Home Forums OS X Server and Client Discussion Active Directory unable to login at this time (home folder) smb AFP

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • September 6, 2005 at 11:04 pm #363129
    TheMacKat
    Participant

    I have bound to 2003 AD correctly and can login to AD from tiger with a local home folder enabled(altho it doesn’t mount the AD profile homefolder)but home folder can be mounted manually ,AD shares are accessible etc
    AS soon as I disable local home I get login refusal
    “you are unable to login to the user account at this time,,home folder is located smb/afp”
    all digital signing is disabled
    reading forums for days I suspect its more to do with guest access,keberos etc at login screen to the shares because access seems fine once user is logged in
    All windows users work perfectly with the same home folders
    don’t know enough about macs to understand logs and troubleshoot this,have even had Mac techs on site and they were unable to figure it out but i Need this and refuse to give up.Admitmac sounds brilliant but too dear

    Any help please

    September 7, 2005 at 5:16 am #363137
    TheMacKat
    Participant

    thanks for assisting,
    tried logging at AD server,tested on win client “failures logged”
    tested on mac empty logs

    September 7, 2005 at 6:14 am #363139
    AMSR
    Participant

    What does the system.log say on your OSX client after you log in. Is it trying to mount your home? Also, what does the UNC path for the home folder look like in AD? It should be \\servername\sharename\homefolder. All folders that are parents of the home folder need at least list access for the person trying to access the home.

    September 7, 2005 at 11:12 pm #363167
    TheMacKat
    Participant

    UNC path in user profile is
    \\servername\sharedvolumename\userhomefolder
    users have fullcontrol over the sharevolume,they have read and list security access,they have full permissions for their home folders altho these arn’t individually shared,
    have tried enabling guest access ,logging on with full admin account etc and all homefolders are accessible from “connect to server” using smb and afp

    system log for mac with some automount errors at end

    /System/Library/LoginPlugins/URLMountUIProxy.loginPlugin/Contents/Resources/UIProxyServer.app/Contents/MacOS/UIProxyServer: server: bootstrap_check_in(): 0x44c: Bootstrap not privileged

    Sep 7 12:58:48 Art-EMac09 kernel[0]: AFPSleepWakeHandler: going to sleep
    Sep 7 12:58:49 Art-EMac09 configd[38]: AppleTalk shutdown
    Sep 7 12:58:49 Art-EMac09 configd[38]: AppleTalk shutdown complete
    Sep 7 13:17:14 Art-EMac09 kernel[0]: System Sleep
    Sep 7 13:17:14 Art-EMac09 kernel[0]: System Wake
    Sep 7 13:17:14 Art-EMac09 kernel[0]: Wake event 0020
    Sep 7 13:17:14 Art-EMac09 kernel[0]: Sound assertion “0 != err” failed in “AppleLegacyAudio/AppleTexas2Audio/AppleTexas2Audio.cpp” at line 960 goto Exit
    Sep 7 13:17:14 Art-EMac09 kernel[0]: USB caused wake event (OHCI)
    Sep 7 13:17:16 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
    Sep 7 13:17:17 Art-EMac09 configd[38]: AppleTalk startup
    Sep 7 13:17:17 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

