Currently Being ModeratedFeb 18, 2012 4:54 AM (in response to Dave Razorsek)
One note to add, it appears Workgroup Manager is working just fine, its the new Server App which doesn't allow me to add members to any group. Can some one else please see if their system is doing the same? I've been working with Apple on this but haven't heard back in a few days now.
Currently Being ModeratedMar 14, 2012 10:33 AM (in response to Dave Razorsek)
I have exactly the same issues. Mini server, 10.7.3, OD master, no replicas, and no users showing up under the group membership in Server.app, and I cannot add them to the group in the Server.app either. They are indeed members of the groups, and show up fine in WGM, where they were created and made members of the groups - they inherit all the rights just fine. Anyone want to enlighten me as to why these two apps are pulling info from the same directory and are getting different information? Is this an authentication issue with Server.app, i.e., am I not authed properly to the directory?
Currently Being ModeratedMar 23, 2012 3:39 PM (in response to Puddletown*Jim)
Thanks Jim, I was begining to think I was seeing things. I have a hard time believein we're in the minority on this one. Have you contacted Apple or had any success? I haven't heard back from them in a few weeks now.
Currently Being ModeratedApr 25, 2012 6:30 AM (in response to Dave Razorsek)
Hi Dave, Same Server app problem here on my Xserve 2009 and it happened after about 14 days of working correctly. No users or groups show in the panes other than the two local admin users on the server. The +/- buttons are greyed out also. If you enter some letters for a search in Users/Groups it will actually display the network users containing the letters and eventually it populates the window with network users up to the usual 500+ limit but refresh and they all disappear again.
WGM acts as usual with all my 850 users showing from the OD and Server admin shows all my services running ok. All users can log in and out fortuneately at the moment. This happened initially when I migrated to Lion and I had to use my OD archive demoting and promoting to master to get it to work but I dont want to have to rebuild the whole thing again. Has anyone reported this as a bug to Apple I wonder?
Currently Being ModeratedMay 10, 2012 9:43 AM (in response to Dave Razorsek)
Same issue here on Xserve. Now, I upgraded from SL and have done all my work in WGM, which appears to be fine. But just was looking at Server.app and noticed groups had no members. Things are OK, but sure makes one nervous.
Currently Being ModeratedMay 10, 2012 10:43 AM (in response to Dave Razorsek)
Hi, thanks for replies. I updated my Xserve to 10.7.4 today along with a few client imacs and the Server.app via the App store. I also updated Server Admin/WM. However absolutely no change, just as before, no +/- buttons working or network users appearing as in my previous post:-(.
I did report this to Apple as a bug report and is now official and they actually replied quite quickly. I have sent various directory debug logs they asked for and they seem to think the problem is authenticating with the computer record. Thats as far as it got up to today.
Just another thing i noticed is that WM throws error messages when editing a users details and you have to reauthenticate to get the change to take effect. Like chicster says it makes one nervous if the thing is going to break completely! Tomorrow I am cloning my drive, archiving my OD and demoting my OD to standalone then promoting to master again and using the archive ro restore the OD and settings etc. I will post asap if this works and repopulates and fixes the Server.app accordingly.
Also my netinstall has got problems now booting client macs since Lion even though it shows running ok in SA, however I digress!!
Currently Being ModeratedMay 17, 2012 2:42 PM (in response to Dave Razorsek)
Hi Just a bit of an update. I demoted server then promoted to master as I was planning and reinstalled archive. Result=no change. Just the same as before with Server App not showing users as before. However i was working on the server using a direct monitor today installing a new RAID. After restarting the server the new 30TB RAID mounted perfectly so I proceeded to create a home folder share point using Server app. All seemed ok with the new share point showing in the File Sharing. So I then wanted to change the users home folder location in WM but the new sharepoint on my new RAID did not appear in the "Home" tab as normally happens. The problem now is I cant reset the users home folder sharepoint via WM.
This is where it gets weird!! I happened to remove the network cable from the server and all the users and groups immediately reappeared in the Server app with the +/- buttons working! Taking a chance with the editing now working I then moved and migrated all the old users home folders via Carbon Copy Cloner to retain the correct posix folder permissions to the new sharepoint. I then selected all users in the Users Server app window and changed the home folder location by selecting the new share point for all the users. The result was it only changed 500 of the users home folders to the new share point when I checked in WM!!! How annoying that if you have more than 500 users( Ihave 850) it doesnt change them all and you have no idea which have been changed. I had to manually set each one, 350 in all to the new share point in Server app by doing a search for the non edited home folder location for users shown in WM!!!. What a fiasco this is. Does apple think that anyone with a server could never have more than 500 users??!! I really hope this buggy unreliable admin is fixed soon!
Here's the best bit!! after doing all the changes I replace the network 1GB enet cable and switch the file Sharing back on and all the users are logging in to their newly located home folders but you guessed it, all the users/groups disappeared again in server app!! it seems the link between the Server app and SA and WM is broken or not authenticating for some reason when the network is active.This is a crazy workaround to do a basic server edit. BTW on another issue the Netboot service doesnt work even after recreating new 10.7.4 install images.
