11 Replies Latest reply: Jun 11, 2010 5:46 PM by Jason Mecham
Jason Mecham Level 1 Level 1 (15 points)
We have a Mac Mini running OS/X Server 10.6 that's mainly used as a WikiServer, and its the sole OS/X server in a predominately Windows environment. The users authenticate through Active Directory to login to the WikiServer.

We now want it to work as a Jabber Chat Server that will serve both Window Clients and iChat Clients

A few months ago I didn't have any issues logging in through iChat, but I had all kinds of issues with Windows Clients and only one client seemed to work. It never seemed like it was working quite right. The Wiki server worked just fine though, and that's all we cared about at the time.

Now nothing I tested is connecting to iChat, and I have no idea when/how it broke completely. The Server log is filled with these messages that are similar to the login problems other people are having, but I'm not sure how it relates to the active directory setup I have. I don't see anything wrong with the DNS functionality, but I'm posting the results of the commonly asked for diagnostics anyways.

These are some of the error messages I'm getting.

May 19 12:02:36 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52014] connect
May 19 12:02:36 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52014] disconnect jid=unbound, packets: 0
May 19 12:02:39 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52020] connect
May 19 12:02:39 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52020] disconnect jid=unbound, packets: 0
May 19 12:02:41 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52027] connect
May 19 12:02:41 wikiserver jabberd/c2s[2396]: [8] [::ffff:192.168.4.2, port=52027] disconnect jid=unbound, packets: 0

Here are the results of the commonly asked dns related diagnostics

wikiserver:~ jmecham$ sudo changeip -checkhostname
Primary address = 192.168.4.2
Current HostName = wikiserver.amgmicro.local
DNS HostName = wikiserver.amgmicro.local
The names match. There is nothing to change.
dirserv:success = "success"

wikiserver:~ jmecham$ sudo serveradmin fullstatus jabber
jabber:domainName = "wikiserver.amgmicro.local"
jabber:hosts:arrayindex:0 = "wikiserver.amgmicro.local"
jabber:mucState = "RUNNING"
jabber:currentConnectionsPort1 = "0"
jabber:state = "RUNNING"
jabber:currentConnectionsPort2 = "0"
jabber:pluginVersion = "10.6.100"
jabber:serviceMode = "ALL"
jabber:logPaths:JABBER_LOG = "/var/log/system.log"
jabber:logPaths:PROXY_LOG = "/private/var/jabberd/log/proxy65.log"
jabber:logPaths:MUCSTDLOG = "/var/jabberd/log/mu-conference.log"
jabber:servicePortsRestrictionInfo = emptyarray
jabber:currentConnections = "0"
jabber:servicePortsAreRestricted = "NO"
jabber:readWriteSettingsVersion = 1
jabber:startedTime = "2010-05-19 11:45:39 -0700"
jabber:proxyState = "RUNNING"
jabber:jabberdState = "RUNNING"
jabber:setStateVersion = 1
wikiserver:~ jmecham$

wikiserver:~ jmecham$ dig -x 192.168.4.2
; <<>> DiG 9.6.0-APPLE-P2 <<>> -x 192.168.4.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4720
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;2.4.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
2.4.168.192.in-addr.arpa. 3600 IN PTR wikiserver.amgmicro.local.
;; Query time: 0 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Wed May 19 12:28:18 2010
;; MSG SIZE rcvd: 81

Mac Mini, Mac OS X (10.6.3)
  • Jason Mecham Level 1 Level 1 (15 points)
    I do get the following error in the system.log

    SSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
  • Jason Mecham Level 1 Level 1 (15 points)
    Here is the system.log from when the ichat service starts

