Members not showing in groups

I have exactly the same issues. Mini server, 10.7.3, OD master, no replicas, and no users showing up under the group membership in Server.app, and I cannot add them to the group in the Server.app either. They are indeed members of the groups, and show up fine in WGM, where they were created and made members of the groups - they inherit all the rights just fine. Anyone want to enlighten me as to why these two apps are pulling info from the same directory and are getting different information? Is this an authentication issue with Server.app, i.e., am I not authed properly to the directory?

Hi Dave, Same Server app problem here on my Xserve 2009 and it happened after about 14 days of working correctly. No users or groups show in the panes other than the two local admin users on the server. The +/- buttons are greyed out also. If you enter some letters for a search in Users/Groups it will actually display the network users containing the letters and eventually it populates the window with network users up to the usual 500+ limit but refresh and they all disappear again.

WGM acts as usual with all my 850 users showing from the OD and Server admin shows all my services running ok. All users can log in and out fortuneately at the moment. This happened initially when I migrated to Lion and I had to use my OD archive demoting and promoting to master to get it to work but I dont want to have to rebuild the whole thing again. Has anyone reported this as a bug to Apple I wonder?

Same issue here on Xserve. Now, I upgraded from SL and have done all my work in WGM, which appears to be fine. But just was looking at Server.app and noticed groups had no members. Things are OK, but sure makes one nervous.

Hi, thanks for replies. I updated my Xserve to 10.7.4 today along with a few client imacs and the Server.app via the App store. I also updated Server Admin/WM. However absolutely no change, just as before, no +/- buttons working or network users appearing as in my previous post:-(.

I did report this to Apple as a bug report and is now official and they actually replied quite quickly. I have sent various directory debug logs they asked for and they seem to think the problem is authenticating with the computer record. Thats as far as it got up to today.

Just another thing i noticed is that WM throws error messages when editing a users details and you have to reauthenticate to get the change to take effect. Like chicster says it makes one nervous if the thing is going to break completely! Tomorrow I am cloning my drive, archiving my OD and demoting my OD to standalone then promoting to master again and using the archive ro restore the OD and settings etc. I will post asap if this works and repopulates and fixes the Server.app accordingly.

Also my netinstall has got problems now booting client macs since Lion even though it shows running ok in SA, however I digress!!

Hi Just a bit of an update. I demoted server then promoted to master as I was planning and reinstalled archive. Result=no change. Just the same as before with Server App not showing users as before. However i was working on the server using a direct monitor today installing a new RAID. After restarting the server the new 30TB RAID mounted perfectly so I proceeded to create a home folder share point using Server app. All seemed ok with the new share point showing in the File Sharing. So I then wanted to change the users home folder location in WM but the new sharepoint on my new RAID did not appear in the "Home" tab as normally happens. The problem now is I cant reset the users home folder sharepoint via WM.

This is where it gets weird!! I happened to remove the network cable from the server and all the users and groups immediately reappeared in the Server app with the +/- buttons working! Taking a chance with the editing now working I then moved and migrated all the old users home folders via Carbon Copy Cloner to retain the correct posix folder permissions to the new sharepoint. I then selected all users in the Users Server app window and changed the home folder location by selecting the new share point for all the users. The result was it only changed 500 of the users home folders to the new share point when I checked in WM!!! How annoying that if you have more than 500 users( Ihave 850) it doesnt change them all and you have no idea which have been changed. I had to manually set each one, 350 in all to the new share point in Server app by doing a search for the non edited home folder location for users shown in WM!!!. What a fiasco this is. Does apple think that anyone with a server could never have more than 500 users??!! I really hope this buggy unreliable admin is fixed soon!

Here's the best bit!! after doing all the changes I replace the network 1GB enet cable and switch the file Sharing back on and all the users are logging in to their newly located home folders but you guessed it, all the users/groups disappeared again in server app!! it seems the link between the Server app and SA and WM is broken or not authenticating for some reason when the network is active.This is a crazy workaround to do a basic server edit. BTW on another issue the Netboot service doesnt work even after recreating new 10.7.4 install images.

