Os X Server 3.0.1 - Unable to create network users

Question

Os X Server 3.0.1 - Unable to create network users

Hi guys.

First, I apologyze for my english: I'm italian and I'll do my best to describe the problem, thet I guess you already know.

Since the upgrade to Maverick and relative server app upgrade even to 3.0.1, I got always the same error during network users creation:

"Existing connecting is not authenticated: password change denied".

I tried hundreds times in every issues way, even the latest of 20/11/2013 by Lunchbox LP.

NOTHING!!!

Does somebody Knows if Apple is going to solve this and all the other server 3.0.x bugs (including L2TP) with a BIGFIX?

Thank you.

Mac mini, OS X Mavericks (10.9)

Posted on Nov 24, 2013 9:03 AM

Reply

Answer 1

Nov 24, 2013 10:08 AM in response to MacTurtleInRome

I would say your only option is to delete the Server app from Applications, delete the Server folder from /Library, and redownload the Server app... In other words, start from scratch.

Actually, delete the Server app, empty the trash can, and redownload the Server app, I think all your settings and such are retained if you do NOT delete the /Library/Server folder. If that doesn't work, you'll have to delete the Server folder...

Reply

Answer 2

Nov 25, 2013 1:20 AM in response to jaygatsby1123

Well. I did it yesterday, just after posted my last issue. To be sure, I unistalled with cleanmymac 2, wich listed a ton of binary and library Server folders to be removed. I did it. I downloaded it. I installed. I run. I configured BASIC services and created OD. I went to network user pan again. I got SAME ERROR. Today (tonight) I'll try to migrate from a clean Maverick + server 3 installation...

I red some issue where somebody even tried this way with no result....

Reply

Answer 3

Nov 26, 2013 3:19 AM in response to MacTurtleInRome

... nothing.

Reply

Answer 4

keg55

Level 6

11,755 points

Nov 26, 2013 5:14 AM in response to MacTurtleInRome

Are you adding your network users via Workgroup Manager for Mavericks? Or adding them via the Server.app?

I had similar issues with adding users via Workgroup Manager. I made sure my DNS was setup correctly in Server.app, deleted the network users in Workgroup Manager; then Destroyed my OD and recreated it within Server.app. Afterwards, I logged into Workgroup Manager and started adding network users, I didn't get that message again.

Reply

Answer 5

MacASU

Level 1

0 points

Nov 26, 2013 7:10 AM in response to keg55

Hi.

When I destroy OD and attempt to recreate, Server is no more able to build up a new master ("unable to load replicas" at the center of the panel). If I destroy and try to import the previous archived OD, it answers that isn't able to import: I got an error days ago, that I don't remember now.

What do you mean with: "I made sure my DNS was setup correctly in Server.app"?

I migrated the DNS config from Mountain Lion. It worked for 6 monthes...

Another thing: my Utility Directory in not able to bind the OD.

127.0.0.1 is the default address, isn't it?

I have this IP for LDAP and my OD (master) has 192.168.1.115

Does it impact something?

Maybe you could help me: does your .local name matches domain name?

I have a VPN domain.

Ex. of my config:

Local machine name: nameX. local

host name: nameY.domain.private

In DNS config I have:

nameX.domain.private (192.168.1.115) computer (local machine)

nameY.domain.private (192.168.1.115) computer (same IP)

nameY.domain.private (192.168.1.115) name server (same IP)

In .arpa I have just one machine with this IP 192.168.115:

nameY.domain.private

and obviously

nameY.domain.private server name.

In .arpa haven't

nameX.domain.private (192.168.1.115) computer (local machine)

It wouldn't impact anything, because I've had this config since monthes; but I don't know.

Thank you

Reply

Answer 6

gooberk

Level 1

18 points

Nov 27, 2013 7:31 AM in response to MacTurtleInRome

i posted this in another thread.

http://support.apple.com/kb/TS5289

make sure you are running the server.app when you do this (initially ran it with the server.app closed - not surprisingly, it didnt work).

i ran the fix and restarted the server.app and it is working.

good luck.

Reply

Answer 7

Nov 27, 2013 10:37 AM in response to gooberk

... it didn't work... 😟, but I thank you very very much

Reply

Answer 8

Nov 28, 2013 6:55 AM in response to MacTurtleInRome

Hi,

now I got a new problem. I verified that on a VM OS X Mavericks clean install the Server app works correctly and I can create network users without problems. I tried to COMPLETE UNINSTALL server app on the real server (not VM) and reinstall. I removed everything, even the Library folders and files as issued by Aplle, but during installation he got always the same config, with everything, including DHCP, DNS and VPN domain.

Where are this infos? How can I COMPLETE UNINSTALL SERVER 3.0.1?

Reply

Answer 9

Nov 28, 2013 6:57 AM in response to MacTurtleInRome

...I already flushed the cache...

Reply

Answer 10

Drew Reece

Level 6

10,684 points

Nov 28, 2013 7:27 AM in response to MacTurtleInRome

The settings are not stored in the caches (they are for data that can be eventually flushed), the service data is stored in various databases, preferences & launchd jobs. A lot is stored in /Library/Server, but some config exists /etc or /var…

I'd strongly recommend a clean install if the server is in an unusable state, otherwise you may not resolve anything by removing the old settings since server installs so many different config files. There is also the possibility your issues lay in settings that server app doesn't alter on installation or in damage to files within the underlying OS.