    May 25 12:53:19 wikiserver servermgrd[64]: servermgr_jabber: STARTING UP iChat Server.
    May 25 12:53:19 wikiserver servermgrd[64]: servermgr_jabber[N]: waiting for jabberd to finish startup...
    May 25 12:53:19 wikiserver jabberd/s2s[74844]: starting up (interval=60, queue=60, keepalive=0, idle=86400)
    May 25 12:53:19 wikiserver jabberd/s2s[74844]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:19 wikiserver jabberd/s2s[74844]: [4] [router] write error: Broken pipe (32)
    May 25 12:53:19 wikiserver jabberd/s2s[74844]: connection to router closed
    May 25 12:53:19 wikiserver jabberd/s2s[74844]: attempting reconnect (3 left)
    May 25 12:53:19 wikiserver jabberd/resolver[74849]: starting up
    May 25 12:53:19 wikiserver jabberd/resolver[74849]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:19 wikiserver jabberd/resolver[74849]: [4] [router] write error: Broken pipe (32)
    May 25 12:53:19 wikiserver jabberd/resolver[74849]: connection to router closed
    May 25 12:53:19 wikiserver jabberd/resolver[74849]: attempting reconnect (3 left)
    May 25 12:53:19 wikiserver jabberd/router[74845]: starting up
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: starting up
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: modules search path: /var/jabberd/modules/jabberd2
    May 25 12:53:19 wikiserver jabberd/sm[74846]: starting up
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: initialized auth module 'sqlite'
    May 25 12:53:19 wikiserver jabberd/sm[74846]: id: wikiserver.local
    May 25 12:53:19 wikiserver jabberd/router[74845]: loaded user table (1 users)
    May 25 12:53:19 wikiserver jabberd/router[74845]: couldn't open filter file /etc/jabberd/router-filter.xml: No such file or directory
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: [wikiserver.amgmicro.local] configured; realm=wikiserver.amgmicro.local, registration disabled
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:19 wikiserver jabberd/sm[74846]: initialised storage driver 'sqlite'
    May 25 12:53:19 wikiserver jabberd/sm[74846]: modules search path: /var/jabberd/modules/jabberd2
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-last' added to chain 'sess-end' (order 0 index 0 seq 0)
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=5347] listening for incoming connections
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'validate' added to chain 'in-sess' (order 0 index 1 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'privacy' added to chain 'in-sess' (order 1 index 2 seq 0)
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59605] connect
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'roster' added to chain 'in-sess' (order 2 index 3 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'vacation' added to chain 'in-sess' (order 3 index 4 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-vcard' added to chain 'in-sess' (order 4 index 5 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-ping' added to chain 'in-sess' (order 5 index 6 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-private' added to chain 'in-sess' (order 6 index 7 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco' added to chain 'in-sess' (order 7 index 8 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'amp' added to chain 'in-sess' (order 8 index 9 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'offline' added to chain 'in-sess' (order 9 index 10 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'announce' added to chain 'in-sess' (order 10 index 11 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'presence' added to chain 'in-sess' (order 11 index 12 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'deliver' added to chain 'in-sess' (order 12 index 13 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'session' added to chain 'in-router' (order 0 index 14 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'validate' added to chain 'in-router' (order 1 index 1 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'presence' added to chain 'in-router' (order 2 index 12 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'privacy' added to chain 'in-router' (order 3 index 2 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'privacy' added to chain 'out-router' (order 0 index 2 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-last' added to chain 'pkt-sm' (order 0 index 0 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-ping' added to chain 'pkt-sm' (order 1 index 6 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-time' added to chain 'pkt-sm' (order 2 index 15 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-version' added to chain 'pkt-sm' (order 3 index 16 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'amp' added to chain 'pkt-sm' (order 4 index 9 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco' added to chain 'pkt-sm' (order 5 index 8 