Skip navigation

Newly created OD users not working

413 Views 6 Replies Latest reply: Jan 29, 2013 6:18 PM by Robert Talevski1 RSS
Robert Talevski1 Calculating status...
Currently Being Moderated
Jan 28, 2013 3:27 AM


Hi all,


Hoping one or more of you have come across this problem and can help.


2 Snow Leopard Servers, one OD Master one OD Replica


master is running following services:


OD, DNS, Mail, iCal, DHCP, Web, Webmail, Wiki, VPN,






Replica mac





No, Network Home folders enabled, all are working from local accounts


Up until now pretty much all has been well.


Roughly around 20 users on the network.


Any new users I create are NOT able to login, AFP SMB iCal, Mail and any other services don't work .


Creating a new user on the master seems to occur without issue and the user is synched with replica.


DNS seems to be fine on both servers.


Following errors occur on the master.




ApplePassword Server.server.log

_ldap_replicator} CRAM-MD5 authentication failed, SASL error -13 (password incorrect).





_ldap_replicator} CRAM-MD5 authentication failed, SASL error -13 (password incorrect).


Password Service Repliation Log


Jan 28 2013 00:00:56    Replica1:Connecting to, synchronizing all records since 01/27/2013 01:00:15 PM GMT

Jan 28 2013 00:00:56    Replica1:The remote replica list has 1 parent and 1 replica.

Jan 28 2013 00:00:56    Replica1:sending 1 record from tid 1816434

Jan 28 2013 00:00:56    Replica1:sent 1 record, 52 kerberos principals

Jan 28 2013 00:00:56    DoSync: the next scheduled replication will occur on 01/29/2013 at 12:00:00 AM




Following errors on the replica.


Directory Service Error log


DNSServiceProcessResult returned -65563



slapd[7682]: SASL [conn=2950] Failure: incorrect digest response

Password Service Server Log

_ldap_replicator} CRAM-MD5 authentication failed, SASL error -13 (password incorrect).


Creating a new user on replica brings up this error however the user is created fine and it syncs with the master fine.

Error of type eDSAuthFailed (-14090) on line 3912 of /SourceCache/WorkgroupManager/WorkgroupManager-361.3.1/Plugins/UserAccounts/Use

Any help would be appreciated.

  • Don Roedl Level 2 Level 2 (210 points)
    Currently Being Moderated
    Jan 29, 2013 4:28 AM (in response to Robert Talevski1)

    Hello - Can you give more detail about what you are seeing on the client machine during a login attempt? Is it just the shaking login window or is there some other event? Also, If you log in to the workstation as the workstation administrator, can you connect with the users name and password via AFP?

  • Don Roedl Level 2 Level 2 (210 points)
    Currently Being Moderated
    Jan 29, 2013 5:36 PM (in response to Robert Talevski1)

    I see. So essentially what you are seeing in the finder is a shaking window indicating invalid login credentials when you attempt to connect to a share via AFP, for instance?

  • Don Roedl Level 2 Level 2 (210 points)
    Currently Being Moderated
    Jan 29, 2013 6:01 PM (in response to Robert Talevski1)

    Hard to say without seeing your setup. This is generally a straight forward process. All things being equal in a proper setup, I would be looking at the possibility of a corrupt ldap database, and therfore remedy by saving all settings and data and rebuilding either the ldap database or the entire OD server.


More Like This

  • Retrieving data ...

Bookmarked By (0)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.