Over the last several months (4-6, I’d estimate), I’ve been having an issue with the password server. I have been searching here and apple.com’s forums for an answer, but the search function hasn’t given me any love since I’ve started looking. I’m running a pretty much standard 10.4.11 (this has been happening since 10.4.4ish) install on an XServe, running as an OD master, with web, email, and a few other services, with success with the exception of this one problem:
When I reboot the server (whether it be on purpose, or by kernel panic or power outage), all of my users lose the ability to log in. Now… this issue isn’t so simple as not being able to log in. For the most part, when the issue occurs, mail will be fine, but desktop/network home/directory login will be denied. The only solution I’ve come up with is to reset passwords every time I reboot (not a very good solution, I admit).
My theory is that the password server’s DB is somehow corrupt. Passwords get stored/cached when I change them in WGM, but when the file is closed for a reboot or whatever, they’re not getting saved properly. Also, it would seem that only certain kinds of hashes are corrupt, as GSSAPI won’t work, but CRAM-MD5 will.
I know I can tear down my OD master and rebuild it, and I have done that before. It did fix the issue, but it seemed to come back the next time a power outage or kernel panic occurred. Is there a command I can issue to rebuild the password server’s DB? If not, is there a more elegant way to rebuild the OD master without losing all of my user/computer settings?
.
.
Comments are closed