TS4070: Mac OS X Server: Full administrators may not be able to authenticate in Workgroup Manager

Learn about Mac OS X Server: Full administrators may not be able to authenticate in Workgroup Manager
adnanaftml

Q: my "Show 'All Records' tab and inspector" option: not active or i cant mark it bcoz its not active ...

im unable to add users bcoz it always ask user name and password when i give it says you are not authenticated though im system administrator pls help....

Mac mini, Mac OS X (10.7.5)

Posted on Sep 22, 2013 9:20 PM

Close

Q: my "Show 'All Records' tab and inspector" option: not active or i cant mark it bcoz its not active ...

  • All replies
  • Helpful answers

  • by MrHoffman,

    MrHoffman MrHoffman Sep 23, 2013 9:08 AM in response to adnanaftml
    Level 6 (15,637 points)
    Mac OS X
    Sep 23, 2013 9:08 AM in response to adnanaftml

    Based on your footer, I'll assume you're running OS X Server 10.7 here, and not 10.6.

     

    Authentication can be via local users (where your administrative access provides override access) or via Server.app and Open Directory and distributed management) where you need to be a domain administrator.   It's the domain administrator user that's key to adding users here.  The default is the diradmin user on a number of releases, though that can be changed.

     

    You should be able to add additional local users by System Preferences, or — once you log in as a domain administrator — via Server.app or the available Workgroup Manager download.

     

    If you don't have a directory administrator password, you'll need to break into the Open Directory system.

  • by adnanaftml,

    adnanaftml adnanaftml Sep 24, 2013 9:30 PM in response to MrHoffman
    Level 1 (0 points)
    Sep 24, 2013 9:30 PM in response to MrHoffman

    i have directory administrator password but its not accepting it tell me how could i break it?

  • by MrHoffman,

    MrHoffman MrHoffman Sep 25, 2013 1:48 PM in response to adnanaftml
    Level 6 (15,637 points)
    Mac OS X
    Sep 25, 2013 1:48 PM in response to adnanaftml

    If you have the directory administrator password, then local DNS services and/or Open Directory is likely corrupted, and there's not much point to resetting the diradmin password

     

    Launch Console.app from Applications > Utilities, attempt the login, and look for any relevent errors.

     

    If this is a NAT'd network, then local DNS services have to be correct, or OD can and variously will fail.   To verify local DNS, launch Terminal.app from Applications > Utilities and issue the following non-destructive diagnostic command:

     

    sudo changeip -checkhostname

     

    This command will find most — but not all — DNS configuration errors.  Enter an administrative password for the sudo, and you can safely ignore the one-shot warning nessage about using sudo if you see that.  You'll get back some information on the current host network set-up, and then an indication that no changes are required, or that there are system or network or DNS errors and some details.

  • by adnanaftml,

    adnanaftml adnanaftml Sep 29, 2013 9:42 PM in response to MrHoffman
    Level 1 (0 points)
    Sep 29, 2013 9:42 PM in response to MrHoffman

    Thanx for your help

     

    i went to directory editor , i found on left open directory admin services i click on it i click on users then click on LDAP i found bellow all users names i click on admin then i found authentication authority i copy all fellow from , to comma.. but when i open work groupmanager with my admin user pref. the option show all tab & inspector it was not active or i was dimm how can i check it??

  • by Antonio Rocco,

    Antonio Rocco Antonio Rocco Sep 30, 2013 2:42 PM in response to adnanaftml
    Level 6 (10,616 points)
    Desktops
    Sep 30, 2013 2:42 PM in response to adnanaftml

    The show all Records and Inspector Tab is not an option available anymore in 10.7 or newer.

     

    Tony

  • by adnanaftml,

    adnanaftml adnanaftml Sep 30, 2013 8:03 PM in response to Antonio Rocco
    Level 1 (0 points)
    Sep 30, 2013 8:03 PM in response to Antonio Rocco

    then wht to do?

  • by Antonio Rocco,

    Antonio Rocco Antonio Rocco Oct 1, 2013 1:52 PM in response to adnanaftml
    Level 6 (10,616 points)
    Desktops
    Oct 1, 2013 1:52 PM in response to adnanaftml

    Navigate to /System/Library/CoreServices and launch Directory Utility. Click on Directory Editor. Everything you wanted from the "Show All Records and Inspector Tab" is there.

     

    You could of course simply use the command line utility dscl which has been available since 10.4.

     

    Tony

  • by adnanaftml,

    adnanaftml adnanaftml Oct 1, 2013 9:40 PM in response to Antonio Rocco
    Level 1 (0 points)
    Oct 1, 2013 9:40 PM in response to Antonio Rocco

    i follow all procedure i gave new password but it didnt ask me to confirm that password and came back to root when i check it in workgroup manager it didnt work  now tell me wht to do????

  • by adnanaftml,

    adnanaftml adnanaftml Dec 5, 2013 8:14 PM in response to MrHoffman
    Level 1 (0 points)
    Dec 5, 2013 8:14 PM in response to MrHoffman

    after running sudo changeip - checkhostname

    its shows

    Priminary address , Host name but on DNS it shows error

    the DNS host name is not available, pls repair DNS and re-run this tool.

     

    pls help me wht to do now???