unable to login at this time (home folder) smb AFP

[TheMacKat]

I have bound to 2003 AD correctly and can login to AD from tiger with a local home folder enabled(altho it doesn’t mount the AD profile homefolder)but home folder can be mounted manually ,AD shares are accessible etc
AS soon as I disable local home I get login refusal
“you are unable to login to the user account at this time,,home folder is located smb/afp”
all digital signing is disabled
reading forums for days I suspect its more to do with guest access,keberos etc at login screen to the shares because access seems fine once user is logged in
All windows users work perfectly with the same home folders
don’t know enough about macs to understand logs and troubleshoot this,have even had Mac techs on site and they were unable to figure it out but i Need this and refuse to give up.Admitmac sounds brilliant but too dear

Any help please

[TheMacKat]

thanks for assisting,
tried logging at AD server,tested on win client “failures logged”
tested on mac empty logs

[AMSR]

What does the system.log say on your OSX client after you log in. Is it trying to mount your home? Also, what does the UNC path for the home folder look like in AD? It should be \\servername\sharename\homefolder. All folders that are parents of the home folder need at least list access for the person trying to access the home.

[TheMacKat]

UNC path in user profile is
\\servername\sharedvolumename\userhomefolder
users have fullcontrol over the sharevolume,they have read and list security access,they have full permissions for their home folders altho these arn’t individually shared,
have tried enabling guest access ,logging on with full admin account etc and all homefolders are accessible from “connect to server” using smb and afp

system log for mac with some automount errors at end

/System/Library/LoginPlugins/URLMountUIProxy.loginPlugin/Contents/Resources/UIProxyServer.app/Contents/MacOS/UIProxyServer: server: bootstrap_check_in(): 0x44c: Bootstrap not privileged

Sep 7 12:58:48 Art-EMac09 kernel[0]: AFPSleepWakeHandler: going to sleep
Sep 7 12:58:49 Art-EMac09 configd[38]: AppleTalk shutdown
Sep 7 12:58:49 Art-EMac09 configd[38]: AppleTalk shutdown complete
Sep 7 13:17:14 Art-EMac09 kernel[0]: System Sleep
Sep 7 13:17:14 Art-EMac09 kernel[0]: System Wake
Sep 7 13:17:14 Art-EMac09 kernel[0]: Wake event 0020
Sep 7 13:17:14 Art-EMac09 kernel[0]: Sound assertion “0 != err” failed in “AppleLegacyAudio/AppleTexas2Audio/AppleTexas2Audio.cpp” at line 960 goto Exit
Sep 7 13:17:14 Art-EMac09 kernel[0]: USB caused wake event (OHCI)
Sep 7 13:17:16 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
Sep 7 13:17:17 Art-EMac09 configd[38]: AppleTalk startup
Sep 7 13:17:17 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

