Mavericks Server Keychain not properly storing information network users.

Its a shame but this bug is still not fixed. As far as I can tell its still in 10.10.4.

Yosemite keeps about twenty user processes alive after logout of a user - I can not even imagine what is it good for. When I logout I expect that every process under my user-id should be stopped/killed and terminated in a reasonable time period (10 seconds max).

Yesterday I had to move the next network home user to a local user because of this bug. It is ridiculous because this makes OS X Server useless - and Apple does not care at all. 😠

I think the guys who have to classify bug report had not understood how horrible this bug really is. It is a key feature of OS X Server that is broken or at least very unreliable.

@Tim Cook: You know there are business customers out there how have to work with OS X?

I decided if 10.10.* won't fix this bug and smb bugs I am going to (had to) move my customer to Windows servers.

Bye,

Christoph

I agree it is appalling that this is not (apparently) being fixed as an urgent matter since clearly it is a widely experienced problem. However I feel this is a client related issue rather than a server issue although I can believe Apple's 'server' software does not help matters by failing to terminate idle connections like it used to be able to do. It is the client that would be responsible for terminating local processes when a user logs out. This is why the suggested fix in this discussion of implementing a logout-hook makes sense and seems to work for some people. In my own case it at least initially did not work but things might have recently settled down. (Touch wood.)

(In case it was not clear I don't think moving to e.g. a Windows server would help with this issue.)

Sadly it is seeming like a case of 'I'm alright Jack' in that likely Apple's own engineers do not use true network home directory based accounts and either use mobile accounts or portable home directories (stored locally and synced) and hence do not experience this themselves. 😟

Hello Christoph

I completely agree you thread, but want to make a small correction. First I thought it was a problem of the OS X Server, it isn't! It is a problem to the OS X Client who can't handle the logoff.

The problem even occurred if you connect as OS X client if you are using an Small-Business Server using Active-Directory and Mounting the User Directories with SMB

The only solution for this problem is if you switch the Clients to Windows (then you have maybe other problems like virus etc.) As you write Apple doesn't care about this problem. It exist since 10.9.2. The best way is that all Business Clients switch from Apple to another Platform (like Windows). Then they can struggle about iWatch, iPad, iPhone and other gadgets and lose the complete Business Segment in the Market.

I am an Apple User since 1979 but now I am very frustrated the way the handle us as professional users. The argument the OS X is free and OS X Server costs only US$ 20 can't be a reason for don't fixing bugs. They even deny there a bugs and nothing is somewhere described in Knowledges Notes.

Apple isn't interesting in business users anymore, at this moment they are only to cowardly to write it on their website that Apple is only interesting in producing Hardware and Software for the Consumer market and that all Business Clients should switch to other platforms!

Regards

Gérard

Can someone help me work out a way of having the client machine reboot after every logout. This seems to be the only bad solution to this problem of hot desking. I've tried to do it with Profile manager but could not install the script.

I would appreciate a step by step as I'm not a unix guru.

Many thanks.

JOHN AGAPITOS

Hallo John

The best way is to complain at the Apple Support. As more people complain, they will need to fix it!

If they don't fix all the bugs they will loose a lot of professional users and only selling iPhones, iPads & iWatches in future

Also make a feedback!

https://www.apple.com/feedback/

I can say at this point that the issue STILL exists in the new Beta of 10.11b2. Using client and server.

Have not yet attempted other combinations, but the basics are all there in the new system. Same keychain issues, same logout/login/mail/icloud issues, etc.

I'm betting that at this point Apple has decided to devote all of their resources to things other than server since this has now been over 2 years to basically not responding to the issue. So sad.

I would be interested if there is anyone not having this problem with network accounts.

Also I would like to know, if the problem persists with OS X 10.10.4.

Th posting of morpheusrising seems to indicate this but who knows?

Greetings

macmartin

hi there folks,

I'm following this thread for a longer time now as I'm too having problems with the keychain storing. I'm running on yosemite clients with a yosemite server (4). there is one thing I came across today: there is one network user that was able to install his iCloud account without passwords prompt every time he logs in. I checked his setting and the only difference was a that the account email address field wasn't filled.

I created a new test user without the email address and somehow the iCloud account works and the prompts disappeared. will test it today with other accounts and we'll see. it can be a simple coincidence (as it's really dumb and I can't imagine how it can have anything to do with the problem) but I decided to share it with you.

best,

David

one more thing about the user:

he's only part of the default workgroup user group. If I put him in a different group the whole thing starts again. will recreate it all again and we'll see.

all iCloud accounts work, even if you put 10 of them in internet accounts. they appear inactive, but they work. the other internet accounts, connections to servers etc. forget their passwords...

Seeing something very similar to macmartin's log messages at a client where most users are using outlook (with no passwords-going-missing issues), but one is using Mail.app and it's turned into agony. Other symptoms seem pretty similar to those described here (though with 11 pages of posts over 2 years, we may be seeing more than one issue).

The general console log shows "failure to read/update password" and the syslog also has com.apple.utilities.sqlite3 "disk I/O errors". Happens pretty reliably if you change machines, haven't done enough testing to see if it happens if you stay on a machine (I thought not), but I daresay that will happen by itself soon.

10.10.3 server and client (issue existed in assorted 10.10.x's over the last few days), I tried AFP and SMB for the home (which of course fixed it for a few logouts and got me excited). English locale (Australia)

My questions are:

• can anyone chime in if this is working for them anywhere? (i.e. no bug). While this is affecting a lot of people, it's still possible it's some very small percentage of 10.9+ roaming home folder users - I was working in the UK until a year ago in much bigger circumstances and we *must* have had Mavericks customers, but the OSes come out so frequently and the clients update so infrequently I can't be sure. Possibly no client used both 10.9+ and Mail, there was a fair bit of entourage around.
• I'd be more than happy to try portable home folders if they didn't make things worse (or just-as-bad-only-different) - last time I used them was 10.6 where they had finally settled down fairly well (or I knew their failure patterns well enough to maintain things well) - but 10.5 wasn't fun. Has anyone used them lately with success?

This thread took a while to find, but I'll try some of the things mentioned here and report back, but I may financially ruin my client before I make any progress :-/

The only working solution right now is the kill script provided by raoulinfr

which could be found on the bottom of page 8 in this thread.

Hopefully the bug will be gone in OS X El Capitan.

I have the public beta, i will be testing.

But i fear that the bug is still present...

I dislike the HP Scanning software - a lot. 👿

They take too long to update it - if at all and it is fat and bloated with bits spread all over your hard disk.

I suggest if at all possible you use Apple's built-in scanning software which sadly does not work with all HP network printers/scanners. Another approach to consider is to configure your multi-function HP to 'scan to network folder' i.e. via SMB.

Unfortunately again some older HPs may not be compatible with Apple's newer SMBx software that was introduced with Lion aka. 10.7. In some cases you can update the firmware of the HP device to help out in this area.