Create a bootable installer of the OS on an external disk, boot into that & use Disk Utility to erase the internal server HD, and then install & reinstall Server.app.

If you really want to avoid that, you can try … http://krypted.com/mac-os-x-server/hosed-your-mountain-lion-server-reset-it, I haven't done that myself so I have no idea if it will work at all on Server.app 3

Reply

Answer 11

keg55

Level 6

11,755 points

Nov 28, 2013 7:53 AM in response to MacTurtleInRome

You should be able to boot into the Mavericks Recovery HD by pressing/holding Command+R at startup or press the OPTION key and select the Recovery HD-10.9 partition. From there you can erase your Macintosh HD, reinstall OS X Mavericks and after OS X is installed, reinstall the Server.app.

I have done the above to fix issues I was having with OD and adding users. After a complete erase/reinstall of Mavericks and Server.app the issues were resolved. Back up before you reinstall.

Good Luck!

Reply

Answer 12

Nov 29, 2013 6:10 AM in response to keg55

Hi, tonight I found the solution without reinstalling OS X Mavericks .

After the upgrade , I could not create users in network server 3.0.1.

I solved it .

In my case, I realized that destroying the OD from the configuration panel in Server app , it was still visible in the Utility Directory and in the Users & Groups pane of System Preferences (check Log- In Options: the green light should be on next Sever network account, even after destroying the OD in Server.app) .

I pressed the Edit button next to Server network account and i found Server.local still turned on as Open Directory Service…

I suggest to do so, it worked for me:

DESTROY THE OPEN DIRECTORY IN SERVER.APP (YOU CAN ARCHIVE, BUT YOU WILL HAVE TO CREATE A FULLY NEW OPEN DIRECTORY ANYWAY).

TURN OFF THE OPEN DIRECTOTY SERVICE.

DELETE ALL DNS RECORD : ALL RECORDS AND ALL ZONES! DO NOT TURN OFF THE SERVICE!

OPEN UTILITY DIRECTORY (IN SYSTEM PREFERENCES OR DIRECTLY FROM SERVER . APP).

TO EDIT, LOG IN AS ADMINISTRATOR BY PRESSING THE USUAL PADLOCK ON BOTTOM LEFT CORNER OF THE PANEL AND CLICK TWICE ON LDAPv3.

YOU SHOULD FIND THE DIRECTORY STILL IN THE LIST! (SHOULD BE 127.0.0.1 AS DEFAULT) IS IT SO? SELECT AND DESTROY!!!

GO BACK TO SERVER.APP AND CREATE A NEW DOMAIN. FOR EXAMPLE :

COMPUTER NAME: SERVER.LOCAL

HOST NAME : SERVER.MYDOMAIN.PRIVATE

I HAVE A VPN. TO BE SURE, I MATCHED COMPUTER NAME AND HOST NAME.

IN MY CASE : "SERVER" AND I LEFT THE SAME IP THAT I HAD BEFORE .

FOLLOW ALL THE STEPS FOR THE CREATION OF THE NEW DOMAIN AS SUGGESTED BY SERVER.APP, INCLUDING THE UPDATE OF DNS SERVICE.

AFTER THIS STEP, AS USUAL, SERVER.APP GENERATES A NEW ALERT.

CHECK THE ALERT SERVICE IN THE SIDEBAR: “THE HOST NAME IS CHANGED”.

DOUBLE CLICK ON ALERT AND CLICK THE "RECOVERY" BUTTON.

THE GREEN CONTROL SIGN SHOULD APPEAR, AFTER SERVICES UPDATING.

CHECK THE DNS: SERVER.APP CREATED THE PRIMARY AND SECONDORY ZONES WITH THE NEW NAME SERVER AND THE COMPUTER, EVEN IN THE REVERSE ZONE.

NOW ACTIVATE OPEN DIRECTORY SERVICE.

IT SHOULD START FROM SCRATCH AND FULL FUNCIONALLY.

YOU CAN CREATE A NEW ADMINISTRATOR ACCOUNT AND EVERYTHING GOES.

PLEASE, LET ME KNOW IF IT WORK FOR SOMEBODY ELSE.

THANK YOU

Reply

Answer 13

Drew Reece

Level 6

10,684 points

Nov 30, 2013 8:47 AM in response to MacTurtleInRome

When changing the hostname or domain name on a server it's a good idea to reboot & then run the changeip command.

changeip -checkhostname

I can't see Apple's info on this, so take a look at krypted.com's explanation.

http://krypted.com/mac-os-x-server/mac-os-x-server-does-my-name-and-host-name-ma tch/

You will need sudo to change settings via the changeip command.

Reply

Answer 14

RHartman

Level 1

90 points

Apr 25, 2014 4:45 PM in response to Drew Reece

If I go through all these crazy steps, will I be able to re-import my users? Our wiki is pretty extensive and from what I understand, changing users' UIDs will gork the wiki?

Reply

Answer 15

Apr 26, 2014 12:02 AM in response to RHartman

Well,... I realy didn't try; I re-created them from scratch, after those steps...

I guess you could try to do that from a Carbon Copy of your system, using migrating tools.

You'd temporaly need two different Macs, starting the second one from the external HD Carbon Copy of your own system. If you have in mind to try, I suggest to use only FireWire HD and LAN; no routers; no wi-fi.

Reply