What is the impact of destroying and re-creating from scratch the Open Directory Master?

Hi Chris

I had to destroy and recreate my 10.9.1 open directory 3 times! i would suggest unbinding everyone first, use different passwords for your newly created users, the calendar data appeared to remain intact, although to be safe i would export the calendar data from your clients first. Im not an experienced user, far from it, i did try to get some help on here but i had 0 replies to any of my posts concerning the server so i had to bite the bullet, proper information other than "switch it on or off" seems to be very rare for mavericks server, its working ok for me now, although there are still some issues that i will post on here in the vain attempt to get a solution.

Best of luck

Rob

Just to add to that, i dont know how many users you have, i only have 12 and that was bad enough, if you have hundreds thats a lot of work to recreate

I didnt even think to preserve the uuids, i just trashed and recreated the OD, the reason i did that was because i had 3 users that i couldnt bind to the server, or login for services, when i went to change the password for the user, , it was unsuccesful, ie enter the new password press ok it just stayed in the password window, didnt go back to the users window, the second attempt started ok, but i was using the same passwords as i had been for the first attempt, when i got to the final user i had the same problem, on my third attempt i used different passwords and it seems ok, i have a few issues in that when i go to bind a user, some users give the option of authenticated binding, some dont, i know i can put a command in terminal to force authenticated binding, but as its set now on the default it should ask each user if they want to put there passwords in.

So i guess that these issues could be something to do with uuids, i think the more fresh the numbers are the better.

The day after i recreated the OD for the third time, there was a server app update to 3.0.2 that stated there was improvements to clients logging in, so i dont know if that has cured my problems or not, are you 10.9 or 10.8?

Mine was a clean install from scratch, i didnt fancy upgrading from 10.6.

When i say binding user, i mean go to system preferences on the client machine > users and groups > click the padlock to login > enter admin password > Click login options > click join > then the name of your server should come up in the drop down box , select it then you should be prompted to trust it, then you should have an area to put in the usermame and password, or to bind to the server anonymously, i dont get that option on all users when i should, basically authenticated binding allows you as the server admin to control the prteferences on the client machines should you wish, even to the extent of what appears on the dock or what software they are allowed to use. That would have to be done in WGM though.

Having said that all my services (calendar, messages and contacts all work without binding, so make of that what you will!)

Im able to create new users without a problem now, all i can say is that it fixed it for me, i really dont know the ins and outs of a ML upgrade though, so i cant guarantee anything.

I did try to archive the od first then re promote it to the master, that might be worth trying first, i read somewhere that doing that rekerberizes it, it didnt fix it for me though.

Great let me know how it goes🙂

Hi Chris

How did you get on?, believe it or not my open directory has gone again, it happened when i had to reboot the server, it went into a grey screen for about 15 mins, i did a force shut down, on restarting OD wouldnt stay on, i had to put a command into terminal to trash the ldap, i googled it, i didnt want to do this but had no choice as nothing od related worked, this cleared od and i put all the users in again, using the same password this time, and its up and running again, but, i cant login to WGM as diradmin, and i get ssl messages and errors when trying to bind clients, so im wondering if there is a need to flush out the uuids, do you know how to do this?

Cheers

Rob

Hi Chris

Thanks for the reply, im glad yours is working now.

Ive done a sudo changeip -checkhostname in terminal, and that is all successful, so im guessing my dns settings are correct, so i have again retrashed the open directory and recreated from scratch (only took me 2.5 hours last night), all seems to be working for now, im sure that there is some kind of data left over somewhere from my various attempts to make this work, all i have left to try if it goes again is reset sever app and then a complete fresh install, neither of which i want to do, i am gradually moving away from apple services btw, im running kerio, which takes care of mail and contacts for me, (very well i might add) it also can do messaging and calendars, so who knows i may even migrate over to that if the problem shows itself again, and do away with open directory altogether, which will leave my server just doing DNS and DHCP and file sharing, maybe it can cope with that, just as a side note, im using kerio mail, which allows you to share mailboxes across the network, this works fantastically well in every mail client apart from apple mail! which takes forever to show the boxes and build the messages, thunderbird is instant, just goes to show mavericks is a long way off being finished, roll on 10.9.2

Cheers for now

Rob