Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: pts
pts Author
User level: Level 1
16 points

Open directory doesn't work

I want to use open directory on my university lab network. The server (10.8) is not in the same room as the clients (also 10.8). Each computer (server and clients) have their own external FQDN's and associated IP addresses. I turned on Open Directory using server.app on my sever. I then go to a client and do: system preferences>users and groups>login options>Network account server: Join>open directory utility. From there I do File>connect. When I type in the FQDN of the server, along with an admin account name and password, I get the following message:


Can't connect to server


Directory Services may not be installed on the remote server, they may be turned off, or the URL may have been entered incorrectly


None of this is true, unless "Directory Services" means something other than Open Directory. So what am I missing here?



Also, I notice that when, on the server, I select Open Directory in server.app, the on-off slide icon slides on as it appears (as it if was off until I selected Open Directory). This behavior doesn't happen with any other service on server.app.


Any ideas?

Posted on Aug 18, 2012 1:20 PM

Reply
35 replies
User profile for user: pts
pts Author
User level: Level 1
16 points

Aug 18, 2012 1:27 PM in response to pts

I should add that all the machines (server and clients) can log in to each other, via vnc, afp, ssh, etc., and they don't have trouble locating websites on the internet, etc. So it isn't that the machines can't somehow see each other. The server Open Directory just isn't responding to clients, even though server.app claims Open Directory is running.

Reply
User profile for user: pts
pts Author
User level: Level 1
16 points

Aug 19, 2012 7:08 PM in response to iToaster

Yes, but none of this is clear in the documentation. Actually, I don't see ANY documentation for ML server, only Lion Server. Perhaps you know of something I don't about this?


Regarding DNS specifically not working in my case, It's awfully annoying that the server.app is so buggy with respect to this. A really useful program wouldn't say DNS was "on" unless it really was on.


Any specific thoughts about what might be going on, such that server.app says DNS is on, but it doesn't respond to any requests for DNS from outside?


Thanks for any suggestions you might have.

Reply
User profile for user: JaimeMagiera
JaimeMagiera
User level: Level 2
314 points

Aug 19, 2012 7:42 PM in response to pts

How do you know it's not on? You've not demonstrated one way or the other. All you've demonstrated is that you think client machines can't connect to either service. You've not done any of the leg work to really know what's going on. I see all sorts of supositions based on cursory, external observations. I'm sorry if this sounds terse, but it's a bit disingenous to blame the tools before you even know the details of what is happening.

Reply
User profile for user: pts
pts Author
User level: Level 1
16 points

Aug 19, 2012 9:30 PM in response to JaimeMagiera

Well, of course, I don't know its not on. That's why I'm here asking questions. What I do know is that it isn't working as the limited documentation I can find (much of it not from apple) suggests it should. Sorry if I sound terse myself, but if Apple is going to release software that is supposed to make it easy to set things like this up, and make advertising claims like:


"OS X Server is perfect for a studio, business, hobbyist, or school. It’s so easy to set up, who needs an IT department?" http://www.apple.com/osx/server/


and:


"Configuring OS X Server is almost as easy as configuring a desktop computer. Simply launch the Server app. An assistant walks you through the initial setup and helps verify network settings and define your administrator account. Next add users and groups and enable the network services you want to deliver to your organization." http://movies.apple.com/media/us/osx/2012/server/docs/OSXServer_Product_Overview .pdf


...then they are going to have to expect frustrations like mine.


Now, back to my problem (assuming you've made it this far): server.app says DNS is on. I've posted various things about what the configuration page on server.app says (not on this post, but my other one specifically about trying to get DNS to work). However, when I set an outside machine (not behind my server's firewall) to use my server (the one that server.app says DNS is running on) for DNS, it hangs and doesn't "work". I'm sure something may be working, but it isn't working as Apple's advertisements (and server.app itself) suggests. So it isn't "disingenious" for me to blame the tools. It literally says its on. It also isn't responding to clients, and there is nothing in the setup that would lead a reasonable person to expect that it shouldn't. Better documentation from Apple would help. Did you say you knew where that might be? I see this: https://help.apple.com/advancedserveradmin/mac/10.7/ but that is for 10.7, not 10.8. This is part of my frustration.


My guess is that OS X Server is not configured to allow outside (not behind the server's own firewall) queries about DNS. This, I'm sorry to say to all you much-more-IT-savy people than I, is not at all obvious to someone like myself, hence my questions here to you all. If there is some configuration file I need to edit, outside of server.app, by all means, tell me about it.


Finally, regarding your comment to check the logs, I will certainly do this when I get time (this isn't what I get paid to do, so I'm working on this while I can). However, I fully expect that I won't know what I'm looking at, or how to interpret it. This is why I've been trying to get some intuitive understanding of what is likely going on first, because staring at log messages tends to be unproductive if you don't really know what you are looking for.