Good news! After suffering more and more problems with WM and SA and finally losing authenticating for some reason last week or even being able to create and modify users I decided to build the OD from scratch and not using the OD archive as in previous occasions. I figured the archive had the problems inherent in its make up and it seemed like a revolving door of returning to standalone then master etc etc and this not even fixing anything.I think the directory administrator in the archive was the problem which was replacing/overwriting any new directory administrator at each restore.This archive originally goes back to my Snow Leopard server and I'm sure the original migration corrupted the OD.

Forunately I had saved/exported the users/groups computers and computer groups and all exportable settings recently in WM. So here is what i did. Firstly make the OD standalone then create a new Master of my domain which is pretty quick. I used a different short username lionadmin for the Directory Administrator just so i could see the newly created admin account. After it successfully created I opened WM(leaving the Server app out of the picture) and could log in to the domain and the new directory administrator(lionadmin) ID1000 in place and a brand new directory! Both my DNS( a fully working reverse look up is most important for creating the Master) and DHCP remained in place and had not shown problems before so all was good there

I then imported the (850) users first from my exported back up file which went slowly making sure I checked the "ignore duplicates setting" to stop the old Directory Admin(diradmin) overwriting the new Directory Admin(lionadmin), then the groups, the computer list(300macs) and finally the computer groups. Everything loaded perfectly with all users and groups restored.The only downside is that the passwords are not imported but after selecting all the users apart from Directory admin I set a new password that would be used on initial log in and then prompting the user to create their own etc.

Next open Server app and i had all my network users (500+) and groups back in the panes with +/- buttons and full functionality. I did delete my home folder share points from previous occasions and recreated them which then duly appeared in Workgroup Manager in the "Home" panel. I then pointed all my users at the sharepoint where all their home folders are already.

I turned on File sharing and all users logged in perfectly and making users change their initial passwords. I am so relieved that all the "lost" functions now work across the SA/WM and Server app! I hope this situation is more stable now and it seems to be more solid when editing etc.

I think the moral here is to just rebuild the slow clean way instead of trying fixes and workarounds and I wish I had done it sooner. I hope this helps others as it has me. Also I know know if it all goes wrong again I can get the whole thing back in about an hour even from exported WM files which you can easily update. Also I have now created a brand new OD archive as well so it will retain all the "new" working directory status hopefully.

Just to add something that may not relate to everything covered here, but i did have users not showing up in groups in Server. I have resolved that I think.

The deal was that users were in one group. Meaning they were in "class of 2014" for instance. And that was their PRIMARY group in WGM. Turns out for them to show in Class of 2014 as a member, that needs to be their SECONDARY group, with something like the default Workgroup (GID = 20) as the primary group. When I did that change, they showed up in Server.app.

The real thing that brought this to a head was that once the client hit 10.7.4, group preferences (mobility, etc) no longer flowed to the user from the Primary group. Had to be a secondary group. Users logged in, but as pure network users (even if mobility was set) and with no preferences set.

The solution for me was much simpler and only took about 10 seconds to fix.

Just like the original poster, I had a group in Lion's Server.app (OS X Server 10.7.4) which was no longer listing the users! The group was just empty, and didn't list any of the users... even though all those users could still connect to the group's shared folder via AFP.

The solution was very simple, even though I don't technically understand why any of this was necessary:

1. I downloaded & installed the Server Admin Tools 10.7 from this link:

http://support.apple.com/kb/DL1419?viewlocale=en_US&locale=en_US

2. I launched the Workgroup Manager (located in Macintosh HD>Applications>Server>Workgroup Manager), and then went to the problematic group.

3. When I looked at the problematic group, there was a big button (that wasn't available for the other properly-working groups) that said "Upgrade Legacy Group". Once I clicked on this "Upgrade Legacy Group" button, everything was immediately fixed! My problematic group in Server.app now listed all of its users again.