Connection failed to the directory server. (2100)

Same issue here. Lion Server upgraded from Snow Leopard Server. Lion laptop upgraded from SL. Open Directory is working according to the server (and it can see itself). Get that error from the client every time I attempt to join the network. Tried SSL and unsecured. Never prompted for SSL cert. I wonder if anyone else has a similar issue.

FWIW, I was able to get my clients to connect to the server. There is still an issue with SSL (but this now appears to be acknowledged by Apple: http://support.apple.com/kb/TS3958). In the case of my server, I had used the hostname syntax of .local -- specifically: servername.networkname.local Upon changing the FQDN to servername.networkname.private, I am now able to connect clients. I'm not sure if this was a bug, or by design. I have much more experience with Microsoft servers, so this is all new to me.

I have the same issue, but I've been able to do an authenticated bind directly from the commandline. Replace SERVER with your server's fully qualified name and your CLIENT with your client's shortname:

client:~ localadmin$ /usr/sbin/dsconfigldap -f -v -e -a SERVER -u diradmin -c CLIENT -l localadmin

dsconfigldap verbose mode

Options selected by user:

Force authenticated (un)binding option selected

Add server option selected

Server name provided as <server>

Computer ID provided as <client>

Network username provided as <diradmin>

Local username provided as <localadmin>

Adding new node to search policies

Enforce packet encryption policy if server supports it.

Please enter network user password:

Please enter local user password:

Certificates are available for this server.

Would you like to add them to system keychain automatically (y/n)? y

Done. It bound and my accounts are active.

Good luck

I tried this but it still came up with the same error. Frustrating!

Anyone got any other suggestions?

Thanks

Hi,

I'm having this problem also very very annoying. Not using SSL server and client running 10.7.2

Any clues getting rather desperate.

Cheers!

I'm looking for this answer too. I have upgraded to 10.7.2 on server and client and get the same error. I am guessing that it might be a port that has to be open, but I've tried opening 636 without any success. What m I missing?

Just another person who has the same problem. I am using a .local domain and am unable to bind a Lion client to a SL server. I've tried the CLI and the GUI with and w/o Authenticated bind on. I've also tried the solution apple provided here:

http://support.apple.com/kb/TS3861

No luck with any. Just curious if anyone resolved this issue.

The good news I that I've gotten it to work but the bad news is that we had to install a new server and domain! Our old domain ended .local which was causing increasing levels of havoc. A new domain has fixed a multitude of issues.

I think I just cried a little bit...

I don't have the option to change from a .local domain because it's "best practices" for the AD which is what we are bound to.

I've thought about changing the entire domain over to something else but it's just not feasable at this point...and the more time that passes the less feasable it becomes.

Thanks for the response. Crossing my fingers someone comes up with a fix for .local. STUPID BONJOUR!

I've been doing some more checking and am still completely confused. If anyone has ANY suggestions I'm open and willing to try. Here is some output from opendirectoryd.log.

2011-12-15 11:52:14.031 CST - 136.1366 - ODNodeCreateWithName request, SessionID: 00000000-0000-0000-0000-000000000000, Name: /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:14.031 CST - 136.1366 - loading configuration for '/LDAPv3/ldap://my.domain.local' from '/System/Library/OpenDirectory/DynamicNodeTemplates//LDAPv3.plist'

2011-12-15 11:52:14.043 CST - 136.1366 - Using dynamic node for lookup of '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:14.043 CST - Module: AppleODClient - creating moduleconfig context for node /LDAPv3/ldap://my.domain.local using PasswordServer auth functions

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local - nodestate - issuing check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local - nodestate - starting check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - trying preferred server 'my.domain.local' first

2011-12-15 11:52:14.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:17.007 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - added socket 13 for host 'my.domain.local' address '10.0.0.40' to kqueue list

2011-12-15 11:52:17.007 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - verified connectivity to '10.0.0.40' with socket 13

2011-12-15 11:52:17.007 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - preferred server responded - 'my.domain.local'

2011-12-15 11:52:17.011 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:17.011 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - created OD LDAP connection context 0x10d9a5800, LDAP url = 'ldap://my.domain.local:389/??base'

2011-12-15 11:52:17.011 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet encryption is disabled

2011-12-15 11:52:17.011 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet signing is disabled

