Peter Bruderer

Q: Home Sync wants to use the Login Keychain

Since the upgrade to 10.9.4 I'm asked to enter the password for the keychain every time I reboot my machine.

 

keychain.png

 

I use portable Home Directory and iCloud keychain sync.

 

So far I have not yet found a solution to bypass this problem.

 

Does anyone else have this problem?

Posted on Jul 3, 2014 11:48 AM

Close

Q: Home Sync wants to use the Login Keychain

  • All replies
  • Helpful answers

first Previous Page 5 of 11 last Next
  • by ndsvfx,

    ndsvfx ndsvfx Dec 2, 2014 7:32 PM in response to miyukiimaizumi
    Level 1 (15 points)
    Dec 2, 2014 7:32 PM in response to miyukiimaizumi

    Have not tried 10.9 clients but the problem is still there with 10.10 clients. Our Server is 10.9.5.

  • by todaly,

    todaly todaly Dec 3, 2014 8:43 PM in response to smillin-it
    Level 1 (0 points)
    Dec 3, 2014 8:43 PM in response to smillin-it

    Hi I have been following this post for over a month now. I have tried everything that seems to have worked for others with no success. I have 136 Mobile accounts (phd's) on iMacs running OSX 10.9.5 and A Primary Server and Replica Server both running OSX 10.9.5 and Server 3.2.2

     

    Even if I unbind the client machine from the server. I still get this message after one or two restarts. So I am fairly sure it is a client side issue with OSX 10.9.5.

     

    Things I have tried:

     

    Unbind OD Server . Delete Client AFP Keychain Logout / Login Rebind OD Server. This works for 1 restart.

    Disable WGM management for the account. Unbind / Login / Logout / Reset WG Manager management. Login / Logout / Restart. No Luck.

     

    Has anyone conquered this issue. Seems like a long time now for Apple to resolve this bug.

     

    I can't migrate to 10.10 as WGM 10.10 does not yet exist and I rely on it to configure mobile account settings. After 26 years of being an Apple evangelist, I am close to reccomending to my clients to move away from Apple as an enterprise solution.

     

    Where are you Apple? Did your dedication to the professional market die with Steve Jobs?

     

    Sorry but to have a bug in the last iteration of a OS build that is ignored and unresolved for months is just unacceptable.

  • by miyukiimaizumi,

    miyukiimaizumi miyukiimaizumi Dec 4, 2014 8:17 PM in response to ndsvfx
    Level 1 (0 points)
    Dec 4, 2014 8:17 PM in response to ndsvfx

    Have not test on 10.10 clients, sorry .

  • by ndsvfx,

    ndsvfx ndsvfx Dec 4, 2014 8:30 PM in response to todaly
    Level 1 (15 points)
    Dec 4, 2014 8:30 PM in response to todaly

    Did you try miyukiimaizumi's method? It might work with your 10.9.5 setup

     

    Unfortunately 10.10 client is much worse than 10.9 since login home sync is broken too, only idle sync and logout sync work which is why I think his method did not work for me.

     

    I agree it is a client issue that has been with us since 10.9.4 is and just getting worse and worse with every update. One thing Apple has always had issues with is Directory services often requiring server rebuilds in the past for simple modifications or OS version updates. Apple needs to finally give OS X some Open Directory love and finally fix it once and for all so it isn't so fragile.

     

    Have you looked at Profile Manager, it will do everything you do with WGM and more?

  • by sofalounge,

    sofalounge sofalounge Dec 17, 2014 12:05 PM in response to ndsvfx
    Level 1 (0 points)
    Dec 17, 2014 12:05 PM in response to ndsvfx

    Did somebody find a solution or get a reply from Apple. We got the same Problem with all of our Macs (8) and it's quit awful.

    Or will 10.10.2 be the solution (has anybody already tried it)?

     

    Hope to get a solution soon.

  • by Dave Razorsek,

    Dave Razorsek Dave Razorsek Dec 17, 2014 12:06 PM in response to ndsvfx
    Level 1 (22 points)
    Apple Watch
    Dec 17, 2014 12:06 PM in response to ndsvfx

    I'd like to try miyukiimaizumi suggestion but I don't have Apple's Remote Desktop application.  I'd rather not have to spend $80 to maybe fix a bug that was created by Apple in the first place.  Can I use the Disk Utility in Recover Mode?

  • by Drew Reece,

    Drew Reece Drew Reece Dec 17, 2014 12:49 PM in response to Dave Razorsek
    Level 5 (7,552 points)
    Notebooks
    Dec 17, 2014 12:49 PM in response to Dave Razorsek

    Dave Razorsek wrote:

    I'd like to try miyukiimaizumi suggestion but I don't have Apple's Remote Desktop application.  I'd rather not have to spend $80 to maybe fix a bug that was created by Apple in the first place.  Can I use the Disk Utility in Recover Mode?

     

    Are you referring to the command…

    'diskutil repairpermissions /'

    …that is run via Apple Remote Desktop?

     

    Repair permissions can be done on the running OS but you can do it in recovery mode if you want to reboot & manually do it.

     

    It may be simpler to create a script since this is just a unix command, paste this into a text file, save it as 'repair-disk.command' (that suffix makes it run when double clicked).

