NetAuthSysAgent wants to use the "login" keychain

hi

i saw this also , it may be a fault in the way that the AD permissions are setup on the users home

they may need to enable transverse access on the home directory

thanks

Go to System Preferences > Users and Groups > choose your account > click "Settings..." next to "Mobile User Account" > Click "Syncronize Now" at the top of the pane that just opend. You would see the same window "NetAuthSysAgent wants to use...". However this time you would be able to give it a focus and type your password. It worked for me, I hope it'll work for you.

I have the same problem at regular intervals. But I do not use AD, I use Apple's own Open Directory on a Mc OS X Server.

It is also intermittent. I get it sometimes, but not always.

And the worst thing is when I get it when the screen saver is turned on and the screen is locked. When that happens the system is completely blocked because th escreen saver cannot get focus and I cannot unlock. The NetAuthSys panels appear behind the screen saver.

I would also be greatly interested in solving this, as when this happens a hard reboot is the only option.

Have this issue with an OD client (Macbook Air 10.9.2) on a MacMini Server (10.9.2, Server 3.0.3) - happens when client wants to logout the mobile account on the MacBook and want to start the sync 😟

After clicking several times on the "cancel" the window disappears.

Your hint helped, now this issue is gone :-)

Apple is a strange company. I sometimes has an insane level of attention to detail, but it also shows insane levels of neglect. Portable Home Directories of OS X Server is an area where Apple shows such an insane level of neglect. It is hideaously broken. It cannot handle some of Apple's own file constructs (which you encounter when you try to sync your iPhoto library), it is extremely unreliable with respect to connecting (as this thread is about), it can render your system unusable and it can corrupt your data.

There is nothing we can do about it. Apple completely neglects Portable Home Directories and they become more unusable with every OS X release that Apple ships. We can complain, but even then we are neglected. And this has been going on for years and years and years.

I have been looking into dropping PHD and replacing it with Synk from Decimus, a commercial solution. Not an option for larger installations because it cannot be centrally maintained (actually, I could do PHD syncing to maintain the Synk setup :-), but in my case doable. It is crazy that I have to do this in the first place, but that happens when you are in an Apple 'blind spot'.

In the meantime, I welcome suggestions for other solutions.

Hey guys,

I thought I'd just chip in with my experience of this...

Most if not all of our clients are experiencing the same "NetAuthSysAgent wants to use the "login" keychain" popup - mainly after their initial login in the morning.

Home Sync was running perfectly fine with 10.8 & Workgroup Manager but we recently upgraded to Mavericks on our server after finally feeling confident that Profile Manager could do what we needed it to do - i.e. manage and configure the Mobility settings for Home Sync (along with everything else). Up until server 3.1.2 our tests had proved that it was just not useable in terms of adding exclusion rules etc for Home Sync.

Prior to Server 3.1.2 the + button for adding additional exclusions to Home Sync did NOTHING!

I'm not sure what sort of QA Apple puts these apps through before releasing them to the world but it clearly is way short of what you would expect!

In 3.1.2 the + button now works but the - (minus) doesn't! At least I can add exclusions now!

I digress...

When I initially got Server 3.1.2 & Profile Manager up and running everything seemed to be going fine but as soon as I started to "edit" these mobility settings Home Sync started not to work on logout (one of the options that we required) and most of our clients (99% of which on 10.9) started experiencing the annoying authentication popup.

Not sure about anyone else but we also get other random "login" keychain auth popups so I'm not entirely sure that this isn't in fact a keychain issue and nothing to do with OD at all??

I'd be interested to hear other people experiences with this.

The only suggestion that I have seen to fix these repeated auth requests for the "login" keychain is this from Apple OS X Mavericks v10.9.1: Repeated prompts to unlock "Local Items" keychain

However, I have tried this on multiple clients, including my own, and although it seems to have stopped some of the requests, I still get the NetAuthSysAgent one...

I had the same problem after importing the login.keychain from an older laptop. It's not the same problem as the original poster, but I mention it here in case someone has the same problem as me. In my case, whenever I mounted the Time Caspule drive in Finder, after rebooting each day, I was asked for the login password. I was also getting similar messages from Safari.

When I opened Keychain Access, Edit > Keychain List, I found it had registered the new login.keychain and also the one I had copied from the old machine to update from. This old keychain was still being updated. So I renamed the old login.keychain and it *appears* to have corrected the problem. Fingers crossed.

I also deleted the entry from the Keychain List.

DN

This problem is driving me crazy. It has become worse with Yosemite. Overtime I login to the Portable Home account the synchronization fails as it requires the password to login.. Only after I cancel does the system give me an opportunity to enter the password, and by then it is too late, I missed the sync, so I keep getting all sorts of syncing errors.

I believe the problem is related to iCloud Keychain, as overtime I miss abetting the password, ICloud keychain resets itself in all devices..

Dumb suggestion (that worked for me)

If the user has an Active Directory account, remove any login scripts or home drive mappings. Also make sure they are NOT connected to a wireless network as well as a wired network (one or the other not both)

Yes I know this should not have made a difference, but most confusingly it did...

MP