View Full Version : 10.5.1 Server refusing logins?

Feb 5, 2008, 11:43 AM
Hi all,

I am looking after a 10.5.1 Mac OS X Server at my office. It originally had Tiger Server installed and all was running smoothly as far as I was aware.

I upgraded it to Leopard a couple of weeks ago for the new features. I did a clean Erase and Install rather than an upgrade after having problems with vanilla Leopard in the past.

Something has happened over the past couple of weeks that is causing the server to deny users access. Clients can't login, and shares aren't available to non-managed machines. I can't even use Server Admin remotely to check the server status. Now here's the really weird thing... If I go to the server and try to login using the System Administrator's account the login panel wobbles, even the root user's account won't work. The only thing I can do is a restart. In Workgroup Manager I set a profile to disable Restart and Shutdown from the server's login panel and as you can imagine I couldn't log in to restart the machine so I had to do a hard restart! (eek).

After a reboot everything is fine for a couple of days then it happens again, a denial of access. On the managed client machines I get a green 'Network Accounts Available' notice so why can't anyone login?

I have tried to check the logs but can't find anything that seems to be pointing towards the problem.

The server is running, DHCP, DNS, NAT, VPN, Firewall, OD, SMB.

Settings up DNS and DHCP was a real pain but I thought I solved that after reading someone else's trouble with what the install wizard does/doesn't do properly. The server was set up using the Advanced configuration.

I can ping the server and other non-managed clients continue to get Internet access so I can assume that the NAT and Firewall services are still running.

Has anyone come across this or point me in the right direction to start investigating.

Thanks for any advice.

Feb 5, 2008, 02:42 PM
Has anyone come across this or point me in the right direction to start investigating.

I experienced this once. I also had to hard restart. I didn't experience this again, but within a week, I was unable to authenticate a network account from another machine (I could login to the server directly, though). AFP wouldn't work either. I ended up archiving the OD database, and setting the machine to a stand alone server. I then put it back to being an OD master and restored my database. I then had to redo the kerberos records, but I haven't had any problems since.

I read about doing this on the OD discussions board at apple.com, so you should dig around there before doing trying it. I don't remember off-hand exactly what all this resets.


Feb 11, 2008, 05:56 PM
Did the 10.5.2 Server update fix it for you?

Feb 11, 2008, 09:44 PM
I'm having this exact issue. I applied the 10.5.2 updater this afternoon. We'll see what happens. Anyone else having the same issue?

Feb 12, 2008, 09:04 PM
10.5.1 server - can only login now with 'localadmin' - all users missing from workgroup manager. All documents etc in the original Administrator account are gone. We just have a virgin clean admin user - logged into with 'localadmin' user. Customer had a microsoft user data folder in the admin documents folder originally - its gone! Am going to use Datarescue to attempt to find it then I will reformat the server and reinstall up to 10.5.2 and attempt to restore using the Time Machine backup that we had running on an attached firewire drive. I'm doing it in that order because if Time Machine hasn't backed up the original admin account for some reason then I at least have a datarescued copy of the information I need before I erase. Have tried as many of the posted potential solutions out there (incl DNS and OD) but technical limitations on my part prevents me from going deep in to terminal to resolve this.

Feb 13, 2008, 04:54 AM
I have updated to 10.5.2 this morning after numerous phone calls from staff complaining about not being able to login and access AFP shares on managed clients. As I am not on site all the time, I ended up giving a member of staff the admin account login details to they could restart the server as VPN does down as well.

I hope this solved the problem, but I really would like to know what is causing it.

I wish I had left Tiger on there now.

At the moment the jury is still out. This fault is so random. The server can seem fine for a couple of days then boom, DOA.

Feb 13, 2008, 04:57 AM
I think I'm going to leave it just with the update to see what happens. All the ACLs are fine and user accounts are untouched (it would seem).

I don't what to play too much at this stage as it is so difficult to back track.

If the problem still occurs I may archive the OD database and reset that to see if that works.

Feb 13, 2008, 01:44 PM
I Have the same problem with my file server on xserve with 10.5.2. After some time the main admin is refused and i cant start the system again. he is refusing all accounts even the root account.
To start from cd is know impossible. Somebody told me the new xserve has real problems with his cache

Feb 22, 2008, 04:47 PM
Somebody told me the new xserve has real problems with his cache

Which cache is this then?

L2 Cache??
Or do you mean caches made by the OS..?

Feb 23, 2008, 08:35 AM
Which cache is this then?

L2 Cache??
Or do you mean caches made by the OS..?

Sorry. I have to explain exactly what i mean. The cache which is used by the New memory units. The new memory units have a High rate of Defekts . This causes many Problems with the os. We have an old Server running os 10.5 without any Problem.