Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Network accounts are unavailable after server update to 3.0.2

I have just setup a Mac Mini Server and my client machines were logging in without any problems then when I updated the server to version 3.0.2 the network accounts can no longer login. The login window just shows a popup next to username box that says "Network accounts are unavailable".


I can login as a local user on the client, browse the network share on the server and use "Connect as" and login using a network user to see their shares so the client is connecting to the server for user information, I just can't login to the client at the login screen.

Mac mini, OS X Server

Posted on Jan 22, 2014 4:02 AM

Reply
13 replies
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 23, 2014 12:27 AM in response to Linc Davis

Can you advise which logs you need, I have put the recent entries from the LDAP log below, the following two lines are added everytime a client tries to login


Jan 23 08:17:49 macserver.local slapd[2168]: => bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:49 macserver.local slapd[2168]: conn=3995 op=3: attribute "entryCSN" index delete failure


All of todays logs from LDAP are below, please advise any other logs you need.



Jan 23 07:40:48 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 07:40:48 macserver.local slapd[2168]: conn=3882 op=3: attribute "entryCSN" index delete failure

Jan 23 08:17:42 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:42 macserver.local slapd[2168]: conn=3969 op=3: attribute "entryCSN" index delete failure

Jan 23 08:17:47 macserver.local slapd[2168]: => bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:47 macserver.local slapd[2168]: conn=3977 op=3: attribute "entryCSN" index delete failure

Jan 23 08:17:47 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:47 macserver.local slapd[2168]: conn=3983 op=3: attribute "entryCSN" index delete failure

Jan 23 08:17:48 macserver.local slapd[2168]: => bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:48 macserver.local slapd[2168]: conn=3989 op=3: attribute "entryCSN" index delete failure

Jan 23 08:17:49 macserver.local slapd[2168]: => bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:17:49 macserver.local slapd[2168]: conn=3995 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:16 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:16 macserver.local slapd[2168]: conn=4009 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:17 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:17 macserver.local slapd[2168]: conn=4017 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:19 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:19 macserver.local slapd[2168]: conn=4023 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:20 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:20 macserver.local slapd[2168]: conn=4029 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:22 macserver.local slapd[2168]: => bdb_idl_insert_key: c_put id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:22 macserver.local slapd[2168]: conn=4035 op=3: attribute "entryCSN" index add failure

Jan 23 08:24:26 macserver.local slapd[2168]: => bdb_idl_insert_key: c_put id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:26 macserver.local slapd[2168]: conn=4041 op=3: attribute "entryCSN" index add failure

Jan 23 08:24:35 macserver.local slapd[2168]: => bdb_idl_insert_key: c_put id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:35 macserver.local slapd[2168]: conn=4047 op=2: attribute "entryCSN" index add failure

Jan 23 08:24:39 macserver.local slapd[2168]: => bdb_idl_delete_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:39 macserver.local slapd[2168]: conn=4053 op=3: attribute "entryCSN" index delete failure

Jan 23 08:24:42 macserver.local slapd[2168]: => bdb_idl_insert_key: c_get failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994)

Jan 23 08:24:42 macserver.local slapd[2168]: conn=4059 op=2: attribute "entryCSN" index add failure

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 27, 2014 12:21 AM in response to Linc Davis

When trying to authenticate the following is added to system log on the server which shows an error that may mean something to you, from the list MACSERVER is the server name, j.abdy is the test user and bccscmac20 is the client machine.


