OS X Server V10.6 Snow Leopard :: Server Loses Active Directory Binding?
May 15, 2012
I am running an open directory/active directory network. Authentication is from the Windows server 2003 active directory. It has worked fine until the last month. Now clients stop authenticating & when I check the AD plugin it says network accounts are not available. I can force the server to unbind, then renew the binding & everything works great.Is there any work around or fix for this other than upgrading the windows server to 2008?Â
Info:
OS X server, Mac OS X (10.6.8)
View 2 Replies
ADVERTISEMENT
Dec 15, 2006
I have a few labs that will be running Tiger. I have an XSERVE that is running Tiger Server. All of my users are stored on a Windows 2003 server in AD.
I know how to bind an OSX machine to AD. What is the best way to set up my mac labs/Xserve so that when the users log in they get their home folder on the Windows server but have their preferences managed by Workgroup manager?
View 1 Replies
View Related
Feb 9, 2012
I am running a 10.7.3 Lion Server bound to Active Directory. There are only several local admin users on the machine; everyone else authenticates against AD. AFP connections work fine, using both local and AD accounts. SMB connections work fine if you use a local account but any AD account is rejected as having the wrong password when connecting via SMB. I've tried using the adusername trick (our AD server is named "ad") even though you're not supposed to need that with 10.7.2 and above... it doesn't help.Â
I have tried both a Windows 7 client and a 10.6 client, specifying SMB as the protocol in the Connect To Server dialog. Both fail, and they also take several minutes before reporting the bad password (the slowness in responding is yet another problem I've read as being an issue). Checking the kdc.log file on the server I see:Â
2012-02-09T09:54:22 digest-request netr: failed user=AD\dlennie DC status code c000006d
2012-02-09T09:54:22 digest-request: netr failed with -1073741715 proto=ntlmv2
2012-02-09T09:54:22 digest-request: od failed with 2 proto=ntlmv2
[code]....
I am using the full DNS name for the server, and on my test clients there are no firewalls or other network issues that would prevent connection to the server. We're mostly Macs here but the Windows users become a rather vocal group when something doesn't go their way. The confusing part to me is that AFP authenticates just fine and SMB doesn't.
Info:
Mac Pro, Mac OS X (10.7.3), OSX Lion Server
View 1 Replies
View Related
Dec 25, 2010
i want to learn one think about Mac OS X Server 10.6.i have got 300 clients Windows and i want to setup Mac OS X Server work like a Active Directory same as Windows... (User's Account,Profile ....etc) is it possible with Mac OS X Server or not ?
View 2 Replies
View Related
Mar 1, 2012
I am managing a bunch of Macs and we are using Active Directory groups to assign certificates for 802.11x. I am binding the device to AD using JAMF software and was wondering if I could use a script to then add the deive to an active directory group.Â
Info:
iMac, Mac OS X (10.7.2)
View 3 Replies
View Related
Apr 19, 2012
I have been reading through the Lion Server pages for Active Directory and came across the following question. Does the procedure listed in the URL below allow the users whose Macs are joined to the OS X server, to login with Active Directory credentials. Pass-through auth. for lack of a better term. [URL]...The procedure reads as if it is just joining the server to the domain and not configuring authentication.Â
Info:
Mac OS X (10.7.3), 8GB RAM, 500GB HDD
View 2 Replies
View Related
Jun 13, 2012
Im having all kinds of 'not found' issues with lion server but i think alot of them may stem from not being able to stop kerberos from running on Open Directory.Therefore currently im running two Kerberos realms OD and Active directory.. When I try and stop it in terminal it errors see below...Â
shutting down kadmind
kadmind shut down
shutting down kdc
[code]....
then on server admin it shows kereberos for OD as "running".. still so i know it hasn't worked?
Info:
Mac OS X (10.7.4)
View 1 Replies
View Related
May 3, 2005
I'm trying to setup our xserve so our clients will authenticate against AD but have their prefs managed by OSX Server. So far I've got the clients logging on ok,group folders mount nicely and I can see AD users and groups from workgroup manager. But when I try to add a home directory for an AD user I get - 'Got unexpected error Error of type -14140 on line 1127 of PMMUGMainView.mm'. I get the same if I try to create a new active directory user so it looks like workgroup manager is having problems writing to the active directory.
