Contribute  :  Advanced Search  :  Directory  :  Forum  :  FAQ's  :  My Downloads  :  Links  :  Polls  
AFP548 Changing the world one server at a time.

advanced search 

Sections

Home
AFP548 Site News (107/2)
Articles (282/26)
Apple (50/2)
Extended KB (3/1)
Ask AFP548 (16/42)
Reviews (5/1)
Security (16/2)
Tips (130/8)
Third Party Applications (53/6)
Odds and Ends (28/1)
Podcasts (2/0)

User Functions

:

:

Don't have an account yet? Sign up as a New User
Lost your password?

Poll

Do you want push services for the iPhone on Mac OS X Server?
Yes! Expand the existing stuff!
Yes! Apple should add EAS support!
No! I just use another service that already has push.
Results
80 votes | 0 comments
Welcome to AFP548
Thursday, July 29 2010 @ 09:33 am MDT
   

Troubleshooting Automounts

Wednesday, October 27 2004 @ 11:42 am MDT
Contributed by: MacTroll
Views: 14,850
ArticlesOne of the coolest, but most confusing, features of an OS X Server is the ability to set up automounting sharepoints.

This article discusses some techniques for figuring out where things went wrong.

How to set them up.

An automount consists of two things. The first is a valid sharepoint. So go into Workgroup Manager and make sure that you have a working sharepoint.

Next you need to create a mount record for the sharepoint. This record lives in your chosen network directory service, LDAP for 10.3 or NetInfo for 10.2, and alerts all of the client machines that you have an automounting sharepoint.

You enable the mount record in WGM by selecting the sharepoint and then clicking on the Network Mount button to the right. Use the "Where" pull down to select the directory service that you want to create the mount record in. Usually this is gong to be "LDAPv3/127.0.0.1 if you are doing this on the server. Then click on the lock and authenticate as an admin user in that directory domain. Finally you can enable the mount record by selecting the "Create a mount record for this sharepoint" check box.

For the protocol pick "AFP." For the most part this is an easier and simpler method than NFS. Not that NFS doesn't have its uses, just that you'll get further faster with AFP.

You have a couple of options for what you want to do with the automount. Problem is that prior to 10.3.3 only "User Home Directories" and "Custom mount path" work. So ignore the others if you haven't upgraded. Essentially the difference between these two is that the home directories option is dynamic and the custom path is static.

Dynamic automounts are not actually mounted until the user navigates into the folder. Also dynamic automounts mount in /Network/Servers.

Static mounts are mounted at boot time and stay connected until the machine is shut down. Unlike dynamic mounts you can customize where the static mount actually shows up in /Network.

Hit "Save" and you have an automount. The server does not need to be restarted, however, before the client machines will be able to use a static automount they'll need to be rebooted. Dynamic automounts in recent version of 10.3 will be found as needed, so no need to reboot.

Troubleshooting

Since there are a number of different steps to the automounting process there are a number of different places where they can get funky. All the pieces have to be in place for the whole process to work.

1. Check the record in the directory service.

For the mount to work, the mount record in the directory service has to be accessible to the client machine. Even more so it needs to be accessible by the clients at boot time.

The record doesn't have to live on the same server as the user record does. It just has to be on a server in the client's authentication path, as set in Directory Access.

If the record doesn't exist, you'll need to recreate it in Workgroup Manger. Or if you are using 10.3 you can enable the Inspector function, in WGM preference's, and edit the record by hand.

The mount record will have url associated with it, Make sure that this url is actually valid. Cut and paste the url into a "connect to" dialog and prove that it's actually valid. If this url won't work the automount probably won't work. It's important to test the url from the client, not the server. WGM likes to list the url as a DNS name and not a raw IP address. If DNS is bad, or the client isn't using the same as the server the mount will fail.

2. Check and make sure that the client is getting the mount record.

On the client machine use lookupd in debug mode to test this.

lookupd -d
Now query for all mount records with: 
allMounts
This should return all mountpoints that are being read in by the client machine. If you don't see the automount that you are looking for you'll need to check Directory Access on the client machine and make sure that it's connecting to the server in the correct way.

Once you've double-checked Directory Access you'll have to troubleshoot the network as normal. Make sure the client can ping the server that kind of thing.

3. Run the automount process by hand.

This is usually the most elucidating step in troubleshooting these problems. If you know the client can see the mount point and that the mount point contains a valid URL try this step next.

