Home Forums OS X Server and Client Discussion File Serving Serious NetInfo db and authentication issues

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • October 19, 2006 at 7:06 pm #367329
    hiredman
    Participant

    I have an Xserve that runs Mail, Web and Database services. In support of the web it also runs afp and ftp so clients can change their files. We had a rash of power outages a couple weeks ago which killed our old UPS units. So after getting the new UPS in last night and restarting I noticed something odd this morning.
    New users created in WGM can’t authenticate over the net but old users are fine. After about an hour beating (trying users with no passwords, flushing afp aliases in netinfo) on it I decided to spend another hour on the phone with Apple Care and still no joy. The new users exist and have passwords (I can su into newly created users) but I can’t authenticate in any way that involves services. I can’t ftp://127.0.0.1 under the new accounts but I can under the old ones. Despite jumping through 100 different hoops (creating OD LDAP users and demoting them to Shadow Passwords, etc) the Apple guy finally gave up and recommended trashing the netinfo database. Apparently there is a disconnect between the services and the database – old entries work but services are blind to the existence of newly users.
    Unfortunately replacing the netinfo database will destroy all the Mail passwords since account export is non-password preserving. Because /var is actually in /private/var I don’t think my tape back-up has a known good netinfo db on it. The system stashes one everyday at 3:15 but this corruption is at least a week old if it came from where I think it did.
    Anyone seen anything like this? Any other things to try before I have to burn it to the ground and start over?
    *SIGH*
    [EDIT: I was reviewing my post and what he actually recommended was exporting the users trashing the netinfodb and applesetupcomplete file to force it to re-run the server set-up then reimporting my users. This would preserve users but not their passwords and would necessitate server re-set-up and sharepoint assignment etc. What I’m really worried about is the assumption that the UID and naming will be enough to re-attach the users to their previous folders and mailshares. Damn.]

    =Tod
    PS Plans for email users to reset passwords assuming I have to start over?

    October 28, 2006 at 9:47 am #367431
    memememe
    Participant

    “flushing afp aliases in netinfo”

    Would you mind telling me how to do this and any fall out?

    cheers

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.