All of the Apple push functionality is done via an AppleID account not specifically/directly related to certificates for authentication to the services on the server.
Apple also recommends that a dedicated (new) AppleID be made specifically for push functionality, don't use an existing and/or personal AppleID for this.
Also the certificates for that AppleID used for push have to be renewed each year. You can set the AppleID in server app at:
Server | Server | Settings
And review the certificates on this website
This may not be the direct issue in your case but in case you have not reviewed this side of setup.
iCal doesn't give much feedback, so I like to test somthing like this direct from Safari
Look in iCal prefs at the account's server settings, you might see something like:
Server Address: dc.mydomain.com
Server Path: /principals/__uids__/1B8B7CCB-3DE9-45BC-B385-AB847E750C7B/
Add them all together into a single URL starting with https and try it in safari
You should be challenged for your user/pass, then it will return some caldav details.
If this works, then you have good DNS, connectivity and you know authentication works
If their is a certificate issue, auth issue, etc - you'll see it in safari :-)
I'm not entirely sure how to do that, especially without nuking the user. Once new thing I've noticed while looking at how to export/import.
It apperas most of the users I created via the Users system prefs panel, whereas the new account that seems to work well I created from inside the Server application's User area.
is this an issue of a 'local' vs. a 'networked' account? Is there a way to upgrade the existing accounts? This machine is my fileserver for my company so I really don't want to kill my account on accident.
Sure would be better to 'fix' it... but its simple enough to recreate the users, so why not just do that.
Would be better for you to move your users to Local Network so they are all together and would have access to all services.
Home folders are retained when you delete a user.
The user's mailbox would be deleted, so you'll need to do something to retain it.
Get your users GUID.
For the local directory
dscl . -list /Users GeneratedUID
For a shared directory
dscl /LDAPv3/127.0.0.1 -list /Users GeneratedUID
Go to the mailstore and rename the user's guid folder to something temporary, like their username (bob)
Delete user, recreate as a Local Network user.
Lookup their new GUID (with command above) and rename the mailbox to their new GUID.
This process isn't for everyone.. it wouldn't retain other service data (wiki, ical, etc) so you'll need to determine if its right for you.
That's strange... they should all (Calendar, Contact, Mail, Mgmt, Alerts) be created at one time.
If you only have one you could try (this is just a suggestion, don't have directly confirmed info for this) revoking the original and then reissuing them. Or for less drastic step try to renew first and see if others are created.
OK, I decided to just go the recreate route since the home dir is saved. I went to System Preferences and deleted the user from there, letting it just rename the home dir and leave it in /Users. Then I opened up Server app and tried to recreate the user. When I hit Done, an error comes up saying:
Could not create the record because one already exists with the same name.
Now what? I need my account back
I really appreciate the continued help, thanks.
Unfortunately it's not there. If I list /Users I don't see my username there. If I go ahead and delete it anyways (just to try) I get an eDSUnknownNodeName error due to the invalid path.
I even renamed "scott (Deleted)" to "foo" in /Users just in case it was somehow catching it still.