OS X Server :: How To Get Client To See LDAP (Open Directory)
Nov 22, 2007
I have one client that my server "serves". I just replaced the hard drive and installed 10.5 on it. (So, my server is at 10.4 but the client is at 10.5). I'm trying to get so I can log in. I figured out how to get the client to see the LDAP (or Open Directory). The machine is now "managed". I can tell because the log in screen has my own message on it. When I type in my user name and password, it finds it but then it says that there has been an error. So, its almost working but not quite. Can a 10.5 client work from a 10.4 Open Directory server?
I'm getting ready to migrate our company server to a new server box. I'm doing a complete clean install, and migrating specific information over (we had some corruptions from the initial installation Lion Server). All our users are in LDAP, not the Local directory, and I can't seem to figure out (and don't have the ability to test) if using the Ser Admin app's Archive feature of Open Directory, will include all LDAP information. My understanding is that if I create an archive and restore to it, then all of my users and there information will be put back like nothing happen, but can't get any clarification on it.
I have configured OpenDirectory Service sucessfully to bind to a Windows 2000 Server (AD DC) and setup LDAPv3 etc. When I select the option to run as OpenDirectory Replica and fill in the relevent details for the AD DC and select save I get an error back reporting that it cannot connect to the server using SSH.
I am trying to setup test server with following services:
DHCP
DNS
Open Directory
Profile Manager
Software Update
But not having much of success. I have installed 10.7.3 on virtual machine (Using Fusion 4) on Mac Pro and given a 4 GB of RAM. This machine is running in its own bubble, it has no communication even with host. So I have configured DHCP and DNS services which seems to be working fine (I have confirmed with another client which can get IP and DNS server address from this server).
Now whenever I have tried to run OD setup using both tools (Server App and Admin Tool), it takes forever to configure (more than 1 hour) and then it fails with error saying "check your network settings". I have checked and machine has proper IP address (tried both DHCP and Static) and also used "lookup" utility to resolve the DNS address both ways (forward and reverse).
1) In an environement that contains two directory servers (one master, one replica), how does a client find the replica in the event that the master goes offline?
2) Is there any command to issue from the client side that will return all available directory servers in the domain?
I am getting an error "This service has not been configured as an open directory master. error has occurred! Error value = 13 " while trying to configure a new open directory.
updated to 10.7.4 and cannot turn on my Open Directory service in Server Admin. It's there, but says it is stopped, and it won'y start.After reboot it is still the same.
I have been unable to create an open directory replica from an open directory master.I have created an open directory master in Mavericks and added DNS, file sharing and users etc. I can connect, log in, all is good.I now want to create a replica on another machine for redundancy, yet I have been unable to do so. I have been able to diagnose through the terminal on each machine and get no errors except the following from the intended replica machine: Both Machines are Mac Mini servers, raided drives.
Replica has 8Gb RAM, Master has 16Gb  macsvr1:~ admin$ sudo /usr/sbin/slapconfig -preflightreplica 192.168.0.11 diradmin+0000 Error; Unable to determine the master’s software version  The rest of the terminal looks like this. Open Directory Master  Primary address    = 192.168.0.10Â
[Code] .......
I can verify each machine version and all DNS is fine. Both machines are in identical OS systems. 10.9.4 Server 3.1.2. Network is good as I can ping each machine from the other. ssh is enabled on both yet still i'm unable to create a replica.
We use on our Server the OD. About 25 User can ue with their Account every Computer in the Office. Now wo saw the size of the harddrive has very less free space. When we click Apple-I on the users we see it is very low space uses, but this is because all the private folders are blocked. Is their a way to calculate the Open Directory size of every User Account?Â
I am runnning an office network which is connected to each other and the internet through a Linksys 4-Port Wireless Router which is already DHCP-enabled.
Would it be better to disable the Linksys DHCP and enable DHCP through Server Admin DHCP?
If I use Linksys DHCP how do I setup the DNS and LDAP info listed in Server Admin's DHCP settinegs?
I'm trying to connect my Macbook pro to our Exchange Server 2003 via Entourage. Entourage is asking me for the "LDAP" information, and cannot complete setup without it. But our server doesn't use LDAP configuration.
I've a 10.6 Server. On it, lots of services are enabled such as Address Book Server. I've a copier enable to connect to an LDAP server to have access to mail, fax numbers and more of users/clients. I would like to connect this copier to a user's Address Book. But, user's address book is on the server, and it's a CardDAV address book. Is there a way to have access to this address book trough LDAP?
I have a server in our DMZ that connects to Active Directory LDAP server (non-ssl over 389) but no objects actually show up in the directory editor. I get a green light in my Network Account Server, but queries against LDAP return no results. My end goal is to be able to dictate to Profile Manager what LDAP groups are allowed to enroll devices. I tested on our internal network on a test server and get the same results. Anyone have any luck connecting a Lion Server to LDAP and actually being able to view and utilize users and groups?
I just transferred a group of users from the Local directory to the LDAP directory. There directories are in place and haven't changed, and neither has the size of the email folders in the Library->Server->Mail->Data folder. But now, there are no messages in the directories, including the Inbox. It's empty except for a single message that says "no subject" and has no content.
