Michael Newbery

Q: Can't create Local Network Users in Yosemite

I can't create Local Network Users (or change passwords)

 

Logged on to /LDAPv3/127.0.0.1 as directory administrator

 

When I try to create a new user (press the [+], fill in the form), it brings up the message:

 

existing connection is not authenticated or secure: password change denied

 

I suspect this is emblematic of other issues. I can authenticate for Mail and SMB, but not for AFP or Xcode

Server 4.0, OS X Yosemite (10.10)

Posted on Oct 25, 2014 10:09 PM

Close

Q: Can't create Local Network Users in Yosemite

  • All replies
  • Helpful answers

first Previous Page 4 of 4
  • by ADSC,

    ADSC ADSC Nov 25, 2014 9:49 PM in response to ndsvfx
    Level 1 (0 points)
    Nov 25, 2014 9:49 PM in response to ndsvfx

    i had the same problem with profil manager.

    you have to remissue your server communicationt profile by re downloading the

    trusted cert and also the cert for the group (iphone,ipad or what ever) and reinstall it to

    your device by appleconfigurator.

    since you have a new OD now tou also have new certs.

     

    that should help.

     

    my problem with od in the end was also solfed by desroying and regenerate.

    since all my useres are in AD i had not so much to do.

    but importent to me was in the end that the OD checks forward and reverse DNS by the host command and this dies not

    check the /etc/hosts file so i have to rethink about my dns config

     

    cheers

  • by mysoros,

    mysoros mysoros Nov 25, 2014 10:06 PM in response to ADSC
    Level 1 (12 points)
    Mac OS X
    Nov 25, 2014 10:06 PM in response to ADSC

    That means we have to configure all the iOS device again?  Do any Apple's engineers help this out?  It is totally ridiculous that the server product that come out without proper test for upgrade consideration!  Shame on Apple!

  • by gattomatto,

    gattomatto gattomatto Nov 30, 2014 1:50 PM in response to Michael Newbery
    Level 1 (0 points)
    Nov 30, 2014 1:50 PM in response to Michael Newbery

    I SOLVED in this way (there is something locked):

     

    From Users/Group select Network Users/Group in the upper popup. A lock will appear on the bottom. Unlock by using the diradmin password.

    DONE !!!

  • by mysoros,

    mysoros mysoros Dec 15, 2014 12:52 AM in response to Michael Newbery
    Level 1 (12 points)
    Mac OS X
    Dec 15, 2014 12:52 AM in response to Michael Newbery

    Anyone have got the upgrade from Xserver v3 to v4 successfully with the Profile Manager?

    Please help!.

  • by dtichenor,

    dtichenor dtichenor Dec 27, 2014 1:54 PM in response to ndsvfx
    Level 1 (0 points)
    Dec 27, 2014 1:54 PM in response to ndsvfx

    this is what i had to do too.. fortunately not that many users, so resetting passwords didn't take all day.

     

    also had to revisit some service permissions and make sure the cert stuck... but other than that..... *knock wood*... working well now.

     

     

    thanks all who posted.

     

    apple.... get on the stick please. a little more. thanks.

  • by silverk_,

    silverk_ silverk_ Jan 14, 2015 2:58 AM in response to jbaudry
    Level 1 (0 points)
    Jan 14, 2015 2:58 AM in response to jbaudry

    Thanks. You saved me from not so good solution (to be polite) in first post.

     

    For others reading this topic: Please archive your open directory first. It saves you lot of manual reconfiguration. Then try to authenticated with diradmin. If it fails, reset diradmin password. Destroying your directory shall be really last step!

  • by carbonrain,

    carbonrain carbonrain Jan 21, 2015 11:06 AM in response to gracoat
    Level 1 (0 points)
    Jan 21, 2015 11:06 AM in response to gracoat

    This actually solved my issue...

     

    Users > (drop down menu) Local Network Users > ::highlight user name:: > (gear menu) Change Password...

     

    Thanks!!

  • by Jyri Palm,

    Jyri Palm Jyri Palm Apr 24, 2015 12:46 PM in response to gracoat
    Level 1 (50 points)
    Apr 24, 2015 12:46 PM in response to gracoat

    SOLVED.

     

    I can confirm that the accidental solution by gracoat FINALLY worked for me.  That is:

     

    1. Archive the Directory Master.

     

    2. Destroy the Master.

     

    3. Create a BRAND NEW empty Master.

     

    4. Destroy THAT Master.

     

    5. Import your original Master.

     

    This, after fooling with a bunch of solutions.  NOTE: Simply destroying and reimporting alone did not work for me.  But the intermediate step of creating a blank directory seemed to clear out whatever the problem was.

     

    Thanks!

  • by jbailon,

    jbailon jbailon Apr 29, 2015 2:15 PM in response to Steve Maser
    Level 1 (0 points)
    Apr 29, 2015 2:15 PM in response to Steve Maser

    Great answer that solved my issue. Thanks!!

  • by Tom Francais,

    Tom Francais Tom Francais Mar 26, 2016 11:43 AM in response to Jyri Palm
    Level 1 (19 points)
    Mar 26, 2016 11:43 AM in response to Jyri Palm

    I can also confirm gracoat's solution worked for me. And as Jyri Palm emphasized, Step 3 (Create a BRAND NEW empty Master) and Step 4 (Destroy THAT Master) were keys to my success.

    I am running OS X 10.9.5 and Server 3.3.2.

  • by Ward Bouwman2,

    Ward Bouwman2 Ward Bouwman2 Jun 6, 2016 9:46 AM in response to Tom Francais
    Level 1 (19 points)
    Jun 6, 2016 9:46 AM in response to Tom Francais

    Server Version 5.0.15 it sometime happens too. What did it for me was:

     

    sudo killall opendirectoryd

     

    will kill the opendirectoryd process and launchd will immediately create a new instance of the opendirectoryd process. You can tell that it happened by the process number. For instance:

     

    bash-3.2# ps aux -www | grep opendirectoryd

    root              8500   0.0  2.0  2953236  84036   ??  Ss   24May16 271:10.98 /usr/libexec/opendirectoryd

    root             69279   0.0  0.0  2432772    640 s000  S+    9:29AM   0:00.00 grep opendirectoryd

    bash-3.2# sudo killall opendirectoryd

    bash-3.2# ps aux -www | grep opendirectoryd

    root             69300   4.9  0.3  2491060  11708   ??  Ss    9:30AM   0:00.33 /usr/libexec/opendirectoryd

    root             69304   0.0  0.0  2432772    640 s000  S+    9:30AM   0:00.00 grep opendirectoryd

     

    Note how the process number has changed from 8500 to 69300 ?

    (The process 69279 and 69304 is the actual 'grep' process that finds itself.)

     

    It should not effect any other process on the server. So you can always try this.

first Previous Page 4 of 4