    Sep 7 13:17:20 Art-EMac09 kernel[0]: AFPSleepWakeHandler: waking up
    Sep 7 13:17:23 Art-EMac09 configd[38]: AppleTalk startup complete
    Sep 7 13:17:26 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 13:55:33 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 13:55:33 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Sep 7 13:55:34 Art-EMac09 loginwindow[1380]: Login Window Started Security Agent
    Sep 7 13:55:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 13:57:15 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 14:01:35 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 14:05:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 14:15:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 14:25:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 14:35:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 14:45:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 14:55:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:05:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:15:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:25:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:35:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:45:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 15:55:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 16:05:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 16:15:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 16:25:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 16:33:00 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 16:33:21 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
    Sep 7 16:51:17 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 16:51:18 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Sep 7 16:51:18 Art-EMac09 loginwindow[1547]: Login Window Started Security Agent
    Sep 7 16:51:19 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 17:05:50 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 17:05:50 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Sep 7 17:05:51 Art-EMac09 loginwindow[1582]: Login Window Started Security Agent
    Sep 7 17:05:52 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 17:09:35 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 17:09:43 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 17:10:49 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 17:15:52 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 17:17:55 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 17:18:36 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
    Sep 7 17:23:21 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
    Sep 7 19:51:41 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
    Sep 7 19:51:41 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Sep 7 19:51:43 Art-EMac09 loginwindow[1794]: Login Window Started Security Agent
    Sep 7 19:51:43 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 20:31:29 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 7 20:31:50 Art-EMac09 shutdown: halt by root:
    Sep 7 20:31:51 Art-EMac09 SystemStarter[1831]: eTrust Antivirus (1834) did not complete successfully
    Sep 7 20:31:51 Art-EMac09 SystemStarter[1831]: authentication service (1840) did not complete successfully
    Sep 8 09:14:24 Art-EMac09 kernel[0]: standard timeslicing quantum is 10000 us
    Sep 8 09:14:23 Art-EMac09 mDNSResponder-107 (Mar 20 2005 20: 31:47)[53]: starting
    Sep 8 09:14:24 Art-EMac09 kernel[0]: vm_page_bootstrap: 61655 free pages
    Sep 8 09:14:23 Art-EMac09 lookupd[61]: lookupd (version 365) starting – Thu Sep 8 09:14:23 2005
    Sep 8 09:14:24 Art-EMac09 kernel[0]: mig_table_max_displ = 70
    Sep 8 09:14:24 Art-EMac09 kernel[0]: 81 prelinked modules
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Copyright (c) 1982, 1986, 1989, 1991, 1993
    Sep 8 09:14:24 Art-EMac09 kernel[0]: The Regents of the University of California. All rights reserved.
    Sep 8 09:14:24 Art-EMac09 kernel[0]: using 655 buffer headers and 655 cluster IO buffer headers
    Sep 8 09:14:24 Art-EMac09 kernel[0]: FireWire (OHCI) Apple ID 31 built-in now active, GUID 001124ff fe31f506; max speed s400.
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Security auditing service present
    Sep 8 09:14:24 Art-EMac09 kernel[0]: BSM auditing present
    Sep 8 09:14:24 Art-EMac09 kernel[0]: disabled
    Sep 8 09:14:24 Art-EMac09 kernel[0]: rooting via boot-uuid from /chosen: 1393D10B-AEA7-3ED0-A415-589E15F8D2CC
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Waiting on IOProviderClassIOResourcesIOResourceMatchboot-uuid-media
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Got boot device = IOService:/MacRISC2PE/pci@f4000000/AppleMacRiscPCI/ata-6@D/AppleKauaiATA/ATADeviceNub@0/IOATABlockStorageDriver/IOATABlockStorageDevice/IOBlockStorageDriver/Maxtor 2F040L0 Media/IOApplePartitionScheme/Untitled@3
    Sep 8 09:14:24 Art-EMac09 kernel[0]: BSD root: disk0s3, major 14, minor 2
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Jettisoning kernel linker.
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Resetting IOCatalogue.
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 0
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
    Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
    Sep 8 09:14:24 Art-EMac09 kernel[0]: IPv6 packet filtering initialized, default to accept, logging disabled
    Sep 8 09:14:24 Art-EMac09 kernel[0]: UniNEnet: Ethernet address 00:11:24:31:f5:06
    Sep 8 09:14:24 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
    Sep 8 09:14:25 Art-EMac09 xinetd[57]: xinetd Version 2.3.11 started with libwrap options compiled in.
    Sep 8 09:14:25 Art-EMac09 xinetd[57]: Started working: 0 available services
    Sep 8 09:14:31 Art-EMac09 mDNSResponder: Adding browse domain local.
    Sep 8 09:14:33 Art-EMac09 configd[38]: AppleTalk startup complete
    Sep 8 09:14:35 Art-EMac09 kernel[0]: ATY,Merlin_A: vram [9c000000:02000000]
    Sep 8 09:14:36 Art-EMac09 kernel[0]: ATY,Merlin_B: vram [98000000:02000000]
    Sep 8 09:14:36 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
    Sep 8 09:14:36 Art-EMac09 configd[38]: target=enable-network: disabled
    Sep 8 09:14:37 Art-EMac09 loginwindow[169]: Login Window Started Security Agent
    Sep 8 09:14:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 8 09:14:38 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

    Sep 8 09:35:05 Art-EMac09 configd[38]: AppleTalk shutdown
    Sep 8 09:35:05 Art-EMac09 configd[38]: AppleTalk shutdown complete
    Sep 8 10:14:47 Art-EMac09 kernel[0]: System Sleep
    Sep 8 10:14:47 Art-EMac09 kernel[0]: System Wake
    Sep 8 10:14:47 Art-EMac09 kernel[0]: Wake event 0020
    Sep 8 10:14:47 Art-EMac09 kernel[0]: Sound assertion “0 != err” failed in “AppleLegacyAudio/AppleTexas2Audio/AppleTexas2Audio.cpp” at line 960 goto Exit
    Sep 8 10:14:47 Art-EMac09 kernel[0]: USB caused wake event (OHCI)
    Sep 8 10:14:48 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
    Sep 8 10:14:48 Art-EMac09 configd[38]: AppleTalk startup
    Sep 8 10:14:51 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/LDAPv3/192.168.3.200”) == -14002
    Sep 8 10:14:51 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    Sep 8 10:14:54 Art-EMac09 configd[38]: AppleTalk startup complete
    Sep 8 10:15:01 Art-EMac09 kernel[0]: netsmb_dev: loaded
    Sep 8 10:15:01 Art-EMac09 automount[188]: Can’t mount winserver.lindisfarne.hb.school.nz:/users on /private/Network/Servers/winserver.lindisfarne.hb.school.nz/users: Software caused connection abort (53)
    Sep 8 10:15:01 Art-EMac09 automount[188]: Attempt to mount /automount/Servers/winserver.lindisfarne.hb.school.nz/users returned 53 (Software caused connection abort)
    Sep 8 10:15:01 Art-EMac09 automount[121]: Can’t mount winserver.lindisfarne.hb.school.nz:/users on /private/Network/Servers/winserver.lindisfarne.hb.school.nz/users: Software caused connection abort (53)
    Sep 8 10:15:09 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