     

    repair-disk.command

    #!/bin/sh
    sudo diskutil repairPermissions /
    exit 0
    

     

    Make it executable (do this once in Terminal, use the full path to the file - drag & drop will autofill the path).

    chmod +x  /your-path-here/repair-disk.command
    

     

    Double click that icon on any Mac & it will open Terminal & prompt for the admin password & then repair the disk permissions. A USB stick makes it easy to move around a room of Macs (assuming this all fixes the issue).

  • by ndsvfx,

    ndsvfx ndsvfx Dec 17, 2014 1:12 PM in response to Drew Reece
    Level 1 (15 points)
    Dec 17, 2014 1:12 PM in response to Drew Reece

    No 10.10.2 does not fix anything. Does not fix Home Sync not working at login and it doesn't fix the keychain issue. I have submitted numerous updates and notes on my bug report and Apple keeps on closing them saying it is a duplicate. So they know the issue but that have not fixed it since it started after 10.9.4 was released.

  • by kginger_consulting,

    kginger_consulting kginger_consulting Jan 5, 2015 8:48 PM in response to ndsvfx
    Level 1 (0 points)
    Jan 5, 2015 8:48 PM in response to ndsvfx

    I too am battling this problem, tried to resolve for hours today on 10.10.1 clients and Server.app 4. I have simply told my users "its a bug" and to just enter their password. I am one more step towards looking at Microsoft server solutions (gasp!).

  • by akhensetukh,

    akhensetukh akhensetukh Jan 23, 2015 8:20 AM in response to Peter Bruderer
    Level 1 (0 points)
    Jan 23, 2015 8:20 AM in response to Peter Bruderer

    Ran into this issue on a 10.10.1 client bound to an Active Directory domain. Solution was to unbind the client. Make sure the computer object was deleted from Active Directory. Delete the network accounts from the client. Reboot the client, and re-bind to the domain. Logging in with network accounts no longer threw the keychain prompt.

     

    Interestingly, this issue didn't arise until after running the Migration Assistant to migrate the Applications and "Other Files" from a whole disk DMG image (no user profiles were migrated).

  • by Roger Angus,

    Roger Angus Roger Angus Jan 24, 2015 12:40 PM in response to akhensetukh
    Level 1 (10 points)
    Jan 24, 2015 12:40 PM in response to akhensetukh

    I can confirm that deleting ~/library/preferences/com.apple.homeSync.plist will both prevent HomeSync from working and also prevent this popup from appearing after a reboot.

     

    If Apple can't be bothered to fix this issue, it seems preferential to disable to whole thing for now.

  • by sdf_iain,

    sdf_iain sdf_iain Jan 26, 2015 7:46 AM in response to Peter Bruderer
    Level 1 (8 points)
    Mac OS X
    Jan 26, 2015 7:46 AM in response to Peter Bruderer

    This seems like a permission issue more than anything else.  If it's occurring on an account that's in the usual place (/Users) you can use the process here to correct the permissions.  Otherwise, my best guess at the correct permissions is to run the following commands as another user (having an open keychain seems to prevent this from fixing things):

    chmod -R -N <path to home directory that needs fixing>

    chflags -R nouchg,nouappnd <path to home directory that needs fixing>

    chown -R <username>:staff <path to home directory that needs fixing>

    chmod -R u+rwX <path to home directory that needs fixing>

     

    The first line removes the ACLs from all of the files in the specified folder, the second line adds appropriate ACLs, the third fixes ownership, and the fourth makes it so the owner can read and write (and execute if necessary) all of their files.

     

    Additionally if you delete Library/Preferences/com.apple.homeSync.plist then go back to the Users and Groups Preference Pane you can recreate your preference file and the issue (at least for me) does not come back.

     

    There is one caveat.  I'm using my network account locally so I'm not syncing my home directory (although it is on an external RAID).  Te above procedure should fix the issue, but there is a chance that it may not.

  • by cmartens,

    cmartens cmartens Jan 28, 2015 10:19 AM in response to smillin-it
    Level 1 (0 points)
    Jan 28, 2015 10:19 AM in response to smillin-it

    Has anyone seen a resolve for this besides switching to another syncing app service ? I have been dealing with mobile syncing for years. NO resolve from Apple support or countless man hours trouble shooting and such.

  • by cmartens,

    cmartens cmartens Jan 28, 2015 10:22 AM in response to Roger Angus
    Level 1 (0 points)
    Jan 28, 2015 10:22 AM in response to Roger Angus

    I am about to try that to see if that resolves the issue.

    I have tried recreating the user on the client machine to a new folder sync on the server with no resolve.

    Any ideas since this post if this is resolved.

  • by jpparallel,

    jpparallel jpparallel Feb 2, 2015 2:07 AM in response to cmartens
    Level 1 (4 points)
    Feb 2, 2015 2:07 AM in response to cmartens

    Just an observation after having issues with this as well that appears to have resolved the issue (I may be speaking too soon, but it has survived a couple of reboots without the issue now, so I am hopeful).

     

    The Main account folder on the Server was not owned by the individual user. For example, for the user johnsmith, the following folder was not owned by johnsmith:

     

    /Users/johnsmith

     

    Correcting this on the Server by command click > Get Info, unlocking permissions, selecting the user in question, then clicking the settings cog followed by Make <username> the owner seems to have resolved the issue.

     

    As to how it got to that state is another matter, but at least I don't have to type my password twice now when logging in!

     

    I hope this helps others, because I know how annoying it was.

first Previous Page 5 of 11 last Next