updated to 10.7.4 and cannot turn on my Open Directory service in Server Admin. It's there, but says it is stopped, and it won'y start.After reboot it is still the same.
View 3 RepliesI am getting an error "This service has not been configured as an open directory master. error has occurred! Error value = 13 " while trying to configure a new open directory.
Info:
Xserve, Mac OS X (10.5.8)
Not able to find the lion software update service in server app
View 1 Replies View RelatedI have a Lion server and am not able to connect over "ssh" from the public ip address side. At some point I think I heard that "ssh" had to be turned on in terminal in order to work. Is this correct? And can anyone provide the terminal command as I have been unable to find it.
Info:
Mac mini, Mac OS X (10.7.4)
I am trying to setup test server with following services:
DHCP
DNS
Open Directory
Profile Manager
Software Update
But not having much of success. I have installed 10.7.3 on virtual machine (Using Fusion 4) on Mac Pro and given a 4 GB of RAM. This machine is running in its own bubble, it has no communication even with host. So I have configured DHCP and DNS services which seems to be working fine (I have confirmed with another client which can get IP and DNS server address from this server).
Now whenever I have tried to run OD setup using both tools (Server App and Admin Tool), it takes forever to configure (more than 1 hour) and then it fails with error saying "check your network settings". I have checked and machine has proper IP address (tried both DHCP and Static) and also used "lookup" utility to resolve the DNS address both ways (forward and reverse).
After a reinstall I can´t config Open Directory Master.
[code]...
Info:Mac OS X (10.7.3)
1) In an environement that contains two directory servers (one master, one replica), how does a client find the replica in the event that the master goes offline?
2) Is there any command to issue from the client side that will return all available directory servers in the domain?
I'm getting ready to migrate our company server to a new server box. I'm doing a complete clean install, and migrating specific information over (we had some corruptions from the initial installation Lion Server). All our users are in LDAP, not the Local directory, and I can't seem to figure out (and don't have the ability to test) if using the Ser Admin app's Archive feature of Open Directory, will include all LDAP information. My understanding is that if I create an archive and restore to it, then all of my users and there information will be put back like nothing happen, but can't get any clarification on it.
Info:
Macbook Pro, Mac OS X (10.7.2)
is it possible to change a local account to a open directory account
Info:
Mac mini Server (Mid 2011), Mac OS X (10.7.4), Lion Server
My company has been happily using FTP for months now. Then, for some reason that I have not yet determined, FTP stopped. I launched Server Admin and found that the service had been stopped. When I tried to click the green button to start it, nothing happened.
I rebooted the machine, looked in logs, replaced config files...nothing. It simply won't start, and I don't know why
Trying to installed JAMF software on Mac Mini server. One of the configuration steps required setting up a database from the terminal but it requires the MYSQL service to be running and I'm unable to get this service to start.
Info:
Mac mini, Mac OS X (10.6.3)
I have configured OpenDirectory Service sucessfully to bind to a Windows 2000 Server (AD DC) and setup LDAPv3 etc. When I select the option to run as OpenDirectory Replica and fill in the relevent details for the AD DC and select save I get an error back reporting that it cannot connect to the server using SSH.
View 2 Replies View RelatedI have one client that my server "serves". I just replaced the hard drive and installed 10.5 on it. (So, my server is at 10.4 but the client is at 10.5). I'm trying to get so I can log in. I figured out how to get the client to see the LDAP (or Open Directory). The machine is now "managed". I can tell because the log in screen has my own message on it. When I type in my user name and password, it finds it but then it says that there has been an error. So, its almost working but not quite. Can a 10.5 client work from a 10.4 Open Directory server?
View 5 Replies View RelatedI have a question about set up mac os x server.
I have windows 2000 terminal server with active directory, now I want to set up mac os x server to share files, mail server and other service.
I don't know if I set up open directory as Standalone server or master!
what do you advise?
I want to log in on mac os x server from win Terminal server.
I'm setting up a tiger server to serve software updates to the clients, but the server doesn't seem to want to serve the updates. The client can connect to the server, but then shows the user a message saying the computer is up to date. I know that is not true, and I have all the updates mirrored, so why is it not working?
If nobody has any idea, is there somewhere that says exactly what the software update client goes through to check if there are updates available, so I can follow it manually?
