Crazy Skull Guy
Level 1 (0 points)

Q: OS X Lion - Can't login as root after disabling then reenabling

Hello,

 

I'm having a problem logging into the root account of my macbook pro running Lion 10.7.1.  I enabled the root account and everything was fine.  I logged into it a few times and made some changes unrelated to passwords etc.  Once I was done I disabled the root account.  I then had to use it again and enabled it.  Now I can't login.  I tried resetting the password using the Directory Utility and terminal but neither work. Directory Utility appears to work but doesn't and no error message is given.  Terminal gives me the following error using the sudo passwd root command:

 

Password:

Changing password for root.

New password:

Retype new password:

passwd: Could not verify credentials because directory server does not support the requested authentication method.

 

 

 

Any help would be greatly appreciated.  I need to get this password reset and Apple support wasn't any help.  Thanks.

MacBook Pro, Mac OS X (10.7.1)

Posted on Sep 1, 2011 7:11 AM

by Crazy Skull Guy,Solvedanswer
Crazy Skull Guy Crazy Skull Guy
Level 1 (0 points)
A:

I figured out a solution to this on my own.  For those of you that might need it do the following:

 

1. Go to System Preferences> Users and Groups

2. Click on "Login Options"

3. Click the lock on the bottom left and login using your administrator login and password (should be who you are currently logged on as....this is not the root or System Administrator credentials)

4. Click the "Join..." button.

5. Click the "Open Directory Utility" button.

6. Click the "Directory Editor" option in the Directory Utility window.

7. Scroll down the left side until you see "System Administrator" and highlight it.

8. On the right, highlight "AuthenticationAuthority" and hit the - (minus) button at the bottom to delete it.

9. Click the "Save" button at the bottom.

10. At the top of the screen on the Directory Utility menu click the "Edit" option and click "Enable Root User".  It will prompt you to enter a new root password again.

 

Once you enable the root user again it will recreate the AuthenticationAuthority entry that you deleted.  Everything should be fixed now and you should be able to login as the root user again.

Posted on Sep 1, 2011 9:47 AM

Close
Crazy Skull Guy

Q: OS X Lion - Can't login as root after disabling then reenabling

  • All replies
  • Helpful answers

Previous Page 2

  • by AppleGenius14,

    AppleGenius14 AppleGenius14 Nov 21, 2011 11:11 PM in response to Crazy Skull Guy
    Level 1 (0 points)
    Nov 21, 2011 11:11 PM in response to Crazy Skull Guy

    Thank you so much!! This was very helpful and saved me from a potential computer catastrophe! Wonderful explination!

  • by vietnt,

    vietnt vietnt Dec 17, 2011 1:40 AM in response to Crazy Skull Guy
    Level 1 (0 points)
    Dec 17, 2011 1:40 AM in response to Crazy Skull Guy

    Thank you!

    It's great

  • by Ahmad Aliff,

    Ahmad Aliff Ahmad Aliff Jan 11, 2012 6:44 PM in response to cekisakurek
    Level 1 (0 points)
    Jan 11, 2012 6:44 PM in response to cekisakurek

    Hi. I have this problem of tryiing to re-create back the root account. It says that attribute status: eDSPermission Error. Can you help me with this?

  • by JMaine,

    JMaine JMaine Jan 12, 2012 2:46 PM in response to Crazy Skull Guy
    Level 1 (5 points)
    Jan 12, 2012 2:46 PM in response to Crazy Skull Guy

    Dude if you're ever in Dallas, TX look me up!! I OWE YOU A BEER! Thats some GREAT knowledge right there. JMaine

  • by Luiginsky,

    Luiginsky Luiginsky Jan 15, 2012 8:14 AM in response to cekisakurek
    Level 1 (0 points)
    Jan 15, 2012 8:14 AM in response to cekisakurek

    Please, tell me if someone solved the problem to "reinstall" the "System Administrator"! Or should I reinstall Lion?

  • by jr smith,

    jr smith jr smith Jan 31, 2012 9:12 AM in response to Luiginsky
    Level 1 (0 points)
    Jan 31, 2012 9:12 AM in response to Luiginsky

    I read too quick too but was able to reinstall the "System Administrator" record by clicking + button at the lower left and renaming "untitled 1" to "System Administrator". I had to add a few missing records within "System Administrator" but after that, I followed the directions correctly and can now login as root.

  • by theories,

    theories theories Jan 31, 2012 10:05 PM in response to jr smith
    Level 1 (0 points)
    Jan 31, 2012 10:05 PM in response to jr smith

    I made the same mistake as many others here and deleted the "System Administrator" record.  I'm trying to add it back with the sign but it still isn't working.  Do you remember which missing fields you had to add to "System Administrator" to get it to work again?