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'announce' added to chain 'pkt-sm' (order 6 index 11 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'help' added to chain 'pkt-sm' (order 7 index 17 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'echo' added to chain 'pkt-sm' (order 8 index 18 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'roster' added to chain 'pkt-user' (order 0 index 3 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'presence' added to chain 'pkt-user' (order 1 index 12 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-vcard' added to chain 'pkt-user' (order 2 index 5 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'amp' added to chain 'pkt-user' (order 3 index 9 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'deliver' added to chain 'pkt-user' (order 4 index 13 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'vacation' added to chain 'pkt-user' (order 5 index 4 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'offline' added to chain 'pkt-user' (order 6 index 10 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco-publish' added to chain 'pkt-user' (order 7 index 19 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-last' added to chain 'pkt-user' (order 8 index 0 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'session' added to chain 'pkt-router' (order 0 index 14 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco' added to chain 'pkt-router' (order 1 index 8 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'active' added to chain 'user-load' (order 0 index 20 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'roster' added to chain 'user-load' (order 1 index 3 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'roster-publish' added to chain 'user-load' (order 2 index 21 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'privacy' added to chain 'user-load' (order 3 index 2 seq 3)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco-publish' added to chain 'user-load' (order 4 index 19 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'vacation' added to chain 'user-load' (order 5 index 4 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'active' added to chain 'user-create' (order 0 index 20 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'template-roster' added to chain 'user-create' (order 1 index 22 seq 0)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'active' added to chain 'user-delete' (order 0 index 20 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'announce' added to chain 'user-delete' (order 1 index 11 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'disco-publish' added to chain 'user-delete' (order 2 index 19 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'offline' added to chain 'user-delete' (order 3 index 10 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'privacy' added to chain 'user-delete' (order 4 index 2 seq 4)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'roster' added to chain 'user-delete' (order 5 index 3 seq 3)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'vacation' added to chain 'user-delete' (order 6 index 4 seq 3)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-last' added to chain 'user-delete' (order 7 index 0 seq 3)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-private' added to chain 'user-delete' (order 8 index 7 seq 1)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: module 'iq-vcard' added to chain 'user-delete' (order 9 index 5 seq 2)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: version: jabberd sm 2.1.24.1-326.5
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59605] authenticated as jabberd
    May 25 12:53:19 wikiserver jabberd/sm[74846]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59606] connect
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59606] authenticated as jabberd
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: connection to router established
    May 25 12:53:19 wikiserver jabberd/sm[74846]: connection to router established
    May 25 12:53:19 wikiserver jabberd/router[74845]: [c2s] online (bound to 127.0.0.1, port 59605)
    May 25 12:53:19 wikiserver jabberd/router[74845]: [wikiserver.local] online (bound to 127.0.0.1, port 59606)
    May 25 12:53:19 wikiserver jabberd/sm[74846]: ready for sessions
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: [::, port=5222] listening for connections
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: [::, port=5223] listening for SSL connections
    May 25 12:53:19 wikiserver jabberd/c2s[74847]: ready for connections
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59610] connect
    May 25 12:53:19 wikiserver jabberd/router[74845]: [127.0.0.1, port=59610] authenticated as conference.wikiserver.amgmicro.local
    May 25 12:53:19 wikiserver jabberd/router[74845]: [conference.wikiserver.amgmicro.local] online (bound to 127.0.0.1, port 59610)