I work remotely a lot. After I upgraded to Lion server, I am unable to connect to the VPN service remotely unless I physically go over to the server (mac pro) and log into the desktop manually.Â
Previously, if my Snow Leopard server restarted (due to power failure, etc) and it re-booted up to the login screen, I could still logon to the VPN remotely as the VPN service would always startup (at the login screen) without a user having to be logging in. Â
Now, with Lion Server (10.7.4), if the server restarts, I cannot login back to the VPN. I have to get someone to go over to the server and manually login, then I can access VPN just fine. (I do not, and will not turn automatic login on on my server due to the huge security risk.)Â Â
How do I get the Lion Server VPN service to startup before or at the logon screen even if no user is logged in?
I am running a 10.7.3 Lion Server bound to Active Directory. There are only several local admin users on the machine; everyone else authenticates against AD. AFP connections work fine, using both local and AD accounts. SMB connections work fine if you use a local account but any AD account is rejected as having the wrong password when connecting via SMB. I've tried using the adusername trick (our AD server is named "ad") even though you're not supposed to need that with 10.7.2 and above... it doesn't help.Â
I have tried both a Windows 7 client and a 10.6 client, specifying SMB as the protocol in the Connect To Server dialog. Both fail, and they also take several minutes before reporting the bad password (the slowness in responding is yet another problem I've read as being an issue). Checking the kdc.log file on the server I see:Â
2012-02-09T09:54:22 digest-request netr: failed user=AD\dlennie DC status code c000006d
2012-02-09T09:54:22 digest-request: netr failed with -1073741715 proto=ntlmv2
2012-02-09T09:54:22 digest-request: od failed with 2 proto=ntlmv2
[code]....
I am using the full DNS name for the server, and on my test clients there are no firewalls or other network issues that would prevent connection to the server. We're mostly Macs here but the Windows users become a rather vocal group when something doesn't go their way. The confusing part to me is that AFP authenticates just fine and SMB doesn't.
Info:
Mac Pro, Mac OS X (10.7.3), OSX Lion Server
The functionality was part of the Server App in Lion Server but was not included in Lion.Â
Info:
iMac, Mac OS X (10.7.2), Lion Server
How do I change the ports Open Directory runs on? Is there an LDAP config file somewhere? I need to change port 636 to something else
View 1 Replies View RelatedI have been unable to create an open directory replica from an open directory master.I have created an open directory master in Mavericks and added DNS, file sharing and users etc. I can connect, log in, all is good.I now want to create a replica on another machine for redundancy, yet I have been unable to do so. I have been able to diagnose through the terminal on each machine and get no errors except the following from the intended replica machine: Both Machines are Mac Mini servers, raided drives.
Replica has 8Gb RAM, Master has 16Gb  macsvr1:~ admin$ sudo /usr/sbin/slapconfig -preflightreplica 192.168.0.11 diradmin+0000 Error; Unable to determine the master’s software version  The rest of the terminal looks like this. Open Directory Master  Primary address    = 192.168.0.10Â
[Code] .......
I can verify each machine version and all DNS is fine. Both machines are in identical OS systems. 10.9.4 Server 3.1.2. Network is good as I can ping each machine from the other. ssh is enabled on both yet still i'm unable to create a replica.
We use on our Server the OD. About 25 User can ue with their Account every Computer in the Office. Now wo saw the size of the harddrive has very less free space. When we click Apple-I on the users we see it is very low space uses, but this is because all the private folders are blocked. Is their a way to calculate the Open Directory size of every User Account?Â
View 2 Replies View RelatedI recently installed osx lion server and I dont have the web option as a service in the server app. It isnt in the left side pane with all the others. Its just not there, nor in the menu bar.How can I activate this? Why isnt the server app offering the web service? I cannot add websites or even get started with the web service at the moment.
Info:
lion server, Mac OS X (10.7.2)
With Lion Server Apple killed the FTP Service & GUI to configure the FTP. In the NET I found plenty of description how to enable to ftp, but I found nothing how to configure the sharepoint and ftpusers with the command line. Is their any instructions around. We need to use ftp for some industrial machines we do not offer SFTP. We tried also the Rumpus FTP Server but this isn't stable enough.
Info:
MacBook Pro 17, Mac OS X (10.7.2), 8 Gb RAM, 750Gb HD
I've recently upgraded to Mac OS Lion Server, and I'm having a big problem that's keeping me from finishing my last bit of work on a project. I've been trying to create network users so that they can sign in on any computer, and access their files via the server, but I've been told time and time again to create a Directory Administrator.Â
When I try to create one, I get this error
Everything is running very, very slowly. In the Terminal, top shows me that process 15, DirectoryService, is using between 45 and 248%(!) of my cpu, and hdiutil is also using much more than I expect. What is causing this, and, more importantly, how can I make it stop. It is making my computer unusable.
