Workgroup Manager resetting passwords OS 10.5.6 Server?

Similar Messages

• Problems using the reset password function on mac osx server.

  Hey ,
  Having problems with the reset password functions on the OSX server. When I try to do through the command line it asks for the old password of the user. So how do I fix the problem? Do I have to log in onto the ldap server as the admin and reset from there or is there an easy fix to make the reset password function work. When I try the reset password function the server is not taking the input when I click on change password. So any helpful suggestions are welcome. Verson OSX lion 10.7.5
  Thanks in Advance,

  Excuse me for misunderstanding your post.  You explicitly stated in your post
  ashdatla wrote:
  through the command line
  and wrote that it asks for the old password.  Server.app is not accessed through the command line, and it does not ask for the old password of the user.
  You might like to try Workgroup Manager instead.

• WorkGroup Manager issues since upgrading to OS X Server 10.4.1.10

  Hi all.
  Since upgrading our XServe [Dual 2.3GHz PowerPC G5, 6GB RAM] to OS X Server v10.4.1.10 I have had an issue where I have to quit the program and relaunch to be able to "see" a newly created network home folder. I need to view it under the Sharing tab so to assign the correct permissions since that has no longer worked since upgrading to server version 10.4.7.
  Long story short is... we have our students home folder on the XServe and their preferences are managed via WGM but they use the Active Directory server for authentication. Basically our school district wanted to create a student account once and be able to use it for Windows or Mac's. Therefore, I export a user from the AD server and import the user into the Mac server ( LDAP domain) and things worked fine 2 years ago when the server was set up but now we have this... any thoughts would be appreciated.

  What was the upgrade from?
  What optical drive model?  (There may be a firmware update on the Apple downloads to deal with Tiger.)
  You might also try an NVRAM reset, as NVRAM is read early, by the machine’s boot firmware, and going back to ground zero can help.  To reset NVRAM, you need to boot into Open Firmware by holding down the cmd-option-O-F key combination until you get the white Open Firmware terminal screen.  Once you are there, enter the following three commands:
  reset-nvram <enter>
  set-defaults <enter>
  reset-all <enter>
  The last command will cause the machine to reboot.  When you next boot, the firmware will generate a new device table and maybe cure the problem.

• Odd Workgroup Manager behavior

  I did a search but didn't have any luck finding info... I work in an academic environment and run a couple of Mac servers. On one, we have multiple port/IPs set up... The IPs are in ascending order. (Note that the school's central computing group maintains all DNS configs and assigns IPs; I am not running my own DNS setup.)
  server.school.edu
  www.server.school.edu
  service1.server.school.edu
  service2.server.school.edu
  When I bring up workgroup manager, I log in as diradmin at server.school.edu, but Workgroup Manager instantly changes the directory display to service1.server.school.edu. And it forces me to create all home directories at afp://service1.server.school.edu.
  Any idea why? Is there a file somewhere I can edit to fix this?
  Thanks in advance to anybody with wisdom to share here.

  You could try to add server.school.edu to your /etc/hosts file. Another alternative is to change the order of the A-records in the DNS so that server.school.edu is listed before the others. If these options don't work, you can always change the url for the home directory manually in WGM.

• Workgroup Manager: Adv, User Password Type grayed out (was Shadow Password)

  I've set Workgroup Manager, Advanced, User Password Type: Shadow Password, Options to inactive after 90 days, fail after 5 attempts, allow user to change password, at least 8 characters every 90 days. Today after user logged in to the console, the user locked herself out remotely via sftp, ssh, & xterm from a WinXP PC running ReflectionX.
  I went to the console, used Fast User Switching to bring up my admin account (her account was still logged in), we reset the password with Workgroup Manager so the red X is no longer on her username.
  However, the Advanced User Password Type: drop down list is blank and grayed out and she can't log in? How do I reset this? The user has a lot of files, I'm afraid to delete and recreate the user account. That seems pretty drastic for an invalid password attempt. I've rebooted and ran Apple Updates for good measure. Any ideas how to put Shadow Password back in that box?