  • by jr smith,

    jr smith jr smith Feb 1, 2012 10:01 AM in response to theories
    Level 1 (0 points)
    Feb 1, 2012 10:01 AM in response to theories

    Here are the fields/attributes I added or changed

     

    NFSHomeDirectory - /var/root

    PrimaryGroupID - 0

    RealName - System Administrator

    RecordName - root

    UniqueID - 0

    UserShell - /bin/sh

  • by shepar38,

    shepar38 shepar38 Feb 1, 2012 1:14 PM in response to theories
    Level 1 (0 points)
    Feb 1, 2012 1:14 PM in response to theories

    Luckily I had backed up my image to an external drive before I clicked the wrong minus, so I just restored from that and verified that the OP's method does work to fix the root account login issue.

     

    But since I am right in front of it here are the values of the original root account if it helps anyone else:

     

    AppleMetaNodeLocation     /Local/Default

    GeneratedUID                    FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000

    NFSHomeDirectory            /var/root

    PrimaryGroupID                 0

    Real Name                        System Administrator

    RecordName                     root

                                            BUILTIN\Local System

    RecordType                      dsRecTypeStandard:Users

    SMBSID                           S-1-5-18

    UniqueID                          0

    UserShell                          /bin/sh

  • by shepar38,

    shepar38 shepar38 Feb 1, 2012 1:27 PM in response to shepar38
    Level 1 (0 points)
    Feb 1, 2012 1:27 PM in response to shepar38

    Apparently within the last hour 10.7.3 update came out. It has fixes for Directory Services, but doesn't list this particular issue. If I end up testing it out later on I'll report back on whether the root login still breaks or not.

     

    10.7.3 details:

    http://support.apple.com/kb/HT5048

  • by theories,

    theories theories Feb 1, 2012 5:47 PM in response to jr smith
    Level 1 (0 points)
    Feb 1, 2012 5:47 PM in response to jr smith

    I finally got it to work!.  This is awesome.

     

    Much thanks to jr smith, shepar38 and of course Crazy Skull Guy.  It took a combination of all three techniques to work my way out of this one.

  • by SP Forsythe,

    SP Forsythe SP Forsythe Feb 3, 2012 9:23 PM in response to theories
    Level 5 (5,399 points)
    Feb 3, 2012 9:23 PM in response to theories

    I too would like to thank the OP for this thread.

     

    I was stumped, and I took my MBA into the San Jose (Cupertino's closest) Genius Bar. All the Techs were stumped, and the lead "Genius" said "we've got corruption here", that I needed to erase and reinstall Lion.

     

    I generally take such statements to mean the lead idiot is out of ideas.

     

    The only thing corrupt was the overestimation of his own knowledge.

     

     

     

    The OP's solution worked fine.

  • by Joe Pyrdek,

    Joe Pyrdek Joe Pyrdek Feb 9, 2012 11:50 AM in response to Crazy Skull Guy
    Level 2 (160 points)
    Mac OS X
    Feb 9, 2012 11:50 AM in response to Crazy Skull Guy

    For some reason, probably because of a posting I put in a similar thread a few weeks ago, I just got this thread in my mailbox.

     

    The thing that worked for me IN 10.7.2 was significantly safer and easier.

     

    Log in with an Admin account

    Open Terminal

    Type in (without quotes) "dsenableroot"

    enter your admin account password

    enter in a password for the Root account.  (it does not have to be the same PW used previously)

    Verify the new Root Password

    exit terminal.

     

    Up to 10.7.2 that enabled Root to be used.  When you are done, go to the Directory Utility / Edit and disable Root.   If you need Root again after it was disabled, you can use the Directory Utility / Edit to re-enable.  The fix survives log off, restart, cold start and even crashes.

     

    I tried the "dsenableroot" in Terminal and it still allowed me to enable root using the process above.  However,

    after 10.7.3 it seems that going the Directory Utility / Edit route requires you to enter a new root password everytime you try to enable root.  If that is the way Apple chose to "fix" the problem, it seems a lot more of a hack than an actual fix.

  • by MindlessPotato,

    MindlessPotato MindlessPotato Jul 21, 2012 9:48 AM in response to Crazy Skull Guy
    Level 1 (0 points)
    Jul 21, 2012 9:48 AM in response to Crazy Skull Guy

    Thank you so much! I don't know how You've come up with this but that's great! But I guess I'll never disable root again.

Previous Page 2