odx
Level 1 (5 points)
Safari

Q: Network Users cannot login after rebuilding Open Directory Master

Hello,

 

after running intro trouble with my Open Directory Master after 3.0.1 Server update (see https://discussions.apple.com/message/23860765#23860765), i decided to rebuild the OD Master from scratch.

Now the problem refered in the other thread is fixed and i can setup users again.

 

What not works now is authentication for network users. I use an external tool (SCM Manager) that queries the Open Directory Server. This works fine so i suppose OD is up and running.

 

But all my Mavericks Server Services refuse to authenticate against the new OD master. I can only login with the local admin account.

 

 

Any idea what to look at to fix this?

Mac mini, OS X Server

Posted on Dec 5, 2013 1:23 AM

by odx,Solvedanswer
odx odx
Level 1 (5 points)
Safari
A:

Hi,

 

no accounts are not disabled.

 

I finally ended up in giving the complete re-setup another chance. So i removed the OD Master again and created a brand new one which now appears to be accepted by the OS X Mavericks Services.

 

But this is a bit of pain in the .. because i have to recreate all accounts for a second time.

Posted on Dec 5, 2013 11:14 PM

Close
odx

Q: Network Users cannot login after rebuilding Open Directory Master

  • All replies
  • Helpful answers

  • by Strontium90,

    Strontium90 Strontium90 Dec 5, 2013 2:19 AM in response to odx
    Level 5 (4,087 points)
    Servers Enterprise
    Dec 5, 2013 2:19 AM in response to odx

    In Server.app select a user and right-click (control click) to get a contextual menu.  Select Advances Options for the user and what do you see.  Many services will not work without a value user shell.

     

    Have you just tried su'ing into the user?  Open Terminal.  Type su username (replacing username with a valid short name).  When you hit enter, you will be prompted for the user's password.  When you enter it, what result do you get?

  • by odx,

    odx odx Dec 5, 2013 2:25 AM in response to Strontium90
    Level 1 (5 points)
    Safari
    Dec 5, 2013 2:25 AM in response to Strontium90

    Hi, the services i try to access are FileSharing, Wiki, VPN, Calendar...

     

    I am sure i have been using these services without a shell configured before.

     

    When i try to switch the user i get:

     

    su: Sorry

  • by Strontium90,

    Strontium90 Strontium90 Dec 5, 2013 2:47 PM in response to odx
    Level 5 (4,087 points)
    Servers Enterprise
    Dec 5, 2013 2:47 PM in response to odx

    Are the accounts disabled?  The sorry response will occur if the accounts are tagged as disabled.

  • by odx,Solvedanswer

    odx odx Dec 5, 2013 11:14 PM in response to Strontium90
    Level 1 (5 points)
    Safari
    Dec 5, 2013 11:14 PM in response to Strontium90

    Hi,

     

    no accounts are not disabled.

     

    I finally ended up in giving the complete re-setup another chance. So i removed the OD Master again and created a brand new one which now appears to be accepted by the OS X Mavericks Services.

     

    But this is a bit of pain in the .. because i have to recreate all accounts for a second time.