Random Open Directory issues, slapd errors, vpn won't accpet passwords

Discussion in 'Mac OS X Server, Xserve, and Networking' started by roobieroo, Nov 12, 2013.

  1. roobieroo macrumors newbie

    Joined:
    Aug 18, 2008
    #1
    10.8.4 server, DNS is properly configured with reverse lookups. I've nuked and recreated the OD master from scratch and users and groups were imported from exported files. Things work fine most of the time but the server will randomly stop accepting VPN connections stating that authentication failed even though the password is just fine. This is for both PPTP and L2TP. When this happens, Workgroup Manager also has issues. If I try and create a new user or modify any passwords I'll get "an unexpected error of type -14988 has occurred. All other settings were saved."

    What's odd is that the issue will just go away on its own but when or how is anybody's guess. Users can login to file sharing just fine. Any idea how to fix this?

    This is from the opendirectory log-

    2013-11-11 11:58:30.013423 PST - 376.8734727, Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - no server challenge
    2013-11-11 11:58:30.013587 PST - 376.8734727 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
    2013-11-11 11:58:30.013587 PST - 376.8734727, Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - could not continue SASL client session: generic failure (-1) (5103)
    2013-11-11 12:01:05.242976 PST - could not get local sockaddr info for 8: Bad file descriptor
    2013-11-11 12:56:18.039993 PST - 376.8736520 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
    2013-11-11 12:56:18.039993 PST - 376.8736520, Module: SystemCache - failed to determine id_type to refresh record (group AAAABBBB-CCCC-DDDD-EEEE-FFFF000001F5@) (0x7fb2cb0033d0)


    This is from slapd.log-

    Nov 12 10:40:57 xserve.mydomain.com slapd[154]: get_filter: conn 62568 unknown attribute type=objectlass0 (17)
    Nov 12 10:40:57 xserve.mydomain.com slapd[154]: conn=62568 op=1 do_bind: invalid dn (judy@mydomain.com)
    Nov 12 10:40:58 xserve.mydomain.com slapd[154]: conn=62568 op=2 do_bind: invalid dn (judy@mydomain.com)
    Nov 12 10:41:20 xserve.mydomain.com slapd[154]: SASL [conn=62576] Failure: no secret in database
    Nov 12 10:41:20 xserve.mydomain.com slapd[154]: int slap_sasl_bind(Operation *, SlapReply *): Error to increment failed login count for uid=tracy,cn=users,dc=xserve,dc=mydomain,dc=com
    Nov 12 10:42:35 xserve.mydomain.com slapd[154]: SASL [conn=62582] Failure: no secret in database
    Nov 12 10:42:35 xserve.mydomain.com slapd[154]: int slap_sasl_bind(Operation *, SlapReply *): Error to increment failed login count for uid=tracy,cn=users,dc=xserve,dc=mydomain,dc=com
     
  2. mattofsmeg macrumors newbie

    Joined:
    Aug 13, 2013
    #2
    Hi There

    If you are still using WGM, only use it for MCX management. Creating users with it is sometimes broken in 10.8 and above.

    It seems to be the way the passwords are stored.

    Use Server App to create users and groups. Create a user with Server App and test to see if you still have the same issue.

    Cheers
     

Share This Page