Q: Network users won't log in

First, you need to know about this potential problem:

OS X Server: Don't log in to the server with a network user's account - Apple Support

.

Ok, try this:

From a Workstation Mac, run Network Utility.app (if not found in /Applications/Utilities look for it in /System/Library/CoreServices/Applications )

using the Lookup pane, enter YOUR fully-qualified server.mydomain.com name.

It should look up to a local IP address.

enter the local IP Address. it should look up to the fully-qualified 3-part domain-name

using xxxxx.local as the bona-fide name of your server will cause you no end of grief, because that ending is now more strongly reserved for Bonjour.

The DNS for each Workstation's Network connection must reference the local DNS FIRST, so that you are sure that those references continue to resolve correctly.

The Server must be bound to itself ONLY with a numeric 127.0.0.1 IP address, and must also have a green light in Login Options pane of Users & Groups.

"Network login unavailable"

not a problem as long as it goes away promptly after login.

When Binding each workstation in Users & groups -- In Directory Utility, I seem to get better results on each workstation by specifying "OD Server" and the explicit fields, but it should still work with "From Server" and the defaults.

I have the same issue. Somehow it seemed to be linked to the place of the home folders. I found that network user home folders shouldn't be in the "users" folder on the server, but in a separate root folder/share on the server disk. Home folders on another internal drive didn't work (I have a mac mini server with two drives).

Hope this helps you, although it should be possible to put home folders anywhere.

Ruud

I can't understand why it won't accept network users.

You can no longer use .private or .local as your fully-qualified domain name. It messes a lot of things up.

I have a Share Point for Local network users that is NOT on the boot Drive. I keep them on a Mirrored RAID pair that is backed up with Time Machine.

It works fine in the latest Server and always has as far back as 10.3 Leopard Server. (except Time Machine support is more recent).

It may be that for Sharing-only users (with no Server-based Home folder) your Share points need to be NOT on a Share Point marked with:

[√] Make available for Home Directories over: _{AFP, SMB }____

I don't understand it either. It should be possible according to the specs. I have called Apple support, but they couldn't give me an answer yet. By the way: what do you mean by .local and .private are no longer valid? The server comes up with these names. What should I use instead?

Ruud

The Sharing Control panel says you can connect to your computer_name by adding .local to it (because Bonjour treats it that way).

But that is Not a valid three part domain-name like server.example.com, and you should not be entering anything with .private or .local into your DNS. It WILL screw things up.

I don't have experience with PM. It is difficult enough to do the straighforward things and get a stable situation. I might have misinterpreted your issue, so my comment may not be valid. For me it didn't work when I put the homefolders in a share on a drive that was not the drive with system on it. It worked only with a root share on the drive with the system folders on it.

Hi Grant,

This is interesting. Do you refer to the input in the DNS service on the server? What would you recommend as valid? Actually I'm thinking of shutting down the DNS service and only use the IP address for the local network. I have some clients connecting with that and it seems to work, although I still have issues and the DNS service is on.

Ruud