Network/Mobile user can’t log in (AFP -1019 & -1023 errors)

[morgant]

I’d assume this is actually an AFP issue and not an Open Directory issue, but here goes:

I’ve got an OD Master and two AFP servers in different buildings about 60 miles apart (connected by a point-to-point T1), but started getting some oddities on Monday. One AFP server is running 10.3.9 Server and the other is running 10.4.8 Server.

We have a new hire (let’s say her shortname is “molly”) and I created their account using my usual procedure and set her home folder to be located on the 10.4.8 AFP server (in /Volumes/Users, which is on a volume on an Xserve RAID RAID set). When she attempts to log in she gets the following error:

[quote]”You are unable to log in to the user account ‘molly’ at this time.

Logging in to the account failed because an error occurred. The home folder for the user account is located on an AFP or SMB server. Contact your system administrator for help.”[/quote]

Normally I associate this error with a workstation that’s lost its connection to the AFP server, however, this error occurs on any workstation in either location. If I switch her home folder to the 10.3.9 AFP server, all is well. The user ‘molly’ is in a group that has Portable Home Directory/Mobile Home prefs. If I take her out of that group so she reverts to a standard Network Home, she gets the same error.

Looking in /Library/Logs/AppleFileService/AppleFileServiceAccess.log I see she gets the following errors:

[code]P 192.168.21.218 – – [09/Jul/2007:17:56:18 -0500] “Login molly” -5019 0 0
IP 192.168.21.218 – – [09/Jul/2007:17:56:18 -0500] “Logout molly” -5023 0 0[/code]

There are no errors in /Library/Logs/AppleFileService/AppleFileServiceError.log. Now, according to [url]http://docs.info.apple.com/article.html?artnum=9804[/url] the -5019 & -5023 errors mean afpParmErr & afpUserNotAuth, respectively, but I’m not sure what that actually means in terms of this issue.

I’ve tried restarting the 10.4.8 AFP service, rebooting the server, deleting the user’s home folder and recreating it manually (with the correct permissions), deleting the user from OD and recreating her from scratch, and I’ve tried running the following commands (as suggested here: [url]https://www.afp548.com/forum/viewtopic.php?forum=25&showtopic=12406[/url]):

[code]sudo memberd -l
sudo memberd -c
sudo lookupd -flushcache[/code]

Any ideas as to what’s going on here? Any suggestions as to what to try next?

[morgant]

I’ve already stated that this seems to be an AFP issue to me, but I’ve now migrated that file server to a new Xserve Xeon running Mac OS X 10.4.10 server and the issue still persists. [s]I’d assume it’s an Open Directory issue at this point, but I deleted the user and recreated her from scratch.[/s]

Oops, I wasn’t paying attention to the fact that the 10.3.9 server was the one that worked. [i](And, no, I didn’t just migrate the whole server because of that, it was in desperate need of an upgrade and had been locking up due to I/O errors recently.)[/i]

Does anyone have any suggestions?

[Author]

Posts