It doesn't seem to matter what applications are running or if I have Web Sharing on or off. I suspected it was the flood of attempted logins from having Web Sharing on, but turning it off doesn't make any difference.
System Profile
Mac OS X 10.6.5
Model Name:MacBook
Model Identifier:MacBook3,1
Processor Name:Intel Core 2 Duo
Processor Speed:2.2 GHz
Number Of Processors:1
Total Number Of Cores:2
L2 Cache:4 MB
Memory:4 GB 667 MHz DDR2 SDRAM
Bus Speed:800 MHz
Boot ROM Version:MB31.008E.B02
SMC Version (system):1.24f3
I have two Lion 10.7.3 servers joined to my company's AD. These servers provide SMB/AFP file services to users. They have been working successfully until a week ago when a change in AD was made. Now Windows (7 or XP, doesn't matter) clients cannot connect to the server using the DNS name, only the IP address. Mac OS X clients are not affected by this, i.e. they can use the DNS name fine. All clients are on AD too. What I observe from a Windows 7 client is, I open Windows Explorer, type \xserver in the address bar, hit enter, & it denies my connection immediately. If I do the same thing with the IP address (\10.0.1.10), it lets me in immediately.
For Windows clients, I have tried both the short DNS name as well as the FQDN, & neither work. The DNS name on the server itself is fine, verified by "changeip -checkhostname". Whatever changed in AD caused the Lion servers to start doing this because they both started exhibiting this behavior at the same time. The only info I've been able to get regarding what changed in AD from the domain admins was "We changed the UPN fromuser@domain.example.com to Firstname.Lastname@example.com", in other words, to their email address. In the system logs, here's an attempt to connect from a Windows client using the short DNS name:
Feb 20 09:24:39 xserver rpcsvchost[32619]: sandbox_init: com.apple.msrpc.netlogon.sb succeeded
Feb 20 09:24:39 xserver sandboxd[32620] ([32619]): rpcsvchost(32619) deny file-read-metadata /Library/Managed Preferences
Feb 20 09:24:39 xserver sandboxd[32620] ([32619]): rpcsvchost(32619) deny file-read-metadata /private/var/root
Feb 20 09:24:39: --- last message repeated 3 times ---
[Log] .....
Why only the DNS name doesn't work.
Info:
Xserve, Mac OS X (10.7.3)
I am managing a bunch of Macs and we are using Active Directory groups to assign certificates for 802.11x. I am binding the device to AD using JAMF software and was wondering if I could use a script to then add the deive to an active directory group.Â
Info:
iMac, Mac OS X (10.7.2)
I have several messages "Module: SystemCache Misconfiguration detected in hash 'Kerberos'" in my System Logs. Having browsed the forums, I found this most likely to be caused by User Records in the local LDAP database created with Workgroup Maager instead of Server.app. [URL]I wanted to fix these entries with the directory editor pane but the tool fails to connect toDirectory service /LDAPv3/127.0.0.1/.If I supply wrong user credentials, the message indactes a wrong username or passworf, but if I give the right credentials for the administration user of the LDAP directory, it simply sais "failed to connect (5000)". how I can convince the directory editor to let me edit the database?
View 1 Replies View RelatedI have been reading through the Lion Server pages for Active Directory and came across the following question. Does the procedure listed in the URL below allow the users whose Macs are joined to the OS X server, to login with Active Directory credentials. Pass-through auth. for lack of a better term. [URL]...The procedure reads as if it is just joining the server to the domain and not configuring authentication.Â
Info:
Mac OS X (10.7.3), 8GB RAM, 500GB HDD
I've got a new Mac Mini Server that I'm using to set up file sharing for the first time. I've enabled OpenDirectory and verified that the users I'm creating are being created in (they show up in the Server app and Workgroup Manager app, but not in System Preferences | Users).Â
File sharing seems to be working fine, but I don't like the fact that each user has access to their home folder share when they connect to the server using a mac elsewhere on the network. I prefer only the shares I explicitly set up to be available.Â
Thus, a couple questionsWhy is there a home folder created on the server at all? Do I really need a /users/johndoe folder for each and every account in OD?How can I configure sharing such that I won't see the home folder when I connect from another mac on the network? I don't want to leave little "cubby holes" for my users to stuff files into