View 7 Replies
View Related
Jun 27, 2012
We have a local Admin account on all Macs, enterprise wide, for local and remote administration.
All Macs are joined to Active Directory. Our users DO NOT have Admin rights.Â
On ALL our LION Macs (10.7.4), when joined to Active Directory, we lose functionality to the local Admin account.
We can log into the local Admin account, but the desktop is useless. Nothing opens. We cannot create any files/folders without getting an Access Denied error.
AND then best part... everything on the Desktop, files/folders, are gone! Almost like a bran spankin' new account. With no access to anything locally.Â
Info:
Mac Pro, Mac OS X (10.7.3)
View 4 Replies
View Related
May 21, 2012
I have an OSX Lion 10.7.4 Server set up with Profile Manager and it is joined to AD.Â
I am able to see AD groups in the Profile Manager groups section. I can also see and add AD users and groups using the server app.Â
I have enabled the "Can Enable Remote Management" check box for Domain Users through Profile Manager. I have also added Domain Admins to the Workgroup group in the Server app. I'm not sure that I want or need either of these options, but they were suggestions to try. I am not able to log on to the Profile Manager or My Devices pages with AD logins.Â
I found these directions about nested groups in Workgroup Manager [URL] but I don't have a [URL] local group or any groups like are shown in the picture.Â
Info:
Mac mini, Mac OS X (10.7.4)
View 3 Replies
View Related
Jun 21, 2012
Adding 10 IMACS with OS 10.7 to my active directory domain. I would like for all users to have the same basic user settings at log in. how I can configure the MAC clients.
Info:
iMac, Mac OS X (10.7.4)
View 1 Replies
View Related
Jun 20, 2012
How do I change the ports Open Directory runs on? Is there an LDAP config file somewhere? I need to change port 636 to something else
View 1 Replies
View Related
May 3, 2012
I have a couple of new users I've added to our directory recently. They are unable to connect to our internal jabber (iChat) server. Users that have connected previously are experiencing no difficulty. A quick overview of the layout of the system: two XServes, one is OD primary (aspen) the other is OD replica and iChat server (vail). I've modded some config files (long ago) to allow user IDs for jabber to be user@ourcompany.office instead of user@vail.ourcompany.office. It works quite nicely.Â
Excerpt from the logs shows a failed login attempt followed by a successful login attempt. Successful logins are happening from Messages (beta), iChat under Snow Leopard, and Pidgin under windows. Failing logins are all from iChat under Snow Leopard. Please ask questions, I'm happy to add any other pertinent data! May 3 16:21:45 vail jabberd/c2s[99718]: [13] [::ffff:10.255.170.122, port=52584] connectMay 3 16:21:47 vail jabberd/c2s[99718]: [13] [::ffff:10.255.170.122, port=52584] disconnect jid=unbound,
[code]....
Info:
Xserve, Mac OS X (10.6.8)
View 4 Replies
View Related
Jun 13, 2012
We use on our Server the OD. About 25 User can ue with their Account every Computer in the Office. Now wo saw the size of the harddrive has very less free space. When we click Apple-I on the users we see it is very low space uses, but this is because all the private folders are blocked. Is their a way to calculate the Open Directory size of every User Account?Â
View 2 Replies
View Related
Apr 3, 2012
currently using mac mini server for sharing files and folders. Would like to setup VPN to get access to files remotely.
-Model identifier: Macmini 3.1
-Mac OS X Server version 10.6.8
I am not sure if this version supports VPN.
Info:
Mac mini
View 1 Replies
View Related
May 15, 2012
Our users logon to our 2008 Windows Domain and their windows home folder comes up as a folder called 'Work' on the mac taskbar. This is fine.When they open Microsoft Word e.g. and do a save you can't see this 'Work' folder in the Finder tree. Do I have to set up some kind of script - I just want a shortcut to this 'Work' home folder in Finder....how can you put one there automatically?  Is there any easy way so if they save to their mac 'Documents' folder it just get's re-routed to their 'Work' folder?