On the client machine force automount to run in debug mode using the automounts from directory services. This process is normally handled by the NFS startup item at boot. However doing it by hand will allow for a lot more degugging info. 
sudo automount -m /automount/Servers -mnt /private/var/automount/Network/Servers -d
Common problems that you'll see here is that the mountpoint on the local machine already has a folder or file in it. Automount will not overmount an existing file, so you'll need to remove that file first. It's quite possible that you didn't put the file there in the first place, however. When automounts are incorrectly formatted or otherwise messed up it's very possible that automount will attempt to mount the sharepoint and fail. However in the process it will leave a folder on the local machine where the mount point was going to go. This needs to be cleaned up.

4. Turn on guest access.

While home folder and group folder automounts don't need guest access enabled, all other mounts do. So, if you are trying to share out an application or a fonts share point to your client machines you'll need to make sure that guests can access that sharepoint. No guest, no mount.

The one way around this is to use kerberos to authenticate your users. Configure your clients and servers as normal to use kerberos and the clients don't have much choice but to use kerberos authentication for the shares. 5. Group folders.

Group folders are a different beast than any other type of sharepoint on OSX. To enable a group sharepoint on 10.3 you'll need to enable an automounting directory. This is NOT the actual group folder, but a folder that will hold all group folders. Many people think they want a "group" folder, but after setting one up and reading about how it works, they end up with just a normal automounting sharepoint. That's not to say that group folders are bad, just that they are a very specific beast created with the education market in mind.

You need to have done at least four things before a group folder will work on 10.3.

First of all you need to create set a sharepoint to automount. Do this in Workgroup Manager by authenticating to your LDAP domain and then checking the mount record box. There is not a radio button for Group folders at the bottom of this window. However, feel free to use the button for user home directories as that will work just as well. Remember this isn't the actual folder that you want to make into a Group folder. Instead this is the folder that will contain all group folders that you will set up.

Second, go into the group record that you want to assign the Group folder too. Again this is in Workgroup Manager. Here you have a tab to show you the folders associated with the group. If you have done the mount record right, you should see the sharepoint you set up in step one here. Select this sharepoint.

Third, set a user to be the owner of the Group folder. You have to do this. Failure to do so will prevent the Group folder from working. Here is where a Group folder is different than any other sharepoint on the system. The owner that you specify will become the owner for any file or folder that is created or placed inside this share. File permissions still work the same as other shares for the group and everyone else. However, let me repeat this, the owner that you specify here will become the owner of all files and folders in this share.

Fourth, now you can run the command that will generate the folder itself. Why they didn't put this into the GUI I have no idea. So scurry on down to the CLI on the server and run this command. 
sudo creategroupfolder
If you hang around long enough, like overnight, the system is supposed to autocreate the folder for you, but why wait.

6. 10.3.5

Prior to 10.3.5 you were limited to a 50 character url for your automount url, including the path to the actual folder you were automounting. See this kbase article 107695 for more information.

In 10.3.5 Apple wanted to give you a bit more room to move in, so instead of the local mount point being /private/var/automount/Network/Servers, it's now /automount/Network/Servers. A savings of 12 characters. You now have 62 characters to work your magic.

However, it has been reported that this breaks some things. Your mileage may vary, but if things go funky you should be able to put things back to where they were on the clients by symlinking the old to the new.

sudo ln -s /private/automount/Network /automount/Network.
 

What's Related

Story Options

Advertising

Troubleshooting Automounts | 9 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Troubleshooting Automounts
Authored by: MDhaliwal on Thursday, October 28 2004 @ 09:13 am MDT
Its funny, because this is exactly what I was playing with at work on Tuesday
night! The timing couldn't have been better!

I was completely unaware of some of these differences, which probably
explains why I didn't get the results I wanted. I guess the question would be,
if I have two groups of Mac OS X users, while groups A & B both have access
to shares A & B, mostly A sticks to A and B sticks to B. Is there a good way to
set up A only receiving A on login and B only B? I had tried setting them as
group folders, but I think I'd rather not change all permissions.

