Situation :
I am setting up laptop carts for classroom use at my school district and need network only accounts to authenticate to the wireless.
Products involved :
- XServe running 10.6.7, hosting Open Directory and serving as an LDAP server for the 802.1x authentication
-Aruba Controllers and Access Points set up for 802.1x with PEAP GTC authentication
-Client systems are Macbooks
Where I am at :
So far I have set up a login window profile in the 802.1x section of network preferences and installed the certificate for the Aruba system. Additionally I imported the certificate to the trusted root keychain. I can authenticate manually with student's credentials while logged into the system. Additionally if I log out of admin and enter the student's credentials at the login screen I can authenticate and load the profile. However as soon as I restart the system I can not authenticate at the login window. The gear spins for a while then the window shakes signifying invalid user name or password. Then back into admin to authenticate manually.
So that is where I am at. I need help getting this up and running before the school year starts. Below are some log entries generated by the system log on the client Macbook and also from the Aruba controller.
Apple Console logs (this log is from the moment launchd starts to attempting to log in as student and failing and then successfully login in as admin)
7/7/11 5:02:57 PM com.apple.launchd[1] *** launchd[1] has started up. ***
7/7/11 5:03:56 PM com.apple.WindowServer[71] Thu Jul 7 17:03:56 ocean-student-laptop-01.local WindowServer[71] <Error>: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.
7/7/11 5:04:19 PM com.apple.loginwindow[38] 2011-07-07 17:04:19.372 MCXLoginLogoutScriptTool[208:903] login: "loginscripts" in "com.apple.mcxloginscripts" is missing or is not a CFArray.
7/7/11 5:04:19 PM com.apple.launchd.peruser.501[194] (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
7/7/11 5:04:26 PM com.apple.launchd.peruser.501[194] (com.apple.Kerberos.renew.plist[2 33]) Exited with exit code: 1
7/7/11 5:04:26 PM ServerScanner[229] Not scanning because node /LDAPv3/main.losd.ca is in searchPath
7/7/11 5:04:30 PM UIMgmt[247] *** __NSAutoreleaseNoPool(): Object 0x400540 of class NSCFNumber autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM [0x0-0xe00e].com.trendmicro.TM.TmLoginMgr[241] 2011-07-07 17:04:30.392 UIMgmt[247:5103] *** __NSAutoreleaseNoPool(): Object 0x400540 of class NSCFNumber autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM UIMgmt[247] *** __NSAutoreleaseNoPool(): Object 0x4159b0 of class NSCFDictionary autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM [0x0-0xe00e].com.trendmicro.TM.TmLoginMgr[241] 2011-07-07 17:04:30.397 UIMgmt[247:5103] *** __NSAutoreleaseNoPool(): Object 0x4159b0 of class NSCFDictionary autoreleased with no pool in place - just leaking
7/7/11 5:05:14 PM com.apple.launchd[1] (com.apple.xprotectupdater[28]) Exited with exit code: 255
Aruba Controller logs (these log entries took place during the same time as the apple logs)
Jul 7 17:04:11 authmgr[1445]: <132161> <ERRS> |authmgr| Station 00:19:e3:05:25:a7 00:24:6c:b5:e1:34 sent Invalid TLS Record Layer Type 21
Jul 7 17:04:30 sapd[267]: <404003> <WARN> |AP 00:24:6c:c3:46:c3@172.22.104.212 sapd| AM 00:24:6c:b4:6c:30: Interfering AP detected with SSID 2WIRE777 and BSSID 3c:ea:4f:c8:7e:29
Jul 7 17:04:42 authmgr[1445]: <109013> <WARN> |authmgr| LDAP Server LOSD-Staff-Backup: Connectivity lost. Server is down
I do see that it says that the server is down, but I do not understand what it is referring to. The Xserve acting as an LDAP server with OD on it is up and running and I am still able to authenticate via 802.1x once logged into the desktop.
I am setting up laptop carts for classroom use at my school district and need network only accounts to authenticate to the wireless.