In any case, I do appreciate those who have tried to give me hints about what might be the problem, as I work through all this. I'm sure you can understand the frustration of someone who put faith in Apple's advertising that it would be easy as pie.

Reply
User profile for user: iToaster
iToaster
User level: Level 3
739 points

Aug 20, 2012 3:56 AM in response to pts

Sorry pts but I agree with Jamie you can't expect osx server to have any control over anything outside of the LAN it's connected. To do that you would have to configure that yourself on whatever hardware is controlling your WAN access

Your lack of understanding is not apples yours or anyone else's fault. You can't blame the tools for your lack of understanding


Apples instructions are I suppose "easy as pie" as long as you stay inside the box as soon as you step outside you have to have a certain level of understanding how things work

I guess one mans pie is another's mans cardiac arrest


This forum is user to user no official apple presence

I would venture to say you need to explain clearly what your trying to do and what you have done

No one here has the time to go all Sherlock Holmes on posts and try to deduce what you're trying to achieve


I suppose a certain level of expertise is also expected in the server and enterprise forums 'cause we've had it pretty much all to ourselfs for years. Now those pesky soho server types are muscling in, the times they are a changin. I know I'm guilty of thinking the other guy knows what he's talking about 'cause I sure don't

So don't be to hard on us

Reply
User profile for user: JaimeMagiera
JaimeMagiera
User level: Level 2
314 points

Aug 20, 2012 8:47 AM in response to pts

pts, I'm sorry but you are being disingenuous to blame the software before you even know what the problem is. Note that the promotional materials say "almost as easy to configure as a desktop machine...". That's the basic confirugation. There is no guarantee that there won't be other things that need to be done. If you expect foundational services such as DNS to just "work", you will be in for a surprise. There are a lot of things that can be different on a machine, and on a network, that affect a service. As someone administering a server, your full time job or not, you'll have to get into the habit of cracking open on a log and, on occasion, the terminal.app. Consider it an opportunity to get good at Mac OS X Server administration. Back to the trouble shooting: It should only take you a few seconds to look at the server log, or run the "host" command from the terminal. These basic things could tell you a lot. Yes, you might have to google, or ask here what those things mean, but that's all part of the learning process. Feel free to post the result of those endeavors.

Reply
User profile for user: pts
pts Author
User level: Level 1
16 points

Aug 20, 2012 4:16 PM in response to Mark23

Doh! Thanks for pointing that out, Mark23. I find it bizzarre that Apple doesn't have this linked here:

http://www.apple.com/osx/server/specs/

Look under: Documentation

It takes you to 10.7


Regarding whether it is disingenious to blame software that claims to work when it doesn't, I guess we'll have to agree to disagree. I have no problems with people giving hints about what to look for, but I do have problems with people saying "look in the logs" and "Its more complicated than Apple said". All of this may be true, but it doesn't follow that the software is doing what it is supposed to do. It patently isn't.


Now on to looking at logs for... ??


I actually got some good help on another thread on here. Apparently server.app will not set up DNS access by outside the server. If the server is also serving an internal network, then requests from those machines will be allowed, but it won't, by default, respond to requests from the outside world. VPN seems to be the only way to go, unless I can figure out what configuration files need to be changed.

Reply
User profile for user: JaimeMagiera
JaimeMagiera
User level: Level 2
314 points

Aug 20, 2012 4:47 PM in response to pts

No, you continue to misunderstand. It's easy to configure the service. The issue is that there are a myriad of factors beyond Apple's control in terms of all the things in between the machine providing the service and the client. Also, there are a myriad of ways a server and client can be configured that would change the setup. It has nothing to do with Apple wrongly promoting something. If you think that having to look at logs is somehow indicative of a bad system, you completely misunderstand how server administration works. Again, you haven't proved it isn't working. You've done absolutely *none* of the things necessary to verify what the issue is. Nothing. Zero. Zilch. Can you prove that the poster was correct that you can't provide DNS outside your network? I challenge that claim and have proof. Here is a lookup from a (university) network to my completely separate personal business network running 10.8 Server. Works fine.


amber:~ jaimelm$ host amber

amber.geo.lsa.umich.edu has address 141.211.108.5


amber:~ jaimelm$ host node2.sensoryresearch.net 166.90.246.130

Using domain server:

Name: 166.90.246.130

Address: 166.90.246.130#53

Aliases:



node2.sensoryresearch.net has address 63.208.160.186


Please refrain from framing this as an issue of things not working properly until you've actually done your homework.

Reply

Open directory doesn't work

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up