DirectoryService.error.log issue

[blackholemac]

I’ll start by thanking anyone for help in advance and try to be specific as to what I’ve done and what our environment consists of:

We have about 200 Macs, bound to AD for logins, passwords and bound to OD for machine-based MCX policy

Our AD domain controllers run Windows 2008 Server R2 (note that R2 is a completely separate OS from Windows 2008 Server). Our Mac OS X Server runs version 10.6.3 10D578. I work for a school district so at the end of this school year, we have declared that all of our clients will be reimaged and upgraded to 10.6.3.

When we started imaging we had some issues with bound machines failing to login so I broke this out step by step to solve our problems.

I began by clearing out our Mac AD computer records and our Mac OD computer records. I then completely wiped a workstation and reinstalled the OS from a boot CD (ruling out my images as a source of problems). I am using a 10.6.3 boot CD. We do use mobile accounts in all AD binds here at our district.

Installed fresh and updated with all current software updates, I then bind to AD first and log in with an AD user to test the bind. Binds fine and logs in and gets a Kerberos TGT fine except I seem to be getting a pesky error in the DirectoryService.error.log. Note I have obscured our location-specific info to keep my boss happy.

2010-06-01 15:26:52 EDT – T[0x0000000101A04000] – Misconfiguration detected in hash ‘Kerberos’:
2010-06-01 15:26:52 EDT – T[0x0000000101A04000] – User ‘myusernamehere’ (/Local/Default) – ID 1229613497 – UUID 494A69B9-7653-407E-929E-EBDF22AF8C30 – SID S-1-5-21-343818398-1563985344-1177238915-10752
2010-06-01 15:26:52 EDT – T[0x0000000101A04000] – User ‘myusernamehere’ (/Active Directory/my.domain.com) – ID 1229613497 – UUID 494A69B9-7653-407E-929E-EBDF22AF8C30 – SID S-1-5-21-343818398-1563985344-1177238915-10752

Each and every time someone logs in with an AD user it’s the same, logs in and works fine but generates this stupid error in the DirectoryService.error.log files and makes an entry in the system.log referencing the DirectoryService.error.log file

Sighs…this I guess is fine, I don’t know about users on here, but I hate to see the DirectoryService.error.log fill up constantly like this. Now what interests me even more is that each time a new user logs into the Mac, it goes through all the other cached mobile accounts and generates errors for them to…as you can see over a semester, this will mushroom out of control. If all I have to worry with is the log files, I can deal with them, but if someone can help me fix the problem that the log files are reporting, that would be even better.

Thank you in advance for any advice and to those who might help, I will gladly provide you any further details or logs you would require.

blackholemac

[milt]

I am having the exact same problem, except kerberos seems to intermittently fail as a result.

[Author]

Posts