2011-12-15 11:52:17.043 CST - 136.1367 - ODNodeCreateWithName request, SessionID: 00000000-0000-0000-0000-000000000000, Name: /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:17.044 CST - 136.1367 - loading configuration for '/LDAPv3/ldap://my.domain.local' from '/System/Library/OpenDirectory/DynamicNodeTemplates//LDAPv3.plist'

2011-12-15 11:52:17.054 CST - 136.1367 - Using dynamic node for lookup of '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local - nodestate - issuing check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local - nodestate - starting check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:17.054 CST - Module: AppleODClient - creating moduleconfig context for node /LDAPv3/ldap://my.domain.local using PasswordServer auth functions

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - trying preferred server 'my.domain.local' first

2011-12-15 11:52:17.054 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:22.039 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - successfully opened connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:22.040 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - no locales defined in OD

2011-12-15 11:52:22.040 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - searching for server mappings in searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:22.042 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - retrieved server mappings from searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:22.056 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - added socket 13 for host 'my.domain.local' address '10.0.0.40' to kqueue list

2011-12-15 11:52:22.057 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting new server-based mappings

2011-12-15 11:52:22.057 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - verified connectivity to '10.0.0.40' with socket 13

2011-12-15 11:52:22.057 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - preferred server responded - 'my.domain.local'

2011-12-15 11:52:22.059 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - hostname not found in system config, using localhost

2011-12-15 11:52:22.059 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-only) to server list

2011-12-15 11:52:22.059 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-write) to server list

2011-12-15 11:52:22.059 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - OD replica discovery found 2 replicas

2011-12-15 11:52:22.059 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - closing connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:22.061 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:22.061 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - created OD LDAP connection context 0x7f98115a0b50, LDAP url = 'ldap://my.domain.local:389/??base'

2011-12-15 11:52:22.062 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet encryption is disabled

2011-12-15 11:52:22.062 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet signing is disabled

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - nodestate - check was in progress '/LDAPv3/ldap://my.domain.local' - timed out after 10 seconds

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - an error of 2100 occurred - Connection failed to node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Submitting to response pipeline

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - executing response pipeline - 0x7f98128385a0

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - ODNodeCreateWithName failed with error 'Connection failed' (2100)

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - excessive time for request - 10.013 seconds

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Removing from global request list

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Signaling semaphores for more work

2011-12-15 11:52:24.044 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Finalizing response object 0x7f98128385a0, request is complete

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - nodestate - check was in progress '/LDAPv3/ldap://my.domain.local' - timed out after 10 seconds

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - an error of 2100 occurred - Connection failed to node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Submitting to response pipeline

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - executing response pipeline - 0x7f981158af40

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - ODNodeCreateWithName failed with error 'Connection failed' (2100)

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - excessive time for request - 10.012 seconds

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Removing from global request list

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Signaling semaphores for more work

2011-12-15 11:52:27.055 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Finalizing response object 0x7f981158af40, request is complete

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting 1 primary servers for 'AB0A6AAB-D0AF-49A1-A531-E89397D6E45F' in nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped previous server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying primary replica tables

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:27.062 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 12 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:27.063 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 12

2011-12-15 11:52:27.064 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - successfully opened connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:27.065 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - no locales defined in OD

2011-12-15 11:52:27.065 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - searching for server mappings in searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:27.067 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - retrieved server mappings from searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:27.068 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:27.075 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - read 125 schema objects from server

2011-12-15 11:52:27.075 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery - did not find altServer values in rootDSE

2011-12-15 11:52:27.075 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery finished for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.075 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - tracking connection '/LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9'

2011-12-15 11:52:27.083 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting new server-based mappings

2011-12-15 11:52:27.085 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - hostname not found in system config, using localhost

2011-12-15 11:52:27.085 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - initiating reconnect for '/LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9'

2011-12-15 11:52:27.085 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:27.085 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:27.085 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying previous server '10.0.0.40' first (5 second timeout)

2011-12-15 11:52:27.085 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:27.086 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 13 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:27.086 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 13

2011-12-15 11:52:27.086 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - previous server responded - '10.0.0.40'

2011-12-15 11:52:27.086 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-only) to server list

2011-12-15 11:52:27.086 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-write) to server list