Products involved :
- XServe running 10.6.7, hosting Open Directory and serving as an LDAP server for the 802.1x authentication
-Aruba Controllers and Access Points set up for 802.1x with PEAP GTC authentication
-Client systems are Macbooks
Where I am at :
So far I have set up a login window profile in the 802.1x section of network preferences and installed the certificate for the Aruba system. Additionally I imported the certificate to the trusted root keychain. I can authenticate manually with student's credentials while logged into the system. Additionally if I log out of admin and enter the student's credentials at the login screen I can authenticate and load the profile. However as soon as I restart the system I can not authenticate at the login window. The gear spins for a while then the window shakes signifying invalid user name or password. Then back into admin to authenticate manually.
So that is where I am at. I need help getting this up and running before the school year starts. Below are some log entries generated by the system log on the client Macbook and also from the Aruba controller.
Apple Console logs (this log is from the moment launchd starts to attempting to log in as student and failing and then successfully login in as admin)
7/7/11 5:02:57 PM com.apple.launchd[1] *** launchd[1] has started up. ***
7/7/11 5:03:56 PM com.apple.WindowServer[71] Thu Jul 7 17:03:56 ocean-student-laptop-01.local WindowServer[71] <Error>: kCGErrorFailure: Set a breakpoint @ CGErrorBreakpoint() to catch errors as they are logged.
7/7/11 5:04:19 PM com.apple.loginwindow[38] 2011-07-07 17:04:19.372 MCXLoginLogoutScriptTool[208:903] login: "loginscripts" in "com.apple.mcxloginscripts" is missing or is not a CFArray.
7/7/11 5:04:19 PM com.apple.launchd.peruser.501[194] (com.apple.ReportCrash) Falling back to default Mach exception handler. Could not find: com.apple.ReportCrash.Self
7/7/11 5:04:26 PM com.apple.launchd.peruser.501[194] (com.apple.Kerberos.renew.plist[2 33]) Exited with exit code: 1
7/7/11 5:04:26 PM ServerScanner[229] Not scanning because node /LDAPv3/main.losd.ca is in searchPath
7/7/11 5:04:30 PM UIMgmt[247] *** __NSAutoreleaseNoPool(): Object 0x400540 of class NSCFNumber autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM [0x0-0xe00e].com.trendmicro.TM.TmLoginMgr[241] 2011-07-07 17:04:30.392 UIMgmt[247:5103] *** __NSAutoreleaseNoPool(): Object 0x400540 of class NSCFNumber autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM UIMgmt[247] *** __NSAutoreleaseNoPool(): Object 0x4159b0 of class NSCFDictionary autoreleased with no pool in place - just leaking
7/7/11 5:04:30 PM [0x0-0xe00e].com.trendmicro.TM.TmLoginMgr[241] 2011-07-07 17:04:30.397 UIMgmt[247:5103] *** __NSAutoreleaseNoPool(): Object 0x4159b0 of class NSCFDictionary autoreleased with no pool in place - just leaking
7/7/11 5:05:14 PM com.apple.launchd[1] (com.apple.xprotectupdater[28]) Exited with exit code: 255
Aruba Controller logs (these log entries took place during the same time as the apple logs)
Jul 7 17:04:11 authmgr[1445]: <132161> <ERRS> |authmgr| Station 00:19:e3:05:25:a7 00:24:6c:b5:e1:34 sent Invalid TLS Record Layer Type 21
Jul 7 17:04:30 sapd[267]: <404003> <WARN> |AP 00:24:6c:c3:46:c3@172.22.104.212 sapd| AM 00:24:6c:b4:6c:30: Interfering AP detected with SSID 2WIRE777 and BSSID 3c:ea:4f:c8:7e:29
Jul 7 17:04:42 authmgr[1445]: <109013> <WARN> |authmgr| LDAP Server LOSD-Staff-Backup: Connectivity lost. Server is down
I do see that it says that the server is down, but I do not understand what it is referring to. The Xserve acting as an LDAP server with OD on it is up and running and I am still able to authenticate via 802.1x once logged into the desktop.