    May 25 12:53:19 wikiserver servermgrd[64]: servermgr_jabber[N]: jabberd service startup completed.
    May 25 12:53:20 wikiserver DirectoryService[73222]: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
    May 25 12:53:21 wikiserver org.jabber.proxy65[74851]: /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python/twis ted/persisted/sob.py:12: DeprecationWarning: the md5 module is deprecated; use hashlib instead
    May 25 12:53:21 wikiserver org.jabber.proxy65[74851]: import os, md5, sys
    May 25 12:53:21 wikiserver jabberd/s2s[74844]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59616] connect
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59616] authenticated as jabberd
    May 25 12:53:21 wikiserver jabberd/resolver[74849]: attempting connection to router at 127.0.0.1, port=5347
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59617] connect
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59617] authenticated as jabberd
    May 25 12:53:21 wikiserver jabberd/s2s[74844]: connection to router established
    May 25 12:53:21 wikiserver jabberd/router[74845]: [s2s] set as default route
    May 25 12:53:21 wikiserver jabberd/router[74845]: [s2s] online (bound to 127.0.0.1, port 59616)
    May 25 12:53:21 wikiserver jabberd/s2s[74844]: [::, port=5269] listening for connections
    May 25 12:53:21 wikiserver jabberd/s2s[74844]: ready for connections
    May 25 12:53:21 wikiserver jabberd/resolver[74849]: connection to router established
    May 25 12:53:21 wikiserver jabberd/router[74845]: [resolver] online (bound to 127.0.0.1, port 59617)
    May 25 12:53:21 wikiserver jabberd/resolver[74849]: ready to resolve
    May 25 12:53:21 wikiserver org.jabber.proxy65[74851]: /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python/twis ted/python/filepath.py:12: DeprecationWarning: the sha module is deprecated; use the hashlib module instead
    May 25 12:53:21 wikiserver org.jabber.proxy65[74851]: import sha
    May 25 12:53:21 wikiserver servermgrd[64]: servermgr_info: markrunning_servicesconfigured(): marked running services configured: com.apple.ServerAdmin.Jabber, com.apple.ServerAdmin.Web, com.apple.ServerAdmin.DirectoryServices, com.apple.ServerAdmin.Calendar, com.apple.ServerAdmin.Notification
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59619] connect
    May 25 12:53:21 wikiserver jabberd/router[74845]: [127.0.0.1, port=59619] authenticated as proxy65.wikiserver.amgmicro.local
    May 25 12:53:21 wikiserver jabberd/router[74845]: [proxy65.wikiserver.amgmicro.local] online (bound to 127.0.0.1, port 59619)
    May 25 12:53:24 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59622] connect
    May 25 12:53:24 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59622] disconnect jid=unbound, packets: 0
    May 25 12:53:27 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59625] connect
    May 25 12:53:27 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59625] disconnect jid=unbound, packets: 0
    May 25 12:53:28 wikiserver jabberd/router[74845]: [127.0.0.1, port=59626] connect
    May 25 12:53:28 wikiserver jabberd/router[74845]: [127.0.0.1, port=59626] authenticated as pubsub.wikiserver.amgmicro.local
    May 25 12:53:28 wikiserver jabberd/router[74845]: [pubsub.wikiserver.amgmicro.local] online (bound to 127.0.0.1, port 59626)
    May 25 12:53:29 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59627] connect
    May 25 12:53:29 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59627] disconnect jid=unbound, packets: 0
    May 25 12:53:32 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59631] connect
    May 25 12:53:32 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59631] disconnect jid=unbound, packets: 0
    May 25 12:53:34 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59632] connect
    May 25 12:53:34 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59632] disconnect jid=unbound, packets: 0
    May 25 12:53:37 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59635] connect
    May 25 12:53:37 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59635] disconnect jid=unbound, packets: 0
    May 25 12:53:39 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59643] connect
    May 25 12:53:39 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59643] disconnect jid=unbound, packets: 0
    May 25 12:53:42 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59649] connect
    May 25 12:53:42 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59649] disconnect jid=unbound, packets: 0
    May 25 12:53:45 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59652] connect
    May 25 12:53:45 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59652] disconnect jid=unbound, packets: 0
    May 25 12:53:48 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59653] connect
    May 25 12:53:48 wikiserver jabberd/c2s[74847]: [8] [::ffff:192.168.4.2, port=59653] disconnect jid=unbound, packets: 0

