Skip navigation

Network users can't login via VPN and Profile Manager

4904 Views 9 Replies Latest reply: Jun 20, 2013 9:05 AM by YUZA-Tom RSS
forappie Level 1 Level 1 (20 points)
Currently Being Moderated
Apr 7, 2012 9:42 AM

I have a problem with Network Users defined on my Lion Server accessing the server through VPN or Profile Manager (via Safari) ... I keep on getting authentication errors. Is this because they are network users or am I missing something else?


This works: when I logon to my Lion Server with either local or network users everything seems to be OK including home directory synchronisation.


I tried the following for VPN:

  • my local server account can logon to the server (ie my secret key, user account/password combination are OK ("chap peer authentication succeeded for ...")
  • when I try the same with two of my network accounts I keep on getting authentication errors (VPN) but I'm sure I use the same userid/password combinations as above ("chap peer authentication failed for ...")


I get similar results when I access the Profile Manager (https://myserver/profilemanager/)

  • my local server account can logon on to the Profile Manager and sees as all the information
  • when I try this with one of my network accounts (which has devices assigned) I keep on getting 'incorrect user name or password


Thanks in advance for the help provided.

Mac mini, Mac OS X (10.7.3), (Server)
  • Jonathan Melville Level 2 Level 2 (450 points)

    Are the Mobile Accounts part of the SACL for VPN?

  • SnakeDog Level 1 Level 1 (0 points)

    This is marked as having 'solved' the problem? It seems lik you said that it didn't work.


    Was a resolution ever discovered?


    Oh, and I also can't seem to push profiles from the profile manager to the computers that have mobile accounts setup.


    Message was edited by: SnakeDog

  • SnakeDog Level 1 Level 1 (0 points)

    It sounds like the settings on your old network accounts got changed to not allow vpn. You are probably right that the easiest would be to recreate the accounts.


    Otherwise you'll have to troubleshoot and see what was changed in the old accounts. Prhaps the VPN service was restricted, or perhaps the short name or something like that got changed.

  • UptimeJeff Level 4 Level 4 (3,390 points)

    your vpn log should reveal clues.


    Do you see MPPE errors? If so, then you may find solutions here searching that term or vpnaddkeyagentuser

  • YUZA-Tom Level 1 Level 1 (0 points)

    I believe the problem is the password policy; my fix is here:


More Like This

  • Retrieving data ...

Bookmarked By (2)


  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.