2011-12-15 11:52:27.086 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - OD replica discovery found 2 replicas

2011-12-15 11:52:27.086 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - closing connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:27.088 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - packet encryption is allowed

2011-12-15 11:52:27.088 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connected to 'ldap://10.0.0.40'

2011-12-15 11:52:27.088 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local - nodestate - flagging '/LDAPv3/ldap://my.domain.local' online

2011-12-15 11:52:27.095 CST - _odconnection_start_reachability: replacing old socket -1 with 12 for connection /LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9

2011-12-15 11:52:27.096 CST - Trigger - notifying opendirectoryd:nodes;online;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:27.096 CST - 136.1366, Node: /LDAPv3/ldap://my.domain.local - nodestate - finished check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.100 CST - Trigger - notifying opendirectoryd:nodes;deleted;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:27.100 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.100 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9

2011-12-15 11:52:27.100 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9

2011-12-15 11:52:27.100 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.100 CST - Module: AppleODClient - destroying moduleconfig context for node /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:27.100 CST - __odconnection_disconnect_block_invoke_1: disconnected socket 12 in connection /LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9

2011-12-15 11:52:27.100 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.100 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:27.100 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9

2011-12-15 11:52:27.101 CST - reaping connection '/LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9'

2011-12-15 11:52:27.103 CST - Finalizing connection object '/LDAPv3/ldap://my.domain.local:ldap:B10B0E12-498A-4A71-BE3F-406F92AA54C9' - 7f98115794d0

2011-12-15 11:52:27.106 CST - Finalizing nodeconfig object '/LDAPv3/ldap://my.domain.local' - 0x7f98115711a0

2011-12-15 11:52:29.057 CST - 136.1405 - ODNodeCreateWithName request, SessionID: 00000000-0000-0000-0000-000000000000, Name: /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:29.059 CST - 136.1405 - loading configuration for '/LDAPv3/ldap://my.domain.local' from '/System/Library/OpenDirectory/DynamicNodeTemplates//LDAPv3.plist'

2011-12-15 11:52:29.072 CST - 136.1405 - Using dynamic node for lookup of '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:29.072 CST - Module: AppleODClient - creating moduleconfig context for node /LDAPv3/ldap://my.domain.local using PasswordServer auth functions

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local - nodestate - issuing check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local - nodestate - starting check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - trying preferred server 'my.domain.local' first

2011-12-15 11:52:29.072 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting 1 primary servers for 'AB0A6AAB-D0AF-49A1-A531-E89397D6E45F' in nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped previous server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying primary replica tables

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:32.089 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 14 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:32.090 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 14

2011-12-15 11:52:32.095 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:32.104 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - read 125 schema objects from server

2011-12-15 11:52:32.104 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery - did not find altServer values in rootDSE

2011-12-15 11:52:32.104 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery finished for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - tracking connection '/LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35'

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - initiating reconnect for '/LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35'

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying previous server '10.0.0.40' first (5 second timeout)

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 14 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 14

2011-12-15 11:52:32.105 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - previous server responded - '10.0.0.40'

2011-12-15 11:52:32.106 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - packet encryption is allowed

2011-12-15 11:52:32.106 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connected to 'ldap://10.0.0.40'

2011-12-15 11:52:32.107 CST - _odconnection_start_reachability: replacing old socket -1 with 11 for connection /LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35

2011-12-15 11:52:32.107 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local - nodestate - flagging '/LDAPv3/ldap://my.domain.local' online

2011-12-15 11:52:32.110 CST - Trigger - notifying opendirectoryd:nodes;online;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:32.110 CST - 136.1367, Node: /LDAPv3/ldap://my.domain.local - nodestate - finished check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.112 CST - Trigger - notifying opendirectoryd:nodes;deleted;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:32.112 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.112 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35

2011-12-15 11:52:32.112 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35

2011-12-15 11:52:32.112 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.112 CST - Module: AppleODClient - destroying moduleconfig context for node /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:32.112 CST - __odconnection_disconnect_block_invoke_1: disconnected socket 11 in connection /LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35

2011-12-15 11:52:32.112 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.112 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:32.112 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35

2011-12-15 11:52:32.113 CST - reaping connection '/LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35'

