You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Network Account Cannot Log On

New, fresh install of 10.8.2 OS X Server. DHCP, DNS, Open Directory, File Sharing all working. Server hostname is set to myserver.private. Two users are created:


  • test1 (and other accounts) has a network home, on AFP-shared Users, enabled for Home Directories
  • test2 home is set to Local Only


On an MBP 10.8.2, successfully joined to myserver.private, I try to log-in with those two network accounts. One works, the other does not:


  • test2 is able to log-on without a problem, log-out, and log-on, and so on,
  • test1 seems to authenticate, but cannot log on, displays message "You are unable to log in to the user account "test1" at this time. Logging in to the account failed because an error occurred."
  • After failing with test1, test2 will also produce the same error, until I log-in and log-out successfully with a local MBP account, or it has been rebooted.


The only error related to test1 that I can see in the Console logs is:


authorizationhost[1197]: ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:username:] | PremountHomeDirectoryWithAuthentication( url=afp://myserver.private/Users, homedir=/Network/Servers/myserver.private/Users/test1, name=test1 ) returned 64


Now, if I change test1 home directory setting (using Server.app) to "Local Only", I will be able to log-in on the MBP, however no home directory is provided (it serves the root of the local file system). If I log-out, and then use the Server.app to change it back to the previously set network home, I will be able to log-in with this account on the MBP with test1, but not with any other accounts that have a network home directory.


Any ideas why I am getting the "You are unable to log in" error in the first place? Many thanks for any hints...

Mac mini, OS X Mountain Lion (10.8.2), OS X Server

Posted on Jan 5, 2013 7:33 PM

Reply
Question marked as Top-ranking reply

Posted on Jan 6, 2013 4:27 AM

I know the issue. Little Snitch 3.0.2 was running on the MBP. When I disable it, the problem goes away and the users can log-on. Unfortunately, I am not sure what rule to create for LS to allow the log-on. I have logged a query with developers to find out the workaround rule. In the meantime, disabling LS works fully.

4 replies
Question marked as Top-ranking reply

Jan 6, 2013 4:27 AM in response to Rafal Lukawiecki

I know the issue. Little Snitch 3.0.2 was running on the MBP. When I disable it, the problem goes away and the users can log-on. Unfortunately, I am not sure what rule to create for LS to allow the log-on. I have logged a query with developers to find out the workaround rule. In the meantime, disabling LS works fully.

Apr 24, 2013 1:03 AM in response to Rafal Lukawiecki

It seems that the problem is that LS cannot prompt you for connection requests during the very early login stage, ie. when you are still at the login window, so the connection gets rejected and the login fails.

If you disable the LS then upon first login you will get a dialog from LS saying that there were connection attempts during login, and allow you to verfiy them, I tried it now on the second mac, and it seems that all that matters is the NetAuthSysAgent - allow outgoing connections to domain yourdomainname, but this is a rule of the user you are logging into!

Network Account Cannot Log On

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.