    Message was edited by: Jason Mecham
  • Jason Mecham Level 1 Level 1 (15 points)
    A few months back I did disable CRAM-MD5 authentication, but somehow it got turned back on.

    So I disabled it again, and now I can connect via iChat, Spark, Pandion 2.5 (but, not the latest version of 2.6).

    I think I'm far from having a TRULY working system for the following reasons

    1.) It thinks the Kerberbos realm is WIKISERVER.AMGMICRO.LOCAL, but the domain is AMGMICRO.LOCAL ? What should the realm be?

    2.) In the iChat Host its configured as WIKISERVER.AMGMICRO.LOCAL and so people have to login with their username@wikiserver.amgmicro.local and not their email address.

    3.) I had to add users from Active Directory into my Open Directory to get them to connect via ichat, but for the wikiserver I didn't have to. I think this is normal, but it does concern me. Maybe if I fixed #2 this wouldn't be necessary? I guess I'm a little confused on this one.

    4.) Every attempt to use Kerberos for authentication has failed. Not sure if that can work without #1 being right.
  • Jason Mecham Level 1 Level 1 (15 points)
    In an effort to solve this problem I'm trying to get the so called magic triangle setup, but this effort is hindered by the quality of the documentation.

    I'm using the OpenDirectory_Adminv10.6.pdf as a guide

    One Page 103 it says "Make sure you your active directory server and its DNA service is properly configured and running."

    DNA service? umm, they mean DNS right?

    So instead of a step by step guide they just have me refer to specific sections.

    In step 7 it has me Kerberize services which refers to Page 207

    On page 207 is says to do "sudo disconfigad -enablesso"

    But, there is no disconfigad

    I'm sure they meant dsconfigad

    I still don't see anything about how it get iChat running in a magic triangle setup with Kerberos
  • jinniferb Level 1 Level 1 (145 points)
    Kerberos is so so so touchy.
    Is there a dying necessity for using it to authenticate for ichat? If not, turn your cram-md 5 back on on your server (or under the ichat admin on the server, set the login type to "any" if that's ok with your IT) and turn the 'use kerkeros' option off in the client side ichat preferences.

    That's what we had to do, anyhow, to get ours to work...:/
    YMMV.
  • Tim Harris Level 4 Level 4 (1,460 points)
    1.) It thinks the Kerberbos realm is WIKISERVER.AMGMICRO.LOCAL, but the domain is AMGMICRO.LOCAL ? What should the realm be?


    Realm as WIKISERVER.AMGMICRO.LOCAL is correct. Can you give a bit more info about what you mean when you say domain is AMGMICRO.LOCAL?
  • Jason Mecham Level 1 Level 1 (15 points)
    The internal domain is amgmicro.local, and the domain controller is Windows 2003

    Basically it was like this before I disabled Kerberos on the OS/X Server

    Active Directory domain = amgmicro.local
    Active Directory Kerberos Realm = AMGMICRO.LOCAL
    Open Directory Server Master = wikiserver.amgmicro.local
    Open Directory Kerberos Realm = WIKISERVER.AMGMICRO.LOCAL

    According to the Open Directory Admin pdf that wasn't a good way of having it. So I followed the magic triangle setup.
  • Jason Mecham Level 1 Level 1 (15 points)
    jinniferb wrote:
    Kerberos is so so so touchy.
    Is there a dying necessity for using it to authenticate for ichat? If not, turn your cram-md 5 back on on your server (or under the ichat admin on the server, set the login type to "any" if that's ok with your IT) and turn the 'use kerkeros' option off in the client side ichat preferences.

    That's what we had to do, anyhow, to get ours to work...:/
    YMMV.


    There ins't a dying necessity for it, but in trying to get it to work I was hoping to spot other problems. I was also hoping to get it to a state where the next update doesn't kill it.

    I'm also struggling in getting it to work with the newest version of Pandion. There was a known issue with it in a previous build version of 2.6, but supposedly its been fixed.

    Right now I'm using Pandion 2.5 on Windows and iChat on OS/X.

    Message was edited by: Jason Mecham
  • Tim Harris Level 4 Level 4 (1,460 points)
    OK - understand the issue now. Have you tried [this|http://support.apple.com/kb/HT3812]
  • Jason Mecham Level 1 Level 1 (15 points)
    Thanks.

    I'll try that. It looks like it will solve the problem.
  • Jason Mecham Level 1 Level 1 (15 points)
    Nah, that didn't work. Interally I don't have a disjointed namespace. The domain is just AMGMICRO.LOCAL

    I tested it anyways and adding the AltSecurityIdentities attribute resulted in the following error.

    "The attribute with name "AltSecurityIdentities" is not mapped for the record type "Augments"