2011-12-15 11:52:32.114 CST - Finalizing connection object '/LDAPv3/ldap://my.domain.local:ldap:1E8DB55C-3F70-4CDC-B5AE-C74530F9DF35' - 7f9811547960

2011-12-15 11:52:32.118 CST - Finalizing nodeconfig object '/LDAPv3/ldap://my.domain.local' - 0x10d9b8530

2011-12-15 11:52:34.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - added socket 11 for host 'my.domain.local' address '10.0.0.40' to kqueue list

2011-12-15 11:52:34.075 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - verified connectivity to '10.0.0.40' with socket 11

2011-12-15 11:52:34.075 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - preferred server responded - 'my.domain.local'

2011-12-15 11:52:34.079 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:34.079 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - created OD LDAP connection context 0x10d9c0350, LDAP url = 'ldap://my.domain.local:389/??base'

2011-12-15 11:52:34.079 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet encryption is disabled

2011-12-15 11:52:34.079 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - packet signing is disabled

2011-12-15 11:52:39.073 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - nodestate - check was in progress '/LDAPv3/ldap://my.domain.local' - timed out after 10 seconds

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - an error of 2100 occurred - Connection failed to node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Submitting to response pipeline

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - executing response pipeline - 0x7f981153dc50

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - ODNodeCreateWithName failed with error 'Connection failed' (2100)

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - excessive time for request - 10.017 seconds

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Removing from global request list

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Signaling semaphores for more work

2011-12-15 11:52:39.074 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - Finalizing response object 0x7f981153dc50, request is complete

2011-12-15 11:52:39.083 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - successfully opened connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:39.084 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - no locales defined in OD

2011-12-15 11:52:39.084 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - searching for server mappings in searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:39.086 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - retrieved server mappings from searchbase <dc=sonny,dc=mcnallysmith,dc=local>

2011-12-15 11:52:39.101 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting new server-based mappings

2011-12-15 11:52:39.103 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - hostname not found in system config, using localhost

2011-12-15 11:52:39.104 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-only) to server list

2011-12-15 11:52:39.104 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - adding 10.0.0.40:389 (read-write) to server list

2011-12-15 11:52:39.104 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - service discovery - OD replica discovery found 2 replicas

2011-12-15 11:52:39.104 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - closing connection to OD LDAP server at ldap://my.domain.local:389/??base

2011-12-15 11:52:44.105 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: AppleODClient - setting 1 primary servers for 'AB0A6AAB-D0AF-49A1-A531-E89397D6E45F' in nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - issuing service discovery for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped previous server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying primary replica tables

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:44.106 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 12 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:44.107 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 12

2011-12-15 11:52:44.111 CST - Trigger - notifying opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:44.121 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - read 125 schema objects from server

2011-12-15 11:52:44.121 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery - did not find altServer values in rootDSE

2011-12-15 11:52:44.121 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - service discovery finished for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - tracking connection '/LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998'

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - initiating reconnect for '/LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998'

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connection request for /LDAPv3/ldap://my.domain.local with read capabilities

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - skipped preferred server 'my.domain.local' - doesn't meet requirements

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - trying previous server '10.0.0.40' first (5 second timeout)

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - semaphore_wait will wait - searching for responding server

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - added socket 12 for host '10.0.0.40' address '10.0.0.40' to kqueue list

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - verified connectivity to '10.0.0.40' with socket 12

2011-12-15 11:52:44.122 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - previous server responded - '10.0.0.40'

2011-12-15 11:52:44.123 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - packet encryption is allowed

2011-12-15 11:52:44.123 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local, Module: ldap - connected to 'ldap://10.0.0.40'

2011-12-15 11:52:44.124 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local - nodestate - flagging '/LDAPv3/ldap://my.domain.local' online

2011-12-15 11:52:44.124 CST - _odconnection_start_reachability: replacing old socket -1 with 11 for connection /LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998

2011-12-15 11:52:44.127 CST - Trigger - notifying opendirectoryd:nodes;online;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:44.127 CST - 136.1405, Node: /LDAPv3/ldap://my.domain.local - nodestate - finished check for '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.130 CST - Trigger - notifying opendirectoryd:nodes;deleted;/LDAPv3/ldap://my.domain.local

2011-12-15 11:52:44.130 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.130 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998

