1 2 Previous Next 17 Replies Latest reply: Sep 19, 2012 1:16 PM by elgringito Go to original post
  • 15. Re: Password problem after migrating to Mountain Lion Server
    mbresink Level 1 Level 1 (20 points)

    Thanks a lot for your confirmation.

     

    I now have found a solution which works as least for me! YMMV, but it's worth a try. You may test the following steps:

     

    1. On a client or the server, launch /System/Library/CoreServices/Directory Utility.
    2. Open the Directory Editor.
    3. Connect to the affected /LDAPv3/... node of the OD server and authenticate as directory administrator.
    4. Set the Viewing record type to Config.
    5. Navigate to the entry passwordserver.
    6. Select the attribute XMLPlist.
    7. Search for the section SASLPluginStates. The next lines contain a dictionary data structure between the tags <dict> and </dict>.
    8. Replace this dictionary by the one shown below which is the default configuration of OS X Server Mountain Lion. (For most of you, it will be sufficient to replace OFF by ON for the APOP entry.) WARNING: XML syntax errors may cause serious problems with the Password Server. Don't change any other parts of the XMLPlist entry.
    9. Press Save and quit Directory Utility. You won't need to reboot the server.
    10. Change the password of the affected user account, e.g. using Workgroup Manager.

     


    <dict>


    <key>APOP</key>


    <string>ON</string>


    <key>CRAM-MD5</key>


    <string>ON</string>


    <key>CRYPT</key>


    <string>OFF</string>


    <key>DHX</key>


    <string>ON</string>


    <key>DIGEST-MD5</key>


    <string>ON</string>


    <key>GSSAPI</key>


    <string>ON</string>


    <key>KERBEROS_V4</key>


    <string>OFF</string>


    <key>MS-CHAPv2</key>


    <string>ON</string>


    <key>NTLM</key>


    <string>ON</string>


    <key>OTP</key>


    <string>ON</string>


    <key>PPS</key>


    <string>ON</string>


    <key>SMB-LAN-MANAGER</key>


    <string>OFF</string>


    <key>SMB-NT</key>


    <string>ON</string>


    <key>SMB-NTLMv2</key>


    <string>ON</string>


    <key>TWOWAYRANDOM</key>


    <string>OFF</string>


    <key>WEBDAV-DIGEST</key>


    <string>ON</string>

    </dict>
  • 16. Re: Password problem after migrating to Mountain Lion Server
    felddy Level 1 Level 1 (10 points)

    mbresink,

    Awesome.  Enabling APOP with the Directory Utilitiy, and changing the passwords of the affected users has fixed all the login issues I was having since migration. 

     

    Thanks for taking the time to post a very understandable fix. 

     

    Cheers,

    Mark

  • 17. Re: Password problem after migrating to Mountain Lion Server
    elgringito Level 1 Level 1 (20 points)

    I cannot try your solution anymore. I simply did a fresh install a few days ago. It did took me a lot of time, since I had to

    - import the OD user accounts (this was quick)

    - associates their maildirs (quick)

    - import the wikis (quick, using Apple docs)

    - import the user calendars (by hand, a nightmare)

    In the process, I simply lost the wiki calendars. This was not too much of an issue in my case but this clearly might not be acceptable in common situations.

     

    I would have loved to learn about your solution before ;-) too bad. Well done mbresink, you have done quite an amazing work here !

1 2 Previous Next