Jan 27 08:13:10 macserver.local kdc[2142]: AS-REQ j.abdy@MACSERVER.LOCAL from 10.49.23.20:63853 for krbtgt/MACSERVER.LOCAL@MACSERVER.LOCAL

Jan 27 08:13:10 macserver.local kdc[2142]: AS-REQ j.abdy@MACSERVER.LOCAL from 10.49.23.20:63853 for krbtgt/MACSERVER.LOCAL@MACSERVER.LOCAL

Jan 27 08:13:10 macserver.local kdc[2142]: Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ

Jan 27 08:13:10 macserver.local kdc[2142]: AS-REQ j.abdy@MACSERVER.LOCAL from 10.49.23.20:55453 for krbtgt/MACSERVER.LOCAL@MACSERVER.LOCAL

Jan 27 08:13:10 --- last message repeated 1 time ---

Jan 27 08:13:10 macserver.local kdc[2142]: Client sent patypes: ENC-TS

Jan 27 08:13:10 macserver.local kdc[2142]: ENC-TS pre-authentication succeeded -- j.abdy@MACSERVER.LOCAL

Jan 27 08:13:10 macserver.local kdc[2142]: Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96

Jan 27 08:13:10 macserver.local kdc[2142]: Requested flags: forwardable

Jan 27 08:13:11 macserver.local kdc[2142]: TGS-REQ j.abdy@MACSERVER.LOCAL from 10.49.23.20:65349 for host/bccscmac20.local@MACSERVER.LOCAL [canonicalize, forwardable]

Jan 27 08:13:11 macserver.local kdc[2142]: Searching referral for bccscmac20.local

Jan 27 08:13:11 macserver.local kdc[2142]: Server not found in database: krbtgt/LOCAL@MACSERVER.LOCAL: no such entry found in hdb

Jan 27 08:13:11 macserver.local kdc[2142]: Failed building TGS-REP to 10.49.23.20:65349

Jan 27 08:13:11 macserver.local kdc[2142]: TGS-REQ j.abdy@MACSERVER.LOCAL from 10.49.23.20:63443 for host/bccscmac20.local@MACSERVER.LOCAL [forwardable]

Jan 27 08:13:11 macserver.local kdc[2142]: Server not found in database: host/bccscmac20.local@MACSERVER.LOCAL: no such entry found in hdb

Jan 27 08:13:11 macserver.local kdc[2142]: Failed building TGS-REP to 10.49.23.20:63443

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 27, 2014 12:50 AM in response to Linc Davis

On client system log for same time when user tried to log in


2014-01-27 08:16:14 +0000 SecurityAgent[122]: User info context values set for j.abdy

2014-01-27 08:16:14 +0000 opendirectoryd[22]: GSSAPI Error: Miscellaneous failure (see text (Server (krbtgt/49.16.11@MACSERVER.LOCAL) unknown (negative cache))

2014-01-27 08:16:14 +0000 authorizationhost[175]: Failed to authenticate user <j.abdy> (error: 9).

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 27, 2014 12:52 AM in response to Linc Davis

In case this also helps you, latest entries from Open Directory Log


2014-01-22 11:43:08.009688 GMT - 1651.9482.9484.9486, Node: /LDAPv3/127.0.0.1, Module: search - failed to retrieve password for credential

2014-01-22 11:43:08.009954 GMT - 1651.9482.9484.9486 - Client: automount, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:43:08.009954 GMT - 1651.9482.9484.9486, Node: /LDAPv3/127.0.0.1, Module: ldap - failed to retrieve password for credential

2014-01-22 11:43:08.197450 GMT - 1627.9496 - Client: Directory Utili, UID: 501, EUID: 501, GID: 20, EGID: 20

2014-01-22 11:43:08.197450 GMT - 1627.9496, Node: /LDAPv3/127.0.0.1 - failed to retrieve password for credential

2014-01-22 11:43:08.197762 GMT - 1627.9496 - Client: Directory Utili, UID: 501, EUID: 501, GID: 20, EGID: 20

2014-01-22 11:43:08.197762 GMT - 1627.9496, Node: /LDAPv3/127.0.0.1, Module: ldap - failed to retrieve password for credential

2014-01-22 11:43:08.200395 GMT - Unregistered node with name '/LDAPv3/127.0.0.1'

2014-01-22 11:44:38.741495 GMT - Registered subnode with name '/LDAPv3/127.0.0.1'

2014-01-22 11:44:39.978030 GMT - 1345.10075.10076 - Client: servermgrd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:44:39.978030 GMT - 1345.10075.10076, Module: ldap - failed to retrieve password for credential