2011-12-15 11:52:44.130 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998

2011-12-15 11:52:44.130 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.130 CST - Module: AppleODClient - destroying moduleconfig context for node /LDAPv3/ldap://my.domain.local

2011-12-15 11:52:44.130 CST - __odconnection_disconnect_block_invoke_1: disconnected socket 11 in connection /LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998

2011-12-15 11:52:44.130 CST - clearing moduleconfigs for nodeconfig '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.130 CST - closing all connections for node '/LDAPv3/ldap://my.domain.local'

2011-12-15 11:52:44.130 CST - Disconnecting /LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998

2011-12-15 11:52:44.131 CST - reaping connection '/LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998'

2011-12-15 11:52:44.133 CST - Finalizing connection object '/LDAPv3/ldap://my.domain.local:ldap:5C2C12A7-0956-4D00-A7D9-179787681998' - 7f98129207b0

2011-12-15 11:52:44.136 CST - Finalizing nodeconfig object '/LDAPv3/ldap://my.domain.local' - 0x10d9d0d20

These results are obviously skimmed down to lines with my.domain.local in them. The full debugged log file was incredibly long. If someone is willing to take a look at it I will have no problem posting it 😉

Thanks!

Fixed.

I remembered the old saying "99% of all problems are DNS related" and started playing around with anything and everything DNS related.

I started with IPv6. I setup static addresses on the Master and Slave and made sure everything was set on our DNS servers. Something very similar to the fix Apple came out with for slow login's for machines bound to AD:

http://support.apple.com/kb/TS4041

This however, had zero effect...I didn't have high hopes, but eh...

I added domain.local AND .local to SysPrefs/Network/Advanced/DNS/Seach Domains/

Turned off IPv6

http://hints.macworld.com/article.php?story=20110805100012401

Next I started looking at mDNSResponder which has always caused problems for us .local people. Changing the integer to 0 allowed me to bind...holy wow was this a big win!! Took a minute to dance around the office and then got back to it. Value of 0 didn't seem to allow me to navigate to ANY domain.local addresses. This is obviously a problem if you're using AFP of any kind and in our case we are using Mobile Accounts. Changing the integer to 1 seemed to do the trick. There are a few other articles out there referring to different integers but 1 seemed to be the best for me.

http://www.vuzzlevuzz.org/2011/10/active-directory-login-problems-with.html

(Link above has a bunch of other stuff and he says to change the integer to "2"...do what you will)

Another thing that I tried was completely disabling mDNSResponder Multicasts. EI: disabling bounjoyr advertising. From cruising around the nets, I noticed that disabling this was good for the network itself and also gave some reliability to network logins. However, I have decided that since binding and logging in work on our network w/o disabling this, I am going to keep the default settings until a problem arrises because some of our users use FileSharing and this will disable that function as well as a host of others. None the less, here is the Apple article:

http://support.apple.com/kb/HT3789

I'm going to go back and start fine tuning everything and I will report back with the exact settings that worked for me. However, I'm sure different combinations of these things will work for others.

Got it! (I'm using Lion Server with Lion clients)

What I did was go into Server Admin > Click on my server > Open Directory > Settings > LDAP > uncheck the 'Enable SSL'.

By doing this, it got rid of the 2100 message...

I know its not the best solution, but at least it did something for me.

I hope this helps.

Omniver's solution worked for me, thank you very much. (This is kind of an old thread; I'm using Lion 10.7.2 Server and Client, so the problem hadn't yet been fixed.)

(As Arun noted, this is only necessary if you have SSL enabled for LDAP on your server.)

Updated my laptop from SL to Lion. Our server is a SL. After Lion update I lost server connection. We use the server's Open Directory, File Sharing and iChat.

The solution we've found to re-stablish these services on our network:

1) Turned the server Firewall down

2) Without the Firewall I could connected the laptop on the server xxxx.local (SSL disabled as sugested by Arun)

3) Added my laptop and all other computer's IPs (I had a fixed IPs) to the Firewall exceptions

4) Turned server Firewall up again and my laptop (all other computers with SL) kept connected to the SL server

Important: I'm not using the server to connect to the Internet. The router is providing the outside access and all the other computers and servers are connected to the router.

Maybe my configs and solutions are quite simplistic but I hope it helps!