Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Picoscope
Picoscope Author
User level: Level 1
22 points

Local LDAP node authentication credentials could not be found

Hi all,


I spent the last few weeks combing through logs and resolving several pernicious errors on my 10.8.5 server. For the last week my server has been running error-free, user experience has been fabulous, zero system hangs, beautiful clean logs, etc. Today, out of the blue, one of my assistants said she could no longer add users via server.app, and I find the following in the system log:

Aug 14 22:44:11 myserver.fqdn.net servermgrd[8729]: -[AccountsRequestHandler(AccountsOpenDirectoryHelpers) authLocalLDAP]: Local LDAP node authentication credentials could not be found

Typically, the sever is bound using authentication to 127.0.0.1 and there is an appropriate application password item in the system keychain that references the correct machine and node.


Something new I noticed today, though, when I view the LDAPv3 service in Directory the Bind appears to be broken (not authenticated and I don't see the DN or Password listed in the Security Pane (whearas the way I set it up, it was authenticated as Diradmin).


If I re-bind and authenticate, then go to the Directory Editor tab of Directory Utility, the server can no longer connect to the node /LDAPv3/127.0.0.1/ and OD breaks.


For now, I've opted to leave the server unbound. OD appears to be operating fine, but we've had to re-bind all of our clients to get them to recognize the server again (using the exact same credentials), even though all of their machine records appear intact. Users are now able to log in again, but I'm still getting the error above whenever I start Server.app, and I cannot add or delete new users via Server.app (I can, however, add them through Workgroup Manager).


I am very, very confused. Clarity anyone?


Thanks!

-Paul

MAC MINI SERVER (LATE 2012), OS X Server, 10.8.5

Posted on Aug 14, 2014 11:05 PM

Reply
19 replies
User profile for user: Picoscope
Picoscope Author
User level: Level 1
22 points

Aug 26, 2014 2:03 PM in response to Linc Davis

I finally resolved this issue by trying the re-bind again. I bound to 127.0.0.1 using the diradmin credentials. For some reason, this time the connection to the LDAP local directory didn't get hosed and I could still see all my users, computers, etc in the LDAP listings. I did, however see some errors stating that the LDAP directory couldn't be found... which seemed odd. These cleared up after rekerberizing.


Thanks again, Linc!

Reply
User profile for user: Grant Bennet-Alder
Grant Bennet-Alder
User level: Level 10
127,405 points

Jul 9, 2015 7:54 AM in response to Grant Bennet-Alder

In upgrading to Server 4, I found FQDN did not work properly any longer, and also did not give me read/write access to accounts information in Server. Server always seemed to think those accounts were somewhere else and inaccessible.


It turns out you DO want Open Directory Network Accounts listed as "Local Network Users" to maintain them using Server 4 instead of WorkGroup Manager. This only happens when the Binding to Directory on the Server machine itself is set to 127.0.0.1, and does not work properly when using the three-part fully-qualified domain name that I preferred..

Reply

Local LDAP node authentication credentials could not be found

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up