-
All replies
-
Helpful answers
-
Dec 2, 2014 7:32 PM in response to miyukiimaizumiby ndsvfx,Have not tried 10.9 clients but the problem is still there with 10.10 clients. Our Server is 10.9.5.
-
Dec 3, 2014 8:43 PM in response to smillin-itby todaly,Hi I have been following this post for over a month now. I have tried everything that seems to have worked for others with no success. I have 136 Mobile accounts (phd's) on iMacs running OSX 10.9.5 and A Primary Server and Replica Server both running OSX 10.9.5 and Server 3.2.2
Even if I unbind the client machine from the server. I still get this message after one or two restarts. So I am fairly sure it is a client side issue with OSX 10.9.5.
Things I have tried:
Unbind OD Server . Delete Client AFP Keychain Logout / Login Rebind OD Server. This works for 1 restart.
Disable WGM management for the account. Unbind / Login / Logout / Reset WG Manager management. Login / Logout / Restart. No Luck.
Has anyone conquered this issue. Seems like a long time now for Apple to resolve this bug.
I can't migrate to 10.10 as WGM 10.10 does not yet exist and I rely on it to configure mobile account settings. After 26 years of being an Apple evangelist, I am close to reccomending to my clients to move away from Apple as an enterprise solution.
Where are you Apple? Did your dedication to the professional market die with Steve Jobs?
Sorry but to have a bug in the last iteration of a OS build that is ignored and unresolved for months is just unacceptable.
-
Dec 4, 2014 8:17 PM in response to ndsvfxby miyukiimaizumi,Have not test on 10.10 clients, sorry .
-
Dec 4, 2014 8:30 PM in response to todalyby ndsvfx,Did you try miyukiimaizumi's method? It might work with your 10.9.5 setup
Unfortunately 10.10 client is much worse than 10.9 since login home sync is broken too, only idle sync and logout sync work which is why I think his method did not work for me.
I agree it is a client issue that has been with us since 10.9.4 is and just getting worse and worse with every update. One thing Apple has always had issues with is Directory services often requiring server rebuilds in the past for simple modifications or OS version updates. Apple needs to finally give OS X some Open Directory love and finally fix it once and for all so it isn't so fragile.
Have you looked at Profile Manager, it will do everything you do with WGM and more?
-
Dec 17, 2014 12:05 PM in response to ndsvfxby sofalounge,Did somebody find a solution or get a reply from Apple. We got the same Problem with all of our Macs (8) and it's quit awful.
Or will 10.10.2 be the solution (has anybody already tried it)?
Hope to get a solution soon.
-
Dec 17, 2014 12:06 PM in response to ndsvfxby Dave Razorsek,I'd like to try miyukiimaizumi suggestion but I don't have Apple's Remote Desktop application. I'd rather not have to spend $80 to maybe fix a bug that was created by Apple in the first place. Can I use the Disk Utility in Recover Mode?
-
Dec 17, 2014 12:49 PM in response to Dave Razorsekby Drew Reece,Dave Razorsek wrote:
I'd like to try miyukiimaizumi suggestion but I don't have Apple's Remote Desktop application. I'd rather not have to spend $80 to maybe fix a bug that was created by Apple in the first place. Can I use the Disk Utility in Recover Mode?
Are you referring to the command…
'diskutil repairpermissions /'
…that is run via Apple Remote Desktop?
Repair permissions can be done on the running OS but you can do it in recovery mode if you want to reboot & manually do it.
It may be simpler to create a script since this is just a unix command, paste this into a text file, save it as 'repair-disk.command' (that suffix makes it run when double clicked).
repair-disk.command
#!/bin/sh sudo diskutil repairPermissions / exit 0
Make it executable (do this once in Terminal, use the full path to the file - drag & drop will autofill the path).
chmod +x /your-path-here/repair-disk.command
Double click that icon on any Mac & it will open Terminal & prompt for the admin password & then repair the disk permissions. A USB stick makes it easy to move around a room of Macs (assuming this all fixes the issue).