  To unlock the user's account, after backing everything up and noting the user's uid, home dir, groups, etc, we deleted the user in WorkGroup Manager and readded her putting the user id, home dir, etc back the way it was. Everything seems to work again. The home directory files were not deleted when the user account was deleted so everything just reattached.
  Still have no idea how we managed to get things so confused in the first place? The Server UI is so much more complicated and inconsistent from the client OS for dealing with users. The Mac OS X Server for Dummies book I found did not have a troubleshooting section and was no help in resolving this. We ended up contacting the Mac User's Group.
  I was blown away to get an email survey from Apple support asking me to rate my opinion of my help request. I didn't get any help! They told me my 3 years of AppleCare don't apply to the Server OS I installed separately after buying the mac. Mac OS X Server has 90 days of support that I never used but had expired. They offered to sell me a help ticket for $99.
  This has not lived up to the user experience I was hoping to have. I regret the day we "upgraded" to the server. Is there a way to downgrade? Now that there is only 1 unlimited version, we're totally stuck. We have no mac client connected, just PCs via sftp, ssh, vnc, & X windows...

• Workgroup Manager loses all passwords when the Xserver is rebooted

  Hi all.. I'm a newbie with Mac server, an MCSE and former Network Adminstrator of an all Windows domain, now in a mixed environment and responsible for the Mac server/clients as well as the Windows server/clients.
  In January we attempted a migration from Panther server to Tiger/Xserve, on a brand new server. It appeared to have worked, and users were able to log in successfully after being created in Workgroup Manager, and given passwords.
  Our problem is huge!! We cannot reboot this server!! Therefore, we cannot do upgrades, for just one problem. What happens when we reboot is that ALL passworeds in Workgroup Manager have to be entered again!
  Any help will be gratefully appreciated!
  High School XServe Administrator

  Tony,
  I wish to thank you for the helpful comments/suggestions to download the article at:
  http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c3gs4.html
  It was an excellent quick guide that I followed to the letter, and then I called Apple Support and was able to further troubleshoot our server/client connection issues. When I left at the end of the day, the server is in great shape, although we still have some connection issues and tomorrow one of our Mac teachers who used to manage our Mac server will show me how to re-create the shared folders/shares and then add the users to the shares.
  The good news is that the users are now semi-connecting, with the peppermint-stick progress indicator, but then a failure message that refers to the shares.
  Your link to the article was a terrific start for me, and the Apple technician was most impressed that I had already covered all of the suggestions in that article when we spoke.
  Thanks... one more post after a complete success, hopefully tomorrow... which I will probably spend re-creating all users and shares..
  High School XServe Admin

• OAM 10g Reset Password Issue in Password Policy Management

  Hi,
  We are using OAM 10g and we have configured password policy for our application with selecting "Change on Reset" Check Box.
  We have created new user in create user identity tab and when we are logging with new user for the first time, it is not redirecting to the reset password page.
  Can someone shed light on this issue?
  Thanks,
  Ganesh

  Hi Colin,
  As you said, We have configured obpasswordchangeflag in Create User Workflow by setting the default value true.
  We have created new user in create user tab and checked in LDAP Browser as it is showing obpasswordchangeflag =true in newly created user's profile.
  Now, when we are trying to login with new user, it is still not redirecting to the Reset Password Page.
  please find below the url which we have configured in Password Policy Change Redirect URL:
  /identity/oblix/apps/lost_pwd_mgmt/bin/lost_pwd_mgmt.cgi?program=redirectforchangepwd&login=%loginid%%userid%&backURL=%HostTarget%%RESOURCE%&STLogin=%applySTLogin%&target=top&style=style1
  Can you please help me on this issue?
  Thanks,
  Ganesh

• Cannot login with a account created with workgroup manager on local box

  Hi my name is richard and i recentgly acqquired from one of ,y friends a macbook pro with leopard 10.5.7 and I downloaded the server tools to it because workgroup manager gives me more control over user creation and the like.there are three issues that i am facing right now:
  1) I create an account for a user "VERONICA MARS" short name vmars with a password of apple. when I try to login using that account the login window just sits there and shakes its head at me like no no no wrong cridentials.
  2) using the same account vmars i try to reset her password using wgm and it says that it cannot reset the password.
  3) when i try to create the account it tells me that the home directory cannot be created.
  oh and heres a bonus one:
  most of the time in wgm it takes forever to get from one tab to the next and ill have to do a force quit to restore my mkac back to normal.
  if anyone can help with these issues please respond
  thanks in advanced
  richard johnson
  mac fan for life

  Please let us know the username of the account that is giving you trouble.

• My LAPD & kerboros service is stopped and workgroup manager is not working either

  Hi I had to restore from a back up a while ago but the workgroup manager seems to have lost all of the passwords and the LAPD & kerboros service wont start in th open directory mater.
  I have been told that if I make the opendirectory master a stanalone and then back to open dirctory master this will fix the problems.
  Any advice for this server dimwit?
  Cheers
  Bricko

  Have you tried demoting and repromoting? It usually does do the trick. Also, yes, all of the passwords were erased, they do not get saved. They will all need to be reset to something generic, given out to all the users and then have them change their passwords to something personal via the web portal.

