VPN authentication fails, can't update WG manager, -14988 error
10.8.4 server, DNS is properly configured with reverse lookups. I've nuked and recreated the OD master from scratch and users and groups were imported from exported files. Things work fine most of the time but the server will randomly stop accepting VPN connections stating that authentication failed even though the password is just fine. This is for both PPTP and L2TP. When this happens, Workgroup Manager also has issues. If I try and create a new user or modify any passwords I'll get "an unexpected error of type -14988 has occurred. All other settings were saved."
What's odd is that the issue will just go away on its own but when or how is anybody's guess. Users can login to file sharing just fine. Any idea how to fix this?
This is from the opendirectory log-
2013-11-11 11:58:30.013423 PST - 376.8734727, Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - no server challenge
2013-11-11 11:58:30.013587 PST - 376.8734727 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
2013-11-11 11:58:30.013587 PST - 376.8734727, Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - could not continue SASL client session: generic failure (-1) (5103)
2013-11-11 12:01:05.242976 PST - could not get local sockaddr info for 8: Bad file descriptor
2013-11-11 12:56:18.039993 PST - 376.8736520 - Client: AppleFileServer, UID: 0, EUID: 0, GID: 0, EGID: 0
2013-11-11 12:56:18.039993 PST - 376.8736520, Module: SystemCache - failed to determine id_type to refresh record (group AAAABBBB-CCCC-DDDD-EEEE-FFFF000001F5@) (0x7fb2cb0033d0)
This is from slapd.log-
Nov 12 10:40:57 xserve.mydomain.com slapd[154]: get_filter: conn 62568 unknown attribute type=objectlass0 (17)
Nov 12 10:40:57 xserve.mydomain.com slapd[154]: conn=62568 op=1 do_bind: invalid dn (judy@mydomain.com)
Nov 12 10:40:58 xserve.mydomain.com slapd[154]: conn=62568 op=2 do_bind: invalid dn (judy@mydomain.com)
Nov 12 10:41:20 xserve.mydomain.com slapd[154]: SASL [conn=62576] Failure: no secret in database
Nov 12 10:41:20 xserve.mydomain.com slapd[154]: int slap_sasl_bind(Operation *, SlapReply *): Error to increment failed login count for uid=tracy,cn=users,dc=xserve,dc=mydomain,dc=com
Nov 12 10:42:35 xserve.mydomain.com slapd[154]: SASL [conn=62582] Failure: no secret in database
Nov 12 10:42:35 xserve.mydomain.com slapd[154]: int slap_sasl_bind(Operation *, SlapReply *): Error to increment failed login count for uid=tracy,cn=users,dc=xserve,dc=mydomain,dc=com