View 2 Replies
View Related
May 7, 2012
I am having difficulty binding clients to multiple open directory servers. All clients are running Lion. This issue did not occur under Snow Leopard. The servers are both Mac OS X Servers running Open Directory. There are two domains to which the client is successfully bound (DomainA and DomainB). If a user attempts to login using credentials from DomainB, they log in successfully but home folders are "not in the expected location" - so no data is present. If I unbind the client from DomainA and then attempt to login using credentials from DomainB, the issue is resolved. Is there a way to set a priority for how the client binds?Â
View 1 Replies
View Related
Feb 22, 2012
The functionality was part of the Server App in Lion Server but was not included in Lion.Â
Info:
iMac, Mac OS X (10.7.2), Lion Server
View 2 Replies
View Related
Mar 22, 2012
i have a domain controller and active directory based policy win 2003, one xserve running mac os x server 10.6.8 and alot of macs workstations. How can i push login script on all macs without adding it in login items? The script i want to store on smb or afp share disk, and will be edited from time to time. I've tried to add it on xserve from WGM, but it threw an error that current directory schema doesn't store desktop settings.So how can i solve this?
View 2 Replies
View Related
Jun 14, 2012
I run 10.6.8 server in a VM with Parallels Server for Mac. Lithium pinged me early Monday morning to tell me that my calendar server wasn't reachable. I found it had kernel panicked. After resetting it and verifying the directory structure and permissions, it booted fine. But availability or free/busy wasn't working for all users! The events were all there. Invites could be sent and received but when a user checks for availability when creating events. they see the daily work hours grayed out but not anything corresponding to a scheduling conflict. Â
Things I have Tried:
- bounced ical server
- Rebooted the server
- checked the owners and permissions for the data store hierarchy. (_calendar:_calendar 750)
- checked for xattrs on .ics files in several calendars
- deleted .db.sqlite for several users in several dir in their calendar stores
- in the past I have found that some iTIP invitations seem to get "stuck' causing problems with an individual users free/busy and deleting the inbox resolves this so I deleted several inboxes
-I moved a copy of the data store to a test server and pointed several clients at it.Â
The issue persisted in all of these cases without any change in behavior with one exception; somewhere (i lost track of where) during this process users also lost their delegation preferences. I'd love to find out how and where that is stored so that it can be restored in the future. It seems pretty fragile...Â
I found one way to restore the functionality; copying a users __uid__/<GUID>/calendar out. . Moving all the folders under <GUID> out of the way and dropping the .ics files into ical with their account configured in that instance. Although this worked for selected users, I have many, many users and calendars so this solution would be suboptimal. Â
Info:
Xserve, Mac OS X (10.6.8)
View 1 Replies
View Related
Apr 6, 2012
my problem is that on a restart of one of my 10.6.8 Servers parts of the Serveradmin configs are gone while some of them persists. The lost configs are everytime the same: VPN (complete) and iChat (a secondary but very important Host-Domain). Of course a can restore them from a backup but that shouldn't the standard procedure after a restart....Â
View 11 Replies
View Related
Mar 14, 2012
I had a goodworking SUS (10.6.8) working but the drive is getting full so i change the location of the files to another disk (in the xserve)and follow instructions from Apple (page 84 from the manual System Imaging) sudo cp -p /private/var/db/swupd/html /Volumes/My_Volume/My_Software_Updates_Folder/This works and i copy the files to a new drive. I also change the SUS so that theu host files for Lion clients url..works also, start SUS in Server Admin but when clients wants to connect i get an error that there is no SUS available and when i use the browser for an check i get een Forbidden error url...ForbiddenYou don't have permission to access /index.sucatalog on this server.Apache/2.2.21 (Unix) Server at 127.0.0.1 Port 80.
View 1 Replies
View Related
Jun 28, 2012
Trying to set up the Software Update Server under 10.6.8 Server. Have everything set up properly as per Apple's documentation, but all clients error out on software updates (saying they can't find the index. sucatalog file). When you view this file, which is an alias, within the HTML folder that is created when you enable the Software Update service in Server Admin, the alias doesn't link to an original.I've tried this on two separate 10.6.8 Server installations and I get the same error on both machines.Where is the alias "index.sucatalog" supposed to point to?Software Update Error Log in Server Admin says "Symbolic link not allowed or link target not accessible" and points to the alias file.
