OS X Server 10.7.3 Open Dir issues

Discussion in 'Mac OS X Server, Xserve, and Networking' started by JoeGoldman, Feb 19, 2012.

  1. JoeGoldman macrumors newbie

    Joined:
    Feb 19, 2012
    #1
    Hi Forum.

    Thought i'd ask this here, as there seems to be a plethora of knowledge on Mac Hardware obviously.

    Recently at the office we got a Mac Mini server with OS X Server Lion on it. I set it up mostly, and started using it myself as a proof of concept. Network account, with mobile account creation, home sync etc. Thats all we really want it for. It worked great.

    Recently, logging on to the server, the Server Admin.app and what not could not log in to the server for administration. Found this was a problem with a service not starting, and an upgrade to 10.7.3 fixed this issue.

    Now today we wanted to start migrating other users over to it, and no account can log in from a remote machine. I have created the users on the server, I can log into the users on the server (i.e. locally), but when trying to log in to a user from a remote machine, I just get an error 'Unable to log into this account at this time'.

    If I use the wrong password, it appears to notice as it shakes notifying of wrong password, but when using the correct password it pops up the error.

    Any insight into how these services work and mesh together is greatly appreciated.

    THanks,
    Joe
     
  2. mainstay macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #2
    client computers are bound to the server?

    the username is NOT the same on the local computer as on the server?

    using SSL encryption between client and server?
     
  3. JoeGoldman thread starter macrumors newbie

    Joined:
    Feb 19, 2012
    #3
    Computers are definitely bound.

    No local users by the same name.

    SSL Encryption is on, but non-signed cert and get prompted to add exception (which we have done so).

    For filesharing and other things, it works perfect for the users. It appears to be 'just' logging into accounts is the issue.
     
  4. satty macrumors 6502

    Joined:
    Mar 1, 2004
    Location:
    You can't beat Wellington on a good day
    #4
    I'm not a complete expert, but check on the client machines:
    System Preferences - Users & Groups - Login options - Network Account server
    Should contain your OD server and show it with a green LED.

    Check in the Workgroup manager, that the flag Access Account for the user is set.

    Check in the Server Admin, that the users are assigned to service Login Window

    Another problem, can be authorities on the users' home directory on the server.
     
  5. JoeGoldman thread starter macrumors newbie

    Joined:
    Feb 19, 2012
    #5
    Hi Satty,

    Checked all that. It was definitely associated with the OD, as if you used the wrong password it would identify that, then if you used the right password, it would then throw the error, so it was successfully connecting to the server and authenticating, then not allowing the log in to continue, for whatever reason....


    Since I was the only one using it, and I used it as a mobile account, I simply reformatted the server and its currently re-installing. Going to re-configure it from scratch as there were messy things I did first time around that I wanted to fix up anyways. I'll just re-create my account and copy my files and settings back over the home dir once it's created.

    Boss has pretty much said if it screws up again we are just going to can the idea, have local users, and rsync our home dir to a file server every night. We don't get the full roaming capabilities then, but it's better than nothing.

    Thanks to all who looked at this :)
     
  6. satty macrumors 6502

    Joined:
    Mar 1, 2004
    Location:
    You can't beat Wellington on a good day
    #6
    One last thing... Ensure in the workgroup manager that the users are created in OD and not locally on the server.

    And let us know how your re-configuration is going.
     

Share This Page