-
Dec 17, 2014 1:12 PM in response to Drew Reeceby ndsvfx,No 10.10.2 does not fix anything. Does not fix Home Sync not working at login and it doesn't fix the keychain issue. I have submitted numerous updates and notes on my bug report and Apple keeps on closing them saying it is a duplicate. So they know the issue but that have not fixed it since it started after 10.9.4 was released.
-
Jan 5, 2015 8:48 PM in response to ndsvfxby kginger_consulting,I too am battling this problem, tried to resolve for hours today on 10.10.1 clients and Server.app 4. I have simply told my users "its a bug" and to just enter their password. I am one more step towards looking at Microsoft server solutions (gasp!).
-
Jan 23, 2015 8:20 AM in response to Peter Brudererby akhensetukh,Ran into this issue on a 10.10.1 client bound to an Active Directory domain. Solution was to unbind the client. Make sure the computer object was deleted from Active Directory. Delete the network accounts from the client. Reboot the client, and re-bind to the domain. Logging in with network accounts no longer threw the keychain prompt.
Interestingly, this issue didn't arise until after running the Migration Assistant to migrate the Applications and "Other Files" from a whole disk DMG image (no user profiles were migrated).
-
Jan 24, 2015 12:40 PM in response to akhensetukhby Roger Angus,I can confirm that deleting ~/library/preferences/com.apple.homeSync.plist will both prevent HomeSync from working and also prevent this popup from appearing after a reboot.
If Apple can't be bothered to fix this issue, it seems preferential to disable to whole thing for now.
-
Jan 26, 2015 7:46 AM in response to Peter Brudererby sdf_iain,This seems like a permission issue more than anything else. If it's occurring on an account that's in the usual place (/Users) you can use the process here to correct the permissions. Otherwise, my best guess at the correct permissions is to run the following commands as another user (having an open keychain seems to prevent this from fixing things):
chmod -R -N <path to home directory that needs fixing>
chflags -R nouchg,nouappnd <path to home directory that needs fixing>
chown -R <username>:staff <path to home directory that needs fixing>
chmod -R u+rwX <path to home directory that needs fixing>
The first line removes the ACLs from all of the files in the specified folder, the second line adds appropriate ACLs, the third fixes ownership, and the fourth makes it so the owner can read and write (and execute if necessary) all of their files.
Additionally if you delete Library/Preferences/com.apple.homeSync.plist then go back to the Users and Groups Preference Pane you can recreate your preference file and the issue (at least for me) does not come back.
There is one caveat. I'm using my network account locally so I'm not syncing my home directory (although it is on an external RAID). Te above procedure should fix the issue, but there is a chance that it may not.
-
Jan 28, 2015 10:19 AM in response to smillin-itby cmartens,Has anyone seen a resolve for this besides switching to another syncing app service ? I have been dealing with mobile syncing for years. NO resolve from Apple support or countless man hours trouble shooting and such.
-
Jan 28, 2015 10:22 AM in response to Roger Angusby cmartens,I am about to try that to see if that resolves the issue.
I have tried recreating the user on the client machine to a new folder sync on the server with no resolve.
Any ideas since this post if this is resolved.
-
Feb 2, 2015 2:07 AM in response to cmartensby jpparallel,Just an observation after having issues with this as well that appears to have resolved the issue (I may be speaking too soon, but it has survived a couple of reboots without the issue now, so I am hopeful).
The Main account folder on the Server was not owned by the individual user. For example, for the user johnsmith, the following folder was not owned by johnsmith:
/Users/johnsmith
Correcting this on the Server by command click > Get Info, unlocking permissions, selecting the user in question, then clicking the settings cog followed by Make <username> the owner seems to have resolved the issue.
As to how it got to that state is another matter, but at least I don't have to type my password twice now when logging in!
I hope this helps others, because I know how annoying it was.
