Currently Being ModeratedJan 26, 2013 5:48 AM (in response to Gargoyle Software)
All of the Apple push functionality is done via an AppleID account not specifically/directly related to certificates for authentication to the services on the server.
Apple also recommends that a dedicated (new) AppleID be made specifically for push functionality, don't use an existing and/or personal AppleID for this.
Also the certificates for that AppleID used for push have to be renewed each year. You can set the AppleID in server app at:
Server | Server | Settings
And review the certificates on this website
This may not be the direct issue in your case but in case you have not reviewed this side of setup.
Currently Being ModeratedJan 26, 2013 7:11 AM (in response to Gargoyle Software)
iCal doesn't give much feedback, so I like to test somthing like this direct from Safari
Look in iCal prefs at the account's server settings, you might see something like:
Server Address: dc.mydomain.com
Server Path: /principals/__uids__/1B8B7CCB-3DE9-45BC-B385-AB847E750C7B/
Add them all together into a single URL starting with https and try it in safari
You should be challenged for your user/pass, then it will return some caldav details.
If this works, then you have good DNS, connectivity and you know authentication works
If their is a certificate issue, auth issue, etc - you'll see it in safari :-)
Currently Being ModeratedJan 26, 2013 1:09 PM (in response to UptimeJeff)
For a *brand new user* created on the server, this is now working. If I try to create a connection for any of my users that existed before I bought/installed my SSL certificate, it fails to authenticate, so I can't even figure out what those paths should be.
Currently Being ModeratedJan 26, 2013 4:52 PM (in response to UptimeJeff)
I'm not entirely sure how to do that, especially without nuking the user. Once new thing I've noticed while looking at how to export/import.
It apperas most of the users I created via the Users system prefs panel, whereas the new account that seems to work well I created from inside the Server application's User area.
is this an issue of a 'local' vs. a 'networked' account? Is there a way to upgrade the existing accounts? This machine is my fileserver for my company so I really don't want to kill my account on accident.
Currently Being ModeratedJan 26, 2013 6:47 PM (in response to UptimeJeff)
I only care about two of the accounts, the others I can just recreate. Those two both have mail, and home directories, and for one of them it's where things like Aperture and iTunes store their content.
Currently Being ModeratedJan 27, 2013 7:30 AM (in response to Gargoyle Software)
Sure would be better to 'fix' it... but its simple enough to recreate the users, so why not just do that.
Would be better for you to move your users to Local Network so they are all together and would have access to all services.
Home folders are retained when you delete a user.
The user's mailbox would be deleted, so you'll need to do something to retain it.
Get your users GUID.
For the local directory
dscl . -list /Users GeneratedUID
For a shared directory
dscl /LDAPv3/127.0.0.1 -list /Users GeneratedUID
Go to the mailstore and rename the user's guid folder to something temporary, like their username (bob)
Delete user, recreate as a Local Network user.
Lookup their new GUID (with command above) and rename the mailbox to their new GUID.
This process isn't for everyone.. it wouldn't retain other service data (wiki, ical, etc) so you'll need to determine if its right for you.
Currently Being ModeratedJan 27, 2013 7:40 AM (in response to Gargoyle Software)
That's strange... they should all (Calendar, Contact, Mail, Mgmt, Alerts) be created at one time.
If you only have one you could try (this is just a suggestion, don't have directly confirmed info for this) revoking the original and then reissuing them. Or for less drastic step try to renew first and see if others are created.
Currently Being ModeratedJan 27, 2013 11:26 AM (in response to UptimeJeff)
OK, I decided to just go the recreate route since the home dir is saved. I went to System Preferences and deleted the user from there, letting it just rename the home dir and leave it in /Users. Then I opened up Server app and tried to recreate the user. When I hit Done, an error comes up saying:
Could not create the record because one already exists with the same name.
Now what? I need my account back
Currently Being ModeratedJan 27, 2013 3:03 PM (in response to Gargoyle Software)
If you don't see the user in the Server app, then you may need to delete it with dscl
it does something like this
sudo dscl .
ls (to see a list of users)
delete username (change to the user you want to delete)
Currently Being ModeratedJan 27, 2013 3:17 PM (in response to UptimeJeff)
I really appreciate the continued help, thanks.
Unfortunately it's not there. If I list /Users I don't see my username there. If I go ahead and delete it anyways (just to try) I get an eDSUnknownNodeName error due to the invalid path.
I even renamed "scott (Deleted)" to "foo" in /Users just in case it was somehow catching it still.