Home › Forums › OS X Server and Client Discussion › File Serving › -5000 errors when some users attempt AFP login
- This topic has 8 replies, 5 voices, and was last updated 17 years, 4 months ago by
dayhox.
-
AuthorPosts
-
May 24, 2007 at 5:53 pm #369141morgantParticipant
Starting sometime today (AFAICT), one of our File Servers has started giving out -5000 errors (this is normally a permissions error, right?) when two specific users attempt to authenticate. Everybody else can authenticate fine (including when using their workstations) and, in fact, they can authenticate successfully (and mount volumes) from another AFP server.
Both AFP servers are bound to OD. The AFP server they’re experiencing difficulties with is running Mac OS X 10.4.8 Server and the other is running Mac OS X 10.3.9 Server.
I’m not seeing any errors in either /Library/Logs/AppleFileService/AppleFileServiceError.log or /Library/Logs/AppleFileService/AppleFileServiceAccess.log
Any suggestions as to why this might be happening or where to start looking? Could it be an OD issue?
Thanks in advance.
May 24, 2007 at 10:46 pm #369143morgantParticipantAnd apparently this is one of those issues that a reboot will solve. I hate those, I like answers!
May 29, 2007 at 5:55 pm #369167morgantParticipantHmmm, after a very a quick inspection, I am seeing some replication errors. I’ll have to dig into this and see what was actually going on on that date.
November 19, 2007 at 1:18 pm #370548bentomsParticipantHi guys,
I am getting the similar issue with one user too.
We are running the “Magic Triangle” & as such we are using AD credentials for connecting to our Xserve & connected RAID.
All 70+ other users can mount the shares via AFP but not this one user.
I have isolated this to something with her account as I get the same error when connecting to the server on my Mac with her credentials too, (i.e destroy kerberos tickets, create a new ticket using her credentials, press k type in the server name press connect > Error -5000).
However, we can mount the same shares via SMB or CIFS using the same details.
We have deleted & recreated the AD profile but still no joy.
The error logs via Server Admin do not show anything.
The Access logs in Server admin just show:
[quote]IP 192.168.1.133 – – [19/Nov/2007:13:08:41 0000] “Login cstlouis” 0 0 0
IP 192.168.1.133 – – [19/Nov/2007:13:08:41 0000] “Logout cstlouis” 0 0 0[/quote]The password logs do not show anything for the past couple of weeks….
I really am stumped…
November 23, 2007 at 2:51 pm #370587pinguParticipantChastise me if I speak to simple…
We’ve seen this occasionally when a fileserver falls out of time sync a little with the ODM/ADM and also when the same is true of the client. And/or both.
Check the times on client and server. If one or both are out enough to provide 5 or more minutes difference then they may be able to log on to their machine but not connect to the fileserver.
Dan
November 26, 2007 at 1:38 pm #370600bentomsParticipantSorry about the late post but I found out what the issue was affecting our guys here.
The users that had this problem had there PHD UNC path pointing to a location that wasn’t accessible to them (even though they weren’t using PHD’s), so I cleared the UNC path as it was just for testing & all works fine.
Just weird that’s all.
December 14, 2007 at 8:52 pm #370810dayhoxParticipantWe’re getting something similar too -5002 errors.
Users are having to open Kerberos.app, get ticket, then connect to AFP server via Finder.
This has only, so far, affected Leopard Clients.10.5.1 client – 10.3.9 server OD – 10.5.1 server AFP
Tiger clients have not had any issues.
dOD is being update this weekend
UPDATE: deleting user’s keychain fixes everything, for us anyhow
-
AuthorPosts
- You must be logged in to reply to this topic.
Comments are closed