Sep 7 13:17:20 Art-EMac09 kernel[0]: AFPSleepWakeHandler: waking up
Sep 7 13:17:23 Art-EMac09 configd[38]: AppleTalk startup complete
Sep 7 13:17:26 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 13:55:33 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 13:55:33 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
Sep 7 13:55:34 Art-EMac09 loginwindow[1380]: Login Window Started Security Agent
Sep 7 13:55:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 13:57:15 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 14:01:35 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 14:05:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 14:15:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 14:25:35 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 14:35:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 14:45:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 14:55:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:05:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:15:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:25:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:35:36 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:45:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 15:55:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 16:05:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 16:15:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 16:25:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 16:33:00 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 16:33:21 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
Sep 7 16:51:17 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 16:51:18 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
Sep 7 16:51:18 Art-EMac09 loginwindow[1547]: Login Window Started Security Agent
Sep 7 16:51:19 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 17:05:50 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 17:05:50 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
Sep 7 17:05:51 Art-EMac09 loginwindow[1582]: Login Window Started Security Agent
Sep 7 17:05:52 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 17:09:35 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 17:09:43 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 17:10:49 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 17:15:52 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 17:17:55 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 17:18:36 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
Sep 7 17:23:21 Art-EMac09 sudo: admin : TTY=ttyp1 ; PWD=/Users/admin ; USER=root ; COMMAND=/bin/bash
Sep 7 19:51:41 Art-EMac09 /System/Library/CoreServices/CCacheServer.app/Contents/MacOS/CCacheServer: Exiting: (os/kern) successful (0)
Sep 7 19:51:41 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
Sep 7 19:51:43 Art-EMac09 loginwindow[1794]: Login Window Started Security Agent
Sep 7 19:51:43 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 20:31:29 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 7 20:31:50 Art-EMac09 shutdown: halt by root:
Sep 7 20:31:51 Art-EMac09 SystemStarter[1831]: eTrust Antivirus (1834) did not complete successfully
Sep 7 20:31:51 Art-EMac09 SystemStarter[1831]: authentication service (1840) did not complete successfully
Sep 8 09:14:24 Art-EMac09 kernel[0]: standard timeslicing quantum is 10000 us
Sep 8 09:14:23 Art-EMac09 mDNSResponder-107 (Mar 20 2005 20: 31:47)[53]: starting
Sep 8 09:14:24 Art-EMac09 kernel[0]: vm_page_bootstrap: 61655 free pages
Sep 8 09:14:23 Art-EMac09 lookupd[61]: lookupd (version 365) starting – Thu Sep 8 09:14:23 2005
Sep 8 09:14:24 Art-EMac09 kernel[0]: mig_table_max_displ = 70
Sep 8 09:14:24 Art-EMac09 kernel[0]: 81 prelinked modules
Sep 8 09:14:24 Art-EMac09 kernel[0]: Copyright (c) 1982, 1986, 1989, 1991, 1993
Sep 8 09:14:24 Art-EMac09 kernel[0]: The Regents of the University of California. All rights reserved.
Sep 8 09:14:24 Art-EMac09 kernel[0]: using 655 buffer headers and 655 cluster IO buffer headers
Sep 8 09:14:24 Art-EMac09 kernel[0]: FireWire (OHCI) Apple ID 31 built-in now active, GUID 001124ff fe31f506; max speed s400.
Sep 8 09:14:24 Art-EMac09 kernel[0]: Security auditing service present
Sep 8 09:14:24 Art-EMac09 kernel[0]: BSM auditing present
Sep 8 09:14:24 Art-EMac09 kernel[0]: disabled
Sep 8 09:14:24 Art-EMac09 kernel[0]: rooting via boot-uuid from /chosen: 1393D10B-AEA7-3ED0-A415-589E15F8D2CC
Sep 8 09:14:24 Art-EMac09 kernel[0]: Waiting on IOProviderClassIOResourcesIOResourceMatchboot-uuid-media
Sep 8 09:14:24 Art-EMac09 kernel[0]: Got boot device = IOService:/MacRISC2PE/pci@f4000000/AppleMacRiscPCI/ata-6@D/AppleKauaiATA/ATADeviceNub@0/IOATABlockStorageDriver/IOATABlockStorageDevice/IOBlockStorageDriver/Maxtor 2F040L0 Media/IOApplePartitionScheme/Untitled@3
Sep 8 09:14:24 Art-EMac09 kernel[0]: BSD root: disk0s3, major 14, minor 2
Sep 8 09:14:24 Art-EMac09 kernel[0]: Jettisoning kernel linker.
Sep 8 09:14:24 Art-EMac09 kernel[0]: Resetting IOCatalogue.
Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 0
Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
Sep 8 09:14:24 Art-EMac09 kernel[0]: Matching service count = 1
Sep 8 09:14:24 Art-EMac09 kernel[0]: IPv6 packet filtering initialized, default to accept, logging disabled
Sep 8 09:14:24 Art-EMac09 kernel[0]: UniNEnet: Ethernet address 00:11:24:31:f5:06
Sep 8 09:14:24 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
Sep 8 09:14:25 Art-EMac09 xinetd[57]: xinetd Version 2.3.11 started with libwrap options compiled in.
Sep 8 09:14:25 Art-EMac09 xinetd[57]: Started working: 0 available services
Sep 8 09:14:31 Art-EMac09 mDNSResponder: Adding browse domain local.
Sep 8 09:14:33 Art-EMac09 configd[38]: AppleTalk startup complete
Sep 8 09:14:35 Art-EMac09 kernel[0]: ATY,Merlin_A: vram [9c000000:02000000]
Sep 8 09:14:36 Art-EMac09 kernel[0]: ATY,Merlin_B: vram [98000000:02000000]
Sep 8 09:14:36 Art-EMac09 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow: Login Window Application Started
Sep 8 09:14:36 Art-EMac09 configd[38]: target=enable-network: disabled
Sep 8 09:14:37 Art-EMac09 loginwindow[169]: Login Window Started Security Agent
Sep 8 09:14:37 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 8 09:14:38 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