I'm trying to intergate my companies AD kerberose with the services hosted on a Lion Server in a golden triangle setup. Here's what I've tried so far.Â
1. Bind to AD host.
2. sudo dsconfigad -enablesso
3. Make a Opendirectory Master
4. sudo kinit list, all listed services should point to AD KDC.
When I try to purchase the Lion Server from the App Store it displays a message that OS X Lion is also required uand I have to purchase both even when I am logged in and next to the Server item the client version confirms that I have already purchased it with a "download" button - the app has been downloaded but cannot install it as it is waiting for the app store to download the server components... and what if I just want to use it as a client only? Any suggestions besides the obvious $80 purchase.
I am running an open directory/active directory network. Authentication is from the Windows server 2003 active directory. It has worked fine until the last month. Now clients stop authenticating & when I check the AD plugin it says network accounts are not available. I can force the server to unbind, then renew the binding & everything works great.Is there any work around or fix for this other than upgrading the windows server to 2008?Â
Reguarding Lion Server upgrade strategies: I have a macmini running 10.6.8 client serving Filemaker files, acting as File Server, and running a development web server. It runs as a normal non-admin user (nomad) utilizing a seprate admin account with admin privilages (guardua),for security.  I run multiple shell scripts, apple scripts and Filemaker scripts. Many of which which use hardcoded file locations. Some bash scripts run under the non priv user other under the admin account.  I also have a thrid user account which acts as rsync destination. Considering most files and programs are under the non-privileged user, I'm wondering how this user / admin account set- up will work when transitioning to Lion Server. (?) Will ther server app and scripts work with this set up?  Do I need to upgrade the non-admin user (nomad) to admin privilages? I'm user sure how users and admin users work under Lion Server.Should I upgrade to Lion then to Lion Server? --Or-- perhaps do a clean install of Lion/server then reload from timemachine? Start from scratch?
I have a few labs that will be running Tiger. I have an XSERVE that is running Tiger Server. All of my users are stored on a Windows 2003 server in AD.
I know how to bind an OSX machine to AD. What is the best way to set up my mac labs/Xserve so that when the users log in they get their home folder on the Windows server but have their preferences managed by Workgroup manager?
I am running a 10.7.3 Lion Server bound to Active Directory. There are only several local admin users on the machine; everyone else authenticates against AD. AFP connections work fine, using both local and AD accounts. SMB connections work fine if you use a local account but any AD account is rejected as having the wrong password when connecting via SMB. I've tried using the adusername trick (our AD server is named "ad") even though you're not supposed to need that with 10.7.2 and above... it doesn't help.Â
I have tried both a Windows 7 client and a 10.6 client, specifying SMB as the protocol in the Connect To Server dialog. Both fail, and they also take several minutes before reporting the bad password (the slowness in responding is yet another problem I've read as being an issue). Checking the kdc.log file on the server I see:Â
2012-02-09T09:54:22 digest-request netr: failed user=AD\dlennie DC status code c000006d 2012-02-09T09:54:22 digest-request: netr failed with -1073741715 proto=ntlmv2 2012-02-09T09:54:22 digest-request: od failed with 2 proto=ntlmv2
[code]....
I am using the full DNS name for the server, and on my test clients there are no firewalls or other network issues that would prevent connection to the server. We're mostly Macs here but the Windows users become a rather vocal group when something doesn't go their way. The confusing part to me is that AFP authenticates just fine and SMB doesn't.
i want to learn one think about Mac OS X Server 10.6.i have got 300 clients Windows and i want to setup Mac OS X Server work like a Active Directory same as Windows... (User's Account,Profile ....etc) is it possible with Mac OS X Server or not ?
I'm thinking about purchasing a Mac Mini Server instead of an xServe.It will be used to serve client account http://www.apple.com/server/macosx/f...anagement.htmlWe have 3 iMacs and 1 (possibly 2) Macbooks - there will be 6 client accounts. How will the Mini cope if all 4 clients are logged in at the same time?Or should I just purchase an xserve?
I have updated some of my client machines to 10.4.9. My servers are still 10.3.9. My OD server is also 10.3.9. When my clients log on to the Tiger client machine (mobile users with local home directories) I can't view the loggin items pane in the "system preferences." The "loggin itmes" pane stalls and does not show the items listed. The user accounts seem to work fine and all managed preferences (live default website, several afp volumes logged in, and special dock configurations all seem to work fine. This has happen on all my Tiger client machines and to all OD users. It's weird. Also, all the manged preferences are on the groups the users belong to, not on the user records.
I have a Mac Mini Lion Server which is running open directory. I have several users which I created a while ago and they are able to login to the server from both Lion and SL clients. I created a new user account today and for some reason I am unable to login using the new user account from a SL computer. I've been able to login using a lion client, but SL, no dice. Â
I have a Lion Server running here on my company. Everything works just fine. With screensharing I can access it, I can start the Server app on the server OK> However I cannot open the server app on a client machine.It shows the Name/Password window, but denies access, even with my admin login credentials. I can access the server with Server Admin, but the Server app only works on the host machine. I presume it must be a DNS issue? I do not like to open the server app on the server because it shows, that it uses 40% of the processor ALL THE TIME, which I also think very strange. Â