the CA certificate in their system Keychains without getting any error messages - very cool.
  However, I haven't had quite as much luck getting it going with LDAP/Open Directory. I installed the certificate there as well, but have run into a number of problems. At first I could not get clients (also running 10.5.2) to talk to the server at all over SSL, receiving an error in Directory Utility that the server did not support SSL. I eventually discovered that the problem seemed to lie in the fact that the OpenLDAP implementation on Leopard is not tied in with the system Keychain, necessitating some command-line voodoo to install a copy of the CA cert in a local directory and point /etc/openldap/ldap.conf at it, as documented here: http://www.afp548.com/article.php?story=20071203011158936
  This allowed me to do an ldapsearch command over SSL, and seemingly turn SSL on on clients that were previously bound to the directory, and additionally allowed me to run Directory Utility on new clients and put in the server name with the SSL box checked and begin to go through the process of binding. Once this seemed to work, I turned off all plaintext LDAP communication and locked down the service by checking the "Enable authenticated directory binding," "Require authenticated binding," "Disable clear text passwords," and "Encrypt all packets" options in Server Admin. However, I am now running into a new problem, specifically that I cannot successfully bind a local account to a directory account over SSL.
  Here's what happens:
  1) I run Directory Utility, (or it auto-runs) and add a server, typing in the DNS name and clicking the SSL box.
  2) I get asked to authenticate, and type in user credentials, including computer name (incidentally, should this be a FQDN or just a hostname?)
  3) Provided I put admin credentials in here and not user-level credentials, I get taken to the "Do you want to set up Mail, VPN, etc.?" box that normally appears when you autodiscover or connect to an Open Directory server.
  4) I click through, and am asked for a username and password on the server, as well as the password for my local account.
  5) When I put this information in, I get a popup with the dreaded "eDSPermissionError(-14120)" and it fails.
  Checking the logs in Server Admin reveals nothing special, and while I have seen a couple other threads on this error and various other binding problems:
  http://discussions.apple.com/thread.jspa?messageID=5967023
  http://discussions.apple.com/message.jspa?messageID=5982070
  these have not solved the problem. In the Open Directory user name field I am putting the short username. I have tried putting [email protected] and the user's longname but this fails by saying the account does not exist. For some reason it does seem to work if I bind it to the initial admin account I created, but no other user accounts.
  If I turn all the encryption stuff off I am able to join just fine, so I am suspecting that the error may lie in some other "under the hood" piece of software that doesn't get the CA trust settings from the Keychain or the ldap.conf file, but I'm stymied as to which piece of software this might be. Does anyone have any clues on what I might be able to do here?
  Thanks,
  Andrew

  Hard to tell what is happening without looking at the application
  source, knowing what OS & hardware you're using etc. You might want to
  try running with different JVM versions to see if it's actually the VM
  that is the problem. If you have a support contract with BEA you could
  ask support to help you diagnose this.
  Regards,
  /Helena
  Ayub Khan wrote:
  I have an application running on Weblogic 8.1 ( with JRockit as the JVM). This
  application in turns talks to an iPlanet Directory server via LDAP/SSL. The problem
  seems to happen on loading the machine..the performance progressively gets worse
  and after a couple of seconds, all the threads stop responding. I checked the
  heap, cpu and the idle threads in the execute queue and there is nothing there
  to trigger alarms...there are quite a few idle threads still and the heap and
  the cpu utilization seem OK. On doing a thread dump, Is see that all the other
  threads seem to be in a state where they are waiting for data from LDAP and it
  is basically read only data that they are waiting on.
  Does anyone know what it is going on and help point me in the right direction.
  -Ayub