Info:
Mac mini, Mac OS X (10.7), Xserves (Early 2009, Early 2008, G5), Mac Pro
View 1 Replies
View Related
Jul 2, 2012
My system is MacPro 2009 with 10.6.8 server and Apple RAID card. Last week, RAID util just notified me of one drive is not viable, so i decided to replace the drive today. The configuration of my system is... There is an Apple Raid Card for HW Raid system Bay 1 = 640 TB drive with Mac OS X 10.6.8 server installed Bay 2, 3, 4 = 1.5 TB drives set up as RAID 5 below is what I did to replace the degraded Bay 4...Â
1. I shut down the system
2. replaced the corrupted drive with the new hard drive
3. tried start the machine again.Now my machine refuses to start up with the blinking question mark... I guess that the system fails to recognize the new drive or cannot find the system files...Â
4. So I put back the degraded drive...
5. The machine still won't start...
6. I tried to use the 10.6 server installation disk to boot up the machine to check if I can fix the system via disk util; but, everytime I do this, I got kernel panic... Â
7. resetting PR Ram didn't help, cannot boot up via safe mode as well (since the system file is not accessible now, I guess...).
8. booting via 10.6.2 server installation DVD still gives me kernel panic... Â
Why would my system corrupt by just replacing one degrade drive? The Mac OS X is not even the part of the Raid system... How am I supposed to fix this issue with out the installation disk?
Info:
Mac Pro, Mac OS X (10.6.8)
View 4 Replies
View Related
Oct 14, 2009
Years before Mac OS X 10.0 was first released in 2001, Apple launched Mac OS X Server, targeting its newly acquired Unix-based operating system technology at the education and workgroup server market. Apple has struggled ever since to find a broad server strategy that works. The solution may be as obvious as the iPhone App Store. Mac OS X Server has remained firmly stuck in the background even as Mac OS X has blossomed. Over the last decade of Mac OS X's development, Apple transformed its legacy Mac operating system from an outdated relic stuck in maintenance mode throughout most of the 90s into a highly regarded system that gets as much or more respect from industry critics as any other desktop operating system.Apple accomplished something that many others in the industry failed to do: marry the power and familiarity of Unix with accessible ease of use in a commercially successful product. Ray Noorda tried to do this at Novell in the early 90s; Caldera's OpenLinux also failed to take over the task from Novell ten years ago. United Linux and a series of followup attempts to standardize Linux all failed to accomplish their aims. A variety of efforts to sell Linux to consumers since then have all made very little progress outside of a small niche of hobbyist users.
View 39 Replies
View Related
Mar 10, 2012
I don't use any of it and would like to update to lion with out the server portion.
Info:Mac mini Server (Mid 2010), Mac OS X (10.6.8)
View 2 Replies
View Related
Mar 23, 2012
Up until a recent update, software update was working. Now it just crashes. I've tried deleting the Pref's and downloading updates directly, but that hasn't helped.
Info:
Xserve, Mac OS X (10.6.8)
View 3 Replies
View Related
Apr 18, 2012
I'm trying to install a SSL Certificate on a mailserver under 10.6 server. I dont know what to do by intermediate certificate and choosing type on certificate assistant.
View 3 Replies
View Related
May 19, 2012
Server version is: 5.0.8 Current available seems to be : 5.5.24 community server available from h [URL]if I already have several databases running under 5.0.8Â what are the hazards with upgrading to 5.5.24 community server?
Info:
Mac mini, Mac OS X (10.6.8)
View 1 Replies
View Related
May 27, 2012
I can't seem to get the App Store to sell me Lion Server for my Snow Leopard Server.I'm trying to remain positive about this but I'm getting really that money isn't enough to make this happen.My experiencewith the App Store and Apple policies in general is its almost time to dump OS X and head back to Open Source.I put money in my iTunes account.I've done the 15 logins it takes to satisfy AppleID my account is complete and up-to-date in the store and the Support Communities.How do I buy the software and actually download and install it?
Info:
Mac mini, Mac OS X (10.6.8), upgrade to Lion
View 5 Replies
View Related