One thing I found interesting was that WGM automatically assumed the name
of my group share would match the name of my group. For example, in
reality, group B's share isn't the name of group B, for argument's sake, we'll
say the department is named Text and the share is named Data. If I set up a
group share in WGM, no matter what path I would specify, the share would
show up as afp://server.name.here/Text, or Text/Text, or any_path/Text for
that matter! :)
Troubleshooting Automounts
Authored by: jpkelly on Friday, October 29 2004 @ 02:31 am MDT
I have been pulling my hair out trying to get a remote volume to automount. I was glad to see this article.
I am still a bit lost though.
I had a hard time seeing what needs to be done on the client side to make the mount show up.
Somthing was mentioned about creating a mount record with WorkGroupManager if one did not exist but I am not sure how/where to do that in WGM and what should be in the record. also i tried this as suggested:

lookupd -d

Now query for all mount records with:
allMounts

when I enter "allMounts" and hit return allMounts reverts to "all"
:(
I realize this was a troubleshooting guide rather than a how to.
Is there a good how to on automounts in Panther?
I did finally get NFS to work but I would like to see the mount in /Volumes. Any help will be appreciated.
Troubleshooting Automounts
Authored by: uurf on Friday, November 12 2004 @ 05:33 pm MST
Thanks for a very useful article.

However, automount still resists my attempts to get it working, and I suspect
something is broken.

This all started because users were complaining that Fonts in their network
home directories were not accessible. After some trouble shooting, I
discovered that user's fonts were only accessible fpr the first login after a
reboot; subsequent users logging in will not be to use the Fonts in their user
space. (They will be able to see ~/Library/Fonts, and rw there, but Fontbook
won't recognize them and neither will anything else.)

At that point I decided perhaps an Automount /Library/Fonts directory could
achieve the same results. I created the automount as described here. It is
visible upon the first reboot and login, but subsequent logins show only a
broken alias in /Network/, even though all of the troubleshooting steps
above check out fine. (except the automount terminal method - it returns "-
mnt: no such file or directory")

The interesting thing that upon subsequent reboots, it also shows the broken
alias, unless I delete /private/automount/Network/Library by hand. Then /
Network/Library works (but only for the first login session).

This is really driving me nuts. Any thoughts?

Both client and server are running 10.3.6, and are connected via a gigabit
switch.
Troubleshooting Automounts
Authored by: jpkelly on Monday, November 15 2004 @ 01:09 am MST
One thing I am not clear on is what needs to be done on the client side.
Where does the mount get entered other than by using NetInfo? (ie LDAP)
Troubleshooting Automounts
Authored by: mathieuf on Friday, November 19 2004 @ 05:49 pm MST
Apple posted a new version of the User Management Admin manual on their
website (titled User_Management_Admin_v2.pdf) in which setting up a groups
sharepoint does not involve having it automounted.

I found this out after calling Tech Support about user AFP connections to the
groups sharepoint not going away when they log out and they told me it
shouldn't be automounted and that I had set it up incorrectly and didn't
follow instructions (which I had but apparently to the original version of this
manual and no one at Apple Support had bothered creating a kbase article
about the change or posting it to any of the discussion boards or lists).

BTW, the change to not having the groups sharepoint automounted didn't
solve my problem, but didn't seem to hurt anything either.
very interesting
Authored by: Anonymous on Friday, July 22 2005 @ 07:03 am MDT
Hello, I just wanted to say you have a very informative site which really made me think, thanks very much! Have a nice

Troubleshooting Automounts
Authored by: Roodavis on Wednesday, November 02 2005 @ 11:27 am MST
Any ideas on how to clear phantom automounts? Rebuilt a server to
reduce the number of AFP automounts, but now I have clients that still
show the old automounts in /Network/Servers This appears to be causing
startup and login issues. Is there a file that can be copied to a lab of
computers once it is corrected on one cient?

Thanks and Have A Great Day.

Rick Davis
Turning on guest access
Authored by: mudbug on Tuesday, April 24 2007 @ 04:35 pm MDT
It should be noted that in step 4, turning on guest access, you need to do more than turning on the checkbox on in Work Group Admin -> Sharing -> Protocols Tab -> Allow AFP guest access. You can toggle this on and off all day, but it won't matter unless your AFP server, in Server Admin, is also setup to accept guest access. To verify this, say you have "Applicaitons" as a share name. Try to connect to afp://your.server.ip.address/Applications. If "guest" is greyed out, you're never going to get it to work properly until you enable it in the Server Admin. Otherwise what you're very likely to find is error messages like "The alias "Applications" could not be opened, because the original item cannot be found" in the Finder, or this in the Terminal:

$ ls -l /Network/Applications/

ls: /Network/Applications/: Authentication error
lrwxr-xr-t 1 root wheel 512 Apr 24 14:58 /Network/Applications/@
 Copyright © 2010 AFP548
 All trademarks and copyrights on this page are owned by their respective owners.		 Powered By Geeklog 
Created this page in 0.18 seconds