2014-01-22 11:44:45.029489 GMT - 43.10101 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:44:45.029489 GMT - 43.10101, Module: ldap - failed to retrieve password for credential

2014-01-22 11:44:55.030459 GMT - 43.10202 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:44:55.030459 GMT - 43.10202, Module: ldap - failed to retrieve password for credential

2014-01-22 11:45:10.040924 GMT - 43.10229 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:45:10.040924 GMT - 43.10229, Module: ldap - failed to retrieve password for credential

2014-01-22 11:45:30.041772 GMT - 43.10249 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:45:30.041772 GMT - 43.10249, Module: ldap - failed to retrieve password for credential

2014-01-22 11:45:53.046906 GMT - 43.10331 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:45:53.046906 GMT - 43.10331, Module: ldap - failed to retrieve password for credential

2014-01-22 11:45:58.055452 GMT - 43.10375 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:45:58.055452 GMT - 43.10375, Module: ldap - failed to retrieve password for credential

2014-01-22 11:46:08.062984 GMT - 43.10387 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:46:08.062984 GMT - 43.10387, Module: ldap - failed to retrieve password for credential

2014-01-22 11:46:23.092382 GMT - 43.10421 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:46:23.092382 GMT - 43.10421, Module: ldap - failed to retrieve password for credential

2014-01-22 11:46:29.283736 GMT - 43.10432 - Client: opendirectoryd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:46:29.283736 GMT - 43.10432, Module: ldap - failed to retrieve password for credential

2014-01-22 11:46:31.446733 GMT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi

2014-01-22 11:46:31.446760 GMT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/127.0.0.1

2014-01-22 11:46:33.461470 GMT - Unregistered node with name '/LDAPv3/127.0.0.1'

2014-01-22 11:49:01.190515 GMT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi

2014-01-22 11:49:12.900644 GMT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi

2014-01-22 11:49:12.900680 GMT - Module: AppleODClientLDAP - AppleODClientLDAP: notification fired: slapd shutdown for /LDAPv3/ldapi://%2Fvar%2Frun%2Fldapi

2014-01-22 11:49:20.037611 GMT - Registered subnode with name '/LDAPv3/127.0.0.1'

2014-01-22 11:54:07.129427 GMT - 2545.16493 - Client: smbd, UID: 0, EUID: 0, GID: 0, EGID: 0

2014-01-22 11:54:07.129427 GMT - 2545.16493, Module: SystemCache - Negative entry was not found after adding to cache

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 29, 2014 1:27 AM in response to Linc Davis

I have discovered this is a DNS related issue. If I change the DNS on Mac Server and Mac Client to the Windows DNS server it all works but if I use the Mac DNS server I am unable to log in.


The Mac DNS server is setup to forward requests to the Windows DNS server if it cannot resolve an address so surely it shouldn't make a difference.


I have resolved the login issue by using a different DNS server but it doesn't explain why the Mac DNS server isn't functioning correctly.

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Jan 29, 2014 8:06 AM in response to Linc Davis

I have tried that and get a message showing the names match and nothing needs to change.


I have discovered that the Mac Server can use it's own DNS server the problem seems to be with the client.


When the client uses the Mac Server DNS it won't log in but when it uses the Windows Server DNS it does log in. The Mac client I am testing was a fresh install yesterday.

Reply
User profile for user: LeeElvin
LeeElvin Author
User level: Level 1
0 points

Feb 17, 2014 12:15 AM in response to Cerf-Volant

The main network where I work is a Microsoft Windows client / server network run by Windows Server which runs it's own DNS.


When I was setting up the MacServer I wanted to setup the server to be self contained and not rely on the Windows network but for some reason the DNS on the Mac server doesn't work correctly with the mac, may be a configuration issue I don't know as I haven't had time to look into it further, I just know that changing the DNS settings on the network card resolved the issue.


If you are only running the Mac Server then this will not be an option, it is allowing me to get things working while I find the cause of the problem.

Reply

Network accounts are unavailable after server update to 3.0.2

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up