Currently Being ModeratedMay 17, 2012 7:40 PM (in response to Michael Priestley)
Thanks for the updates Michael. Unfortunately I don't have much to post. I've been tied up with stuff and haven't had the opportunity to apply the 10.7.4 update yet. I'll report back as soon as I do.
Currently Being ModeratedMay 28, 2012 3:06 PM (in response to Dave Razorsek)
Good news! After suffering more and more problems with WM and SA and finally losing authenticating for some reason last week or even being able to create and modify users I decided to build the OD from scratch and not using the OD archive as in previous occasions. I figured the archive had the problems inherent in its make up and it seemed like a revolving door of returning to standalone then master etc etc and this not even fixing anything.I think the directory administrator in the archive was the problem which was replacing/overwriting any new directory administrator at each restore.This archive originally goes back to my Snow Leopard server and I'm sure the original migration corrupted the OD.
Forunately I had saved/exported the users/groups computers and computer groups and all exportable settings recently in WM. So here is what i did. Firstly make the OD standalone then create a new Master of my domain which is pretty quick. I used a different short username lionadmin for the Directory Administrator just so i could see the newly created admin account. After it successfully created I opened WM(leaving the Server app out of the picture) and could log in to the domain and the new directory administrator(lionadmin) ID1000 in place and a brand new directory! Both my DNS( a fully working reverse look up is most important for creating the Master) and DHCP remained in place and had not shown problems before so all was good there
I then imported the (850) users first from my exported back up file which went slowly making sure I checked the "ignore duplicates setting" to stop the old Directory Admin(diradmin) overwriting the new Directory Admin(lionadmin), then the groups, the computer list(300macs) and finally the computer groups. Everything loaded perfectly with all users and groups restored.The only downside is that the passwords are not imported but after selecting all the users apart from Directory admin I set a new password that would be used on initial log in and then prompting the user to create their own etc.
Next open Server app and i had all my network users (500+) and groups back in the panes with +/- buttons and full functionality. I did delete my home folder share points from previous occasions and recreated them which then duly appeared in Workgroup Manager in the "Home" panel. I then pointed all my users at the sharepoint where all their home folders are already.
I turned on File sharing and all users logged in perfectly and making users change their initial passwords. I am so relieved that all the "lost" functions now work across the SA/WM and Server app! I hope this situation is more stable now and it seems to be more solid when editing etc.
I think the moral here is to just rebuild the slow clean way instead of trying fixes and workarounds and I wish I had done it sooner. I hope this helps others as it has me. Also I know know if it all goes wrong again I can get the whole thing back in about an hour even from exported WM files which you can easily update. Also I have now created a brand new OD archive as well so it will retain all the "new" working directory status hopefully.
Currently Being ModeratedJun 9, 2012 7:09 AM (in response to Michael Priestley)
MIchael, I had something very frightening happen to me last night. I've been running 10.7.4 for about 2 weeks without any change in my issues then suddenly and for absolutely no reason, I lost all access to my OD. No user accounts could log in to the network, no accounts or groups appeared on the server, and I couldn't add either if I wanted to.
The only option I had was to rebuild from scratch because I never bothered to do a back-up since things were so hosed in the first place. Fortunately I don't have anywhere near the number of users you have, unfortunately I don't have the knowledge of networks and server that you have, so I made my solution a little simpler. Here's what I did;
First I demoted then promoted the server. (I also threw in a couple of reboots just for good measures. ).
Then I recreated each of my accounts and groups. Again there weren't many so it wasn't much of a task.
My accounts were then able to log in but no one was able to aceess their files. With a little digging in these forums I found the chown -R username path command in another post. I tried using it just like that but it wouldn't work. I crossed my fingers an used the sudo command and everything worked fine. Not thinking I tried using the chown with a local administrator account. Should I have used the diradmin account instead?
Anyway, for whatever reason that worked. What makes me mad is I tried this exact same process about two months ago and it never solved my problem. It was only after the OD completely blew-up did it work. I feel like everything is working as designed so I made back-ups of my OD. I'll update if I ever need to go back to them.
Currently Being ModeratedJun 14, 2012 3:29 PM (in response to Dave Razorsek)
Well I guess I spoke too soon. For whatever reason my OD crashed on me again and I'm back to where I was just a few days ago. Didn't even make it a full week, I give up.
Whoever is a part of the Sever App should apologize to the rest of the team members for letting them down. Thank goodness Workgroup Manager is working perfectly, I can see all of my groups and all of the members of each group. I'm a big Apple fan on a lot of stuff, however the Sever App is not on my list of favorites.
Currently Being ModeratedJul 24, 2012 2:49 PM (in response to Dave Razorsek)
Just to add something that may not relate to everything covered here, but i did have users not showing up in groups in Server. I have resolved that I think.
The deal was that users were in one group. Meaning they were in "class of 2014" for instance. And that was their PRIMARY group in WGM. Turns out for them to show in Class of 2014 as a member, that needs to be their SECONDARY group, with something like the default Workgroup (GID = 20) as the primary group. When I did that change, they showed up in Server.app.
The real thing that brought this to a head was that once the client hit 10.7.4, group preferences (mobility, etc) no longer flowed to the user from the Primary group. Had to be a secondary group. Users logged in, but as pure network users (even if mobility was set) and with no preferences set.