I have been testing leopard server and have run into a problem that puzzles me. I hope that somebody can provide some insights on this issue.
Installed 10.5 server, advanced with mobile users and time machine backups. Upgraded mobile accounts from Tiger were less than desirable (sync issues). 10.5 users were fine except that the directory service crashed consistently during home directory syncing.
Did a fresh re-install with upgrade to 10.5.1 before configuration; still the same.
Did even a standard install with standard users only (basic services to make sure that no manual DNS or OD config. caused the problem ) and the Directory Services still go out on me.
This is running on a Xserve G5 dual with 6gig of RAM & 500gb raid1 mirror. That machine ran 10.4 perfectly for the last year plus.
Below are the shortened results form the crash reporter. Any ideas? I was really hoping that I can use leopard server to use iCal server & time machine.
Just re-reading my last post and it may be seen by some as if I've said 'Time Machine does not work'. This is not the case, what I mean is Time Machine should not be used in Advanced mode because it does not work or is not supported. I hope this clears this up.
Our system is the same. Whenever DirectoryService crashes, I have to stop and restart AFP before logins can work again for shares. I am trying my best to trace the causes of the crash, but right now it seems random (I'm sure it's not... SOMETHING must be causing it...)
Network logins so long as the user is mobile and has a local home directory already... if it's a network user and the home directory is on the server on an AFP share, or if it's a mobile user who hasn't logged onto the system before, then the login fails.
I'm considering a rebuild, but from reading other posts, I'm not convinced this will save me grief... if it were my fault somehow, I would assume the issue wouldn't be so widespread.
I'd just like to chime in as yet another person experiencing this exact same problem. Funny thing is that the server was running (mostly) fine for months. We were brave enough to start running Leopard Server soon after 10.5.1 was released. A couple times we had a problem with AFP under high load where AFP would hog all cores and have to be restarted, but this DirectorySErvices problem is new. In the last few days DS has crashed several times requiring us to restart AFP even though existing AFP connections did not seem to have a problem.
I filed a ticket with Apple support. Hopefully I will get something back. In the meantime, if anyone has a workaround to this that doesn't involve disconnecting dozens of users (and thus disrupting classes), please let us know!
BTW, this Leopard server is not the OD master. The master runs on a Tiger server. Not sure if this is significant or not.
I have both flavours (sig abort and segmentation fault)... neither especially a good thing in my books. Server ran great for upon the initial 10.5.0 install, and then started tanking shortly after 10.5.1... but not immediately after the install. Trying to recall whether there was a security patch in there somewhere that might have triggered the issue.
I have solved this issue in our environment. However, unless you understand what is going on below, I would NOT try this in your environment, you can lock yourself out of your server (until reboot).
We had 2-5 crashes an hour until we did the items below.
Our clients are in a 10.0.0.0/8 network. You should edit rule 5 to reflect your environment.
This config assumes you are running afpserver, and opendir with nothing else.
1. Delete the ds_store files on all shares.
2. Use the settings at afp548 to change the thread settings on afpserver set them to no less then 400 threads.
3.REBOOT
4. enable the firewall service and then ON THE CLI, using the ipfw cmd make your firewall config look like:
00005 30 1540 deny ip from 10.0.0.0/8 to any dst-port 22
00006 3 192 deny ip from me to 10.0.0.0/8 dst-port 22
00100 14111387 2461811621 allow ip from any to any dst-port 548
00101 12353329 3288039826 allow ip from any 548 to any
00200 298190 38598581 allow ip from any to any dst-port 389
00201 299127 41143778 allow ip from any 389 to any
00250 20248 1769984 allow ip from any to any dst-port 3659
00250 20104 2290967 allow ip from any 3659 to any
00300 836 330401 allow ip from any to any dst-port 88
00300 885 451814 allow ip from any 88 to any
01000 917973 125115276 allow ip from any to any via lo0
01010 0 0 deny ip from any to 127.0.0.0/8
01020 0 0 deny ip from 224.0.0.0/4 to any in
01030 0 0 deny tcp from any to 224.0.0.0/4 in
12300 244142 101964661 allow tcp from any to any established
12301 145 9280 allow tcp from any to any out
12302 114 6820 allow tcp from any to any dst-port 22
12302 0 0 allow udp from any to any dst-port 22
12303 8904 1152764 allow udp from any to any out keep-state
12304 0 0 allow tcp from any to any dst-port 53 out keep-state
12304 0 0 allow udp from any to any dst-port 53 out keep-state
12305 0 0 allow udp from any to any in frag
12306 2 128 allow tcp from any to any dst-port 311
12307 2 128 allow tcp from any to any dst-port 625
12308 0 0 allow udp from any to any dst-port 626
12309 82 5042 allow icmp from any to any icmptypes 8
12310 85 5294 allow icmp from any to any icmptypes 0
12311 0 0 allow igmp from any to any
65500 5384 439137 deny ip from any to any
65535 210 18402 allow ip from any to any
My server is grinding to a standstill regularly and in frustration I did a complete erase & install and re-built everything from scratch. The only thing which I 'imported' from the old setup was my mail config using mailbfr, as I need to keep the IMAP mailstores etc. Everything else - Users, Groups, etc was all entered from scratch. I setup the server as a standard install for simplicity's sake.
And after all that, I am still getting the server grinding to a halt and the only thing I can see in the server logs is that Directory Service is crashing, similar to described in this thread. Why? Could CMB-Mike248 maybe give a bit more info on what his fix does as I cannot pretend to understand it but I am going mad with frustration because I can't get any work done and neither can my staff because they have no services.
Other clues/information - Mail Service suddenly stops (this has happened 4 times in as many days since the re-install).
AFP continually stops working and you have to stop/start or toggle a setting to get it going again (well documented bug).
How can I have this much trouble with a brand new install?
Mac Mini G4 server, 10.5.1, no other extensions or third party stuff at all, apart from a MySQL installation (latest version). 5 users.
What are the rest of specs for the Mac Mini? How much memory and what type of network connection? You also mention afp & mail in your post, but then say that you are only running Open Directory. Is AFP & mail running on separate server and if so what version of os x are they running? How many users do you currently have on your Open Directory server?
Didn't mean to suggest that the machine is running OD only. It is running OD, DNS, Mail, iCal, iChat, VPN, AFP, Webmail/wiki. It is a very small network of 5 users. I was previously using an 'advanced' setup but only because I had upgraded from a Tiger installation with portable home directories. I decided to scrap those, do an erase & install and run a simple setup in the hope that I could get on with some real work. But oh no. It's even worse than before!
CPU - 1.4GhHz PowerPC G4. Memory - 1 gig. Network - gigabit ethernet, Airport Extreme base station.
Why did you decide to upgrade to 10.5? Not to suggest that you give up but maybe you are better off using 10.4.x. Can you try only using some services? Maybe just Open Directory and AFP?