network users not showing up at login screen

Many Open Directory problems can be resolved by taking the following steps. Test after each one, and back up all data before making any changes.

1. The OD master must have a static IP address on the local network, not a dynamic address.

2. You must have a working DNS service, and the master's hostname must match its fully-qualified domain name. To confirm, select the server by name in the sidebar of the Server application window, then select the Overview tab. Click the Edit button on the Host Name line. On the Accessing your Server sheet, Domain Name should be selected. Change the Host Name, if necessary. The server must have at least a three-level name (e.g. "server.yourdomain.com"), and the name must not be in the ".local" top-level domain, which is reserved for Bonjour.

3. The primary DNS server used by the master must be 127.0.0.1 (that is, itself) unless you're using another server for internal DNS. The only DNS server set on the clients should be the internal one, which they should get from DHCP if applicable.

4. Follow these instructions to rebuild the Kerberos configuration on the master.

5. If you use authenticated binding, check the validity of the master's certificate. The common name must match the hostname and domain name. Deselecting and then reselecting the certificate in Server.app has been reported to have an effect in some cases.

6. Unbind and then rebind the clients in the Users & Groups preference pane. Use the fully-qualified domain name of the master.

7. Reboot the master and the clients.

8. Don't log in to the server with a network user's account.

9. As a last resort, export all OD users. In the Open Directory pane of Server, delete the OD server. Then recreate it and import the users. Ensure that the UID's are in the 1001+ range.

In system preferences, next to the "Allow network users to login" option, click options and make sure "All network users" is selected.

Can you switch to console mode (type in >console at the username prompt) and login with network accounts?

Hello,

For this you just has to change the login window settings. To change the settings follow the steps below:

1) Go to the System Preferences.

2) Open Users & Groups preferences, click Login Options, then click the lock icon to unlock it. If necessary, type your password, then click Unlock.

3) To display the other option or to login using the network accounts during login, select “user name & password” for the “Display login window as” setting.

@ Linc Davis Great post. This helps explain a portion of what's happening in our environment. The only thing that's different is the fact that we are without OD in an enterprise environment. How would I work around this? My thoughts are to have a special group allocated in AD to work with the level of users that are admins across our huge campus (namely, instructors).

I can of course select the "+" to add from either the individual users or all network users groups, but I have to do it manually-- the window doesn't auto-populate as I've seen it in one of my previous work environments before being hired on at my current employer.

Any additional ideas would be very welcomed.

Thanks all, thanks in advance.