Sep 8 09:35:05 Art-EMac09 configd[38]: AppleTalk shutdown
Sep 8 09:35:05 Art-EMac09 configd[38]: AppleTalk shutdown complete
Sep 8 10:14:47 Art-EMac09 kernel[0]: System Sleep
Sep 8 10:14:47 Art-EMac09 kernel[0]: System Wake
Sep 8 10:14:47 Art-EMac09 kernel[0]: Wake event 0020
Sep 8 10:14:47 Art-EMac09 kernel[0]: Sound assertion “0 != err” failed in “AppleLegacyAudio/AppleTexas2Audio/AppleTexas2Audio.cpp” at line 960 goto Exit
Sep 8 10:14:47 Art-EMac09 kernel[0]: USB caused wake event (OHCI)
Sep 8 10:14:48 Art-EMac09 kernel[0]: UniNEnet::monitorLinkStatus – Link is up at 100 Mbps – Full Duplex
Sep 8 10:14:48 Art-EMac09 configd[38]: AppleTalk startup
Sep 8 10:14:51 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/LDAPv3/192.168.3.200”) == -14002
Sep 8 10:14:51 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
Sep 8 10:14:54 Art-EMac09 configd[38]: AppleTalk startup complete
Sep 8 10:15:01 Art-EMac09 kernel[0]: netsmb_dev: loaded
Sep 8 10:15:01 Art-EMac09 automount[188]: Can’t mount winserver.lindisfarne.hb.school.nz:/users on /private/Network/Servers/winserver.lindisfarne.hb.school.nz/users: Software caused connection abort (53)
Sep 8 10:15:01 Art-EMac09 automount[188]: Attempt to mount /automount/Servers/winserver.lindisfarne.hb.school.nz/users returned 53 (Software caused connection abort)
Sep 8 10:15:01 Art-EMac09 automount[121]: Can’t mount winserver.lindisfarne.hb.school.nz:/users on /private/Network/Servers/winserver.lindisfarne.hb.school.nz/users: Software caused connection abort (53)
Sep 8 10:15:09 Art-EMac09 /sbin/kerberosautoconfig: Kerberos configuration not updated, cannot contact all nodes on search path

Sep 8 10:15:20 Art-EMac09 /System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008

[jkonrad]

Curious, are the home folders on a Windows Server or a Mac server? This is very similar to problems I’ve had using afp or smb shares for home folders on OS X 10.3.9 clients.

My home sharepoints were created on an OS X server and I found that if I just had empty home shares that the users had full access to they could mount them after login, but they could not be used as a true home folder (with the disable local home switch in the AD plugin). I even found that if I took an old or local home folder and copied it the network share location and then chown ownership to the user it still would not work. I needed to make new home folders using the template home folder, and then copy all the old data to the new home. Then it acted like a true home folder and would mount during login and stop giving the “home folder is located smb/afp” message.

The basic commands done on the OS X server were:

sudo cp –r /System/Library/User Template/English.lproj /Volumes/SERVER/Home/username

and then:

sudo chown –R username /Volumes/SERVER/Home/username

Oh, sorry, reading your logs suggest it is a windows server. Still it should be possible to copy the default home template to windows share points. The other guys helping you know way more, but I suspect that when you force the share to act like a Mac home folder it needs to have a certain set of folders inside with the proper permissions. Unlike windows, I don’t believe the Mac clients will create them if they are not present.

[jkonrad]

Rats! This now started happening to me!! I mean after everything was working just fine.

I have AD and OD setup. The client machines work and are on 10.3.9. Yesturday all users logged in. Today many don’t. It seems random. I user will try. It will authenticate against AD, then present them with the OD group choice (if they belong to more than one group), then it will stop and give them the “unable to login at this time” error.

A different user can then sit down at that very machine and log it without problem. I’ve tried re “chown” ing their home directory and no dice. I’m still digging, but what would cause this? How can I fix it?

[bezzoh]

I’m getting some of these exact errors in the logs of some 10.4 iBooks which are authenticating against AD, but ‘trying’ to download managed preferences/MCX settings via Open Directory.

In summary.. I recently rebuild OD on my 10.5 Server due to various corruptions and the fact that the guy that set it up left Kerberos running before making it an OD master and the whole thing wouldnt authenticate to AD at all. Anyway. Thats all fixed, and a bunch of 10.5 clients on a wired lan (same VLAN) and bound anonymously are all working fine and happily pulling down managed prefs without issue.

However, my 10.4 iBooks running wirelessly on another VLAN will bind to OD, and I am obviously using the DIRADMIN account to authenticate to create a visible account in Workgroup Manager. However, thats where it all goes wrong. The client then kicks up a load of complaints as below

/System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“/BSD/local”) == -14008
/System/Library/CoreServices/mcxd.app/Contents/MacOS/mcxd: DSOpenNode(): dsOpenDirNode(“LDAPv3/10.40.149.2”) == -14002

BSD/local shows as red in authentication & contents panes of directory access also, explaining the 14008, but this has to be present or it will not allow my AD users to log in due to using network home directories (it kicks off about them being on an SMB or AFP share).

Anyway, I have deleted the contents of the Directory Service folder, and cleared the /config/mcx_cache in NetInfo Manager as I have been advised on various other forums, before rebooting and rebinding. All to no avail whatsoever, and the same log messages crop up time and time again.

While I’m no network/wireless guru, could it be that the LDAPv3 port is not being allowed to communicate from the Wifi VLAN to the X-Serves, or is it just something stupid going on in 10.4 that I havent nailed yet???

I’m desperate for a bit of help on this one, so all suggestions appreciated.

[bezzoh]

Oh yeah, just realised inadvertantly that I’ve provided the solution to the original problem described, while asking for help myself…

Add /BSD/Local to the authentication and contents search paths in directory access to fix the login problem.. :o) (even if it shows as red) and put it ABOVE active directory and LDAPv3.

You will notice 10.5 does this automatically and you cant remove the option. 10.4 does not.

[Author]

Posts