At least I can bind my clients to it and then (after reboot of the client) work with networked home-dirs
BUT I have a couple of entries in my logs that I have not seen in the testserver (I had no problems with setting up a testserver as an OD Master on a test-LAN…)
1. /Library/Logs/slapconfig.log:
Creating the keytab file kadmin: No entry for principal xgrid/server.my-domain-name.net@SERVER.MY-DOMAIN-NAME.NET exists in keytab WRFILE:/etc/krb5.keytab … kadmin: No entry for principal afpserver/server.my-domain-name.net@SERVER.MY-DOMAIN-NAME.NET exists in keytab WRFILE:/etc/krb5.keytab … Creating the keytab file kadmin: No entry for principal ldap/server.my-domain-name.net@SERVER.MY-DOMAIN-NAME.NET exists in keytab WRFILE:/etc/krb5.keytab 2006-03-13 22:59:23 +0100 - kerberosautoconfig command output: The machine is standalone Removing /Library/Preferences/edu.mit.Kerberos 2006-03-13 22:59:23 +0100 - kerberosautoconfig command failed with status 255 2006-03-13 22:59:23 +0100 - command: /usr/sbin/mkpassdb -kerberize 2006-03-13 22:59:23 +0100 - mkpassdb command output: kadmin.local: unable to get default realm kadmin.local: unable to get default realm kadmin.local: unable to get default realm 2. /var/log/slapd.log: Mar 13 23:01:00 server slapd[389]: Entry (uid=untitled_1,cn=users,dc=server,dc=my-domain-name,dc=net): object class 'posixAccount' requires attribute 'homeDirectory'\n Mar 13 23:01:00 server slapd[389]: entry failed schema check: object class 'posixAccount' requires attribute 'homeDirectory'\n Mar 13 23:01:33 server slapd[389]: Entry (uid=t2,cn=users,dc=server,dc=my-domain-name,dc=net): object class 'posixAccount' requires attribute 'homeDirectory'\n Mar 13 23:01:33 server slapd[389]: entry failed schema check: object class 'posixAccount' requires attribute 'homeDirectory'\n
PS.:
- Just to be on the safe side I have batch-replaced the domain name with "my-domain-name" & "MY-DOMAIN-NAME"
- Some linebreaks have been added to the logs above to make the whole post more readable!
Before I made the (almost?) successfull promotion to OD Master I did:
- Make sure reverse DNS is working
- Made the server's Network Preferences DNS server point to 127.0.0.1
- Set the hostname via "sudo scutil --set HostName"
- /etc/hostconfig contains "HOSTNAME=-AUTOMATIC-"
- The server is running DNS, AFP, Web, MySQL & Mail
#########################
- How serious are the errors I can see in the logs?
- How an I fix them?
TIA From a Kerberos newbie (that had a lot of help from the O'reilly book "Mac OS X Panther Administration")