• Workgroup Manager

  When I create a new account in workgroup manager and type in a password for that user, it just resets the password to the diradmin's password. I have DNS configured and Kerberos is running. Is there anyway to fix this problem? And when I try to login to the account, it said unable to login to account.
  Thanks

  no i dont think you can, but you can restrict what users can do, so seeing all the tools shouldnt be a problem?

• Unable to authenticate with diradmin in Workgroup Manager

  This has happened before, and I have no idea how it got fixed - too many independent variables...
  Anyway, I cannot authenticate the OD with diradmin even while using Workgroup Manager directly on the server.
  The setup:
  SLS 10.6.8
  Split-brained DNS
       Both public and private FQDNs are the same (myserver.mydomain.com). External DNS maps machine record to my static public IP address. Using an AirPort Extreme router, port fowarding services that I want open to the server. The router provides DHCP via NAT to the local network, with a fixed private IP assigned to the server. The server is running DNS with the same zones, machine records, services and aliases that the public IP DNS has, except mapped to the fixed private IP. DNS checks out with changeip, etc.
       The server is an OD master. Yesterday I exported it, demoted it, and restored it. All services (mail, web, etc.) seem to work fine (although I admit to not using Kerberos on AFP due to another issue).
       I have a wildcard certificate that is generated by GoDaddy (*.<mydomain>.com) which seems to work fine with the hosted websites.
  This is what the password service error log says when I try to log in with diradmin in Workgroup Manager:
  Jan 10 2012 14:01:32    AUTH2: {0x4bbe71ca6b8b45670000000200000002, diradmin} DHX authentication succeeded.
  Jan 10 2012 14:01:32    KERBEROS-LOGIN-CHECK: user {0x4bbe71ca6b8b45670000000200000002, diradmin} is in good standing.
  Jan 10 2012 14:01:32    KERBEROS-LOGIN-CHECK: user {0x4bbe71ca6b8b45670000000200000002, diradmin} authentication succeeded.
  Looks good to me. But I still get the "Information Not Valid for This Server" followed by stuff about invalid login ID or password.
  I did notice in the LDAP log:
  Jan 10 14:13:12 <myserver> slapd[52283]: SASL [conn=18] Failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Key table entry not found)
  And at the last bootup in the directory service error log:
  2012-01-10 08:52:03 EST - T[0x00007FFF7027ACC0] - DNSServiceProcessResult returned -65563
  The other thing I notice when I log into the library in Workgroup Manager FROM THE SERVER, even if I use the FQDN <myserver>.<mydomain>.com that Workgroup Manager says (in the title bar of the window) <myserver>.local.
  I have googled the various errors and messages, and I get folks with all sorts of variations ("change the binding options", etc.) none of which either applied or worked.
  Help?

  Continuing on my quest... I found this Technical note from Apple about re-kerberizing:
  http://support.apple.com/kb/HT3655
  Interestingly, in step 3 where it says to remove realm information from kdc.conf, there wasn't any of my realm information. Argh!
  So I completed all of the steps and executed the slapconfig command. This resulted in:
  bash-3.2# slapconfig -kerberize -f --allow_local_realm diradmin <MYREALM>
  diradmin's Password:
  Could not resolve hostname <MYDOMAIN>
  Skipping Kerberos configuration
  Sounds like a dreaded DNS problem. It had been working correctly, but changeip -checkhostname confirmed a problem. Turns out that there were EXTERNAL DNS servers in the Network preferences in System Preferences as well as on the router. With my Split-brained DNS this caused problems (thank you again MrHoffman). So I changed them both to my DNS server INTERNAL IP address and added the external ones to the Forwarder IP Address in DNS. Now checkhostname -changeip returns a favorable result.
  So after rebooting ran the slapconfig command again and got the same result. Argh. Cleared DNS caches. Still nothing.
  So I tried nslookup.
  nslookup <mydomain>
  Server:                    10.0.8.2
  Address:          10.0.8.2#53
  ** server can't find <mydomain>: SERVFAIL
  Where 10.0.8.2 is the fixed INTERNAL IP address.
  However, nslookup on using the fixed IP address yields:
  bash-3.2# nslookup 10.0.8.2
  Server:                    10.0.8.2
  Address:          10.0.8.2#53
  2.8.0.10.in-addr.arpa          name = <mydomain>.
  Scratching head here... changeip -checkhostname works, nslookup on the IP address works, but nslookup on the host name fails.