    Sep 8 10:15:20 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008

    September 8, 2005 at 3:22 am #363171
    jkonrad
    Participant

    Curious, are the home folders on a Windows Server or a Mac server? This is very similar to problems I’ve had using afp or smb shares for home folders on OS X 10.3.9 clients.

    My home sharepoints were created on an OS X server and I found that if I just had empty home shares that the users had full access to they could mount them after login, but they could not be used as a true home folder (with the disable local home switch in the AD plugin). I even found that if I took an old or local home folder and copied it the network share location and then chown ownership to the user it still would not work. I needed to make new home folders using the template home folder, and then copy all the old data to the new home. Then it acted like a true home folder and would mount during login and stop giving the “home folder is located smb/afp” message.

    The basic commands done on the OS X server were:

    sudo cp –r /System/Library/User Template/English.lproj /Volumes/SERVER/Home/username

    and then:

    sudo chown –R username /Volumes/SERVER/Home/username

    Oh, sorry, reading your logs suggest it is a windows server. Still it should be possible to copy the default home template to windows share points. The other guys helping you know way more, but I suspect that when you force the share to act like a Mac home folder it needs to have a certain set of folders inside with the proper permissions. Unlike windows, I don’t believe the Mac clients will create them if they are not present.

    September 21, 2005 at 3:50 pm #363327
    jkonrad
    Participant

    Rats! This now started happening to me!! I mean after everything was working just fine.

    I have AD and OD setup. The client machines work and are on 10.3.9. Yesturday all users logged in. Today many don’t. It seems random. I user will try. It will authenticate against AD, then present them with the OD group choice (if they belong to more than one group), then it will stop and give them the “unable to login at this time” error.

    A different user can then sit down at that very machine and log it without problem. I’ve tried re “chown” ing their home directory and no dice. I’m still digging, but what would cause this? How can I fix it?

    November 3, 2009 at 10:42 am #377435
    bezzoh
    Participant

    I’m getting some of these exact errors in the logs of some 10.4 iBooks which are authenticating against AD, but ‘trying’ to download managed preferences/MCX settings via Open Directory.

    In summary.. I recently rebuild OD on my 10.5 Server due to various corruptions and the fact that the guy that set it up left Kerberos running before making it an OD master and the whole thing wouldnt authenticate to AD at all. Anyway. Thats all fixed, and a bunch of 10.5 clients on a wired lan (same VLAN) and bound anonymously are all working fine and happily pulling down managed prefs without issue.

    However, my 10.4 iBooks running wirelessly on another VLAN will bind to OD, and I am obviously using the DIRADMIN account to authenticate to create a visible account in Workgroup Manager. However, thats where it all goes wrong. The client then kicks up a load of complaints as below

    /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
    /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“LDAPv3/10.40.149.2”) == -14002

    BSD/local shows as red in authentication & contents panes of directory access also, explaining the 14008, but this has to be present or it will not allow my AD users to log in due to using network home directories (it kicks off about them being on an SMB or AFP share).

    Anyway, I have deleted the contents of the Directory Service folder, and cleared the /config/mcx_cache in NetInfo Manager as I have been advised on various other forums, before rebooting and rebinding. All to no avail whatsoever, and the same log messages crop up time and time again.

    While I’m no network/wireless guru, could it be that the LDAPv3 port is not being allowed to communicate from the Wifi VLAN to the X-Serves, or is it just something stupid going on in 10.4 that I havent nailed yet???

    I’m desperate for a bit of help on this one, so all suggestions appreciated.

    November 3, 2009 at 10:46 am #377436
    bezzoh
    Participant

    Oh yeah, just realised inadvertantly that I’ve provided the solution to the original problem described, while asking for help myself…

    Add /BSD/Local to the authentication and contents search paths in directory access to fix the login problem.. :o) (even if it shows as red) and put it ABOVE active directory and LDAPv3.

    You will notice 10.5 does this automatically and you cant remove the option. 10.4 does not.

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2024 AFP548. All Rights Reserved.