• Open Directory - Unable to login Workgroup Manager

  I am unable to login to Workgroup Manager with my diradmin account.
  I know the password is correct.
  This is on Mac OS X Lion 10.7.2
  Everything was working fine last night, but then it stopped functioning.  I am able to see all the users, but they are greyed out.  When I try to login, I get "The login information is not valid for this server" 
  The LDAP log shows a bunch of the same errors that it did not show before.
  slapd[76]: SASL Failure: GSSAPI Error: Miscellaneous failure.
  Please advise.  Thank you.
  Samson

  Try logging in to Workgroup Manager using the local admin account not the diradmin account. If this works, then try accessing the /LDAPv3/127.0.0.1 choice using the diradmin account.

• I can't remember my Apple ID password or my security question answers. When I try to reset my password it wants to send it to my e-mail address but I can't get the e-mail because I don't have security answers or the password. How do I reset password?

  I can't remember my Apple ID password or my security question answers. When I try to reset my password it wants to send it to my e-mail address but I can't get the e-mail because I don't know my security answers or the password. How do I reset password?

  Alternatives for Help Resetting Security Questions and/or Rescue Mail
       1. If you have a rescue email address or a Security Questions issue, then see:
           If you forgot the answers to your Apple ID security questions - Apple Support.
           Manage your Apple ID primary, rescue, alternate, and notification email addresses - Apple Support
       2. Fill out and submit this form. Select the topic, Account Security. You must
           have a Rescue Email to use this option.
       3. This is the only option if you do not already have a valid Rescue Email.
           These are telephone numbers for contacting Apple Support in your country.
           Apple ID- Contacting Apple for help with Apple ID account security. Select
           the appropriate country and call. Ask to speak to the Account Security Team.
       4. Account security issues almost always require you to speak directly to an
           Apple representative to securely establish your identity as the account holder.
           You can set it up so that Apple calls you, either immediately or at a time
           convenient to you.
              1. Go to www.apple.com/support.
              2. Choose Contact Support and click Contact Us.
              3. Choose Other Apple ID Topics and choose the appropriate topic for
                  your issue.
              4. Follow the onscreen instructions.
           Note: If you have already forgotten your security questions, then you cannot
           set up a rescue email address in order to reset them. You must set up
           the rescue email address beforehand.
  Your Apple ID: Manage My Apple ID.
                          Apple ID- All about Apple ID security questions.

• HT2623 how do i delete icloud account on my ipad when my apple ID is non active email and i don't know the password and can't reset password without active email

  how do i delete icloud account on my ipad when my apple ID is non active email and i don't know the password and can't reset password without active email

  If the iCloud account you are trying to delete is old ID that was later updated to change it to your current ID, you can go to https://appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID.  Click edit next to the primary email account, change it back to your old email address and save the change.  Then edit the name of the account to change it back to your old email address.  You can now use your current password to turn off Find My iPhone on your device, even though it prompts you for the password for your old account ID. Then go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud).  Next, go back to https://appleid.apple.com and change your primary email address and iCloud ID name back to the way it was.  Now, if desired, you can go to Settings>iCloud and sign in with your current iCloud ID and password.

• How can I get my @mac email to work? when I try to reset password, i cannot access email for this and the security tells me I have wrong date of birth

  Have used bilmac@mac email address for years last couple of weeks am getting message icloud needs password which it then rejects, when I try to reset password,they want email to verify i cannot access email and the security question is D. O B. it tells me I have wrong date of birth. so I am stumped, any ideas bilmac

  COME ON PEOPLE. (WHY ARE THE LETTERS SO BIG HERE?) I AM VERY OLD AND JUST LIKE THINGS TO STAY THE SAME. I DID NOT, DO NOT, WANT ICLOUD TO DO ANYTHING I HAVE NOT USED IT AT ALL YET IT HAS MANAGED TO MESS UP MY EMAIL ADDRESS WHICH I HAVE BEEN USING FOR YEARS, IT ASKS FOR PASSWORD THEN REJECTS AND WHEN I TRY TO RESET WITH APPLE ID THEY ASK FOR SECURITY AS I CANNOT ACCESS THE EMAIL ADDRESS THEY HAVE FOR ME BECAUSE ICLOUD ASKS FOR PASSWORD, THEN APPLE TELL ME I DONT KNOW MY OWN DATE OF BIRTH, VERY CONFUSING