Forum Replies Created
-
AuthorPosts
-
DrKdevParticipant@Tlarkin,.. All our client Macs are identical for OS (10.6.4). Differences are with the processor (2.93GHz versus 1.83GHz and/or Intel Core 2 Duo versus Intel Core Duo) – actually, here I’m comparing a problem-causing portable (mac6) to the successful ssh-ing mini (mac1).
:::: Are the Macs bound?
:::: DNS is something you must have
:::: working in order for services to function
:::: over the network[b]1. Answering your questions :[/b]
If you mean by [i]bound[/i], ‘bound to and OD server’, then yes: In Prefs>Accounts>Login I learn the following:[code]On Server2 (where we’re getting the double-mount):
Network Account Server: local server
Remember that server2 is the OD-replicaOn Mac6 (from which, if I ssh into server2 it causes a double-mount)
Network Account Server: server1.disney.chOn Mac1 (from which, if I ssh in server2.disney.ch no doublemount occurs, but ssh into Mickeymouse.local a doublemount occurs).
Network Account Server: server1.disney.ch[/code][b]2. How can I be sure DNS is correct?[/b]Is there a summary somewhere, for knowing all the points to check?
I already know to do [i]sudo changeip -checkhostname [/i]and that this should reveal identical values for current hostname and DNS hostname (in our case [b]the values differ[/b]).[code]admin@server1:~ > sudo changeip -checkhostname
Primary address = 128.178.123.45 (<---- correctly corresponds to our manual setting) Current HostName = Mickeymouse.local (<----we've set computer name to be Mickymouse in Prefs>Sharing)
DNS HostName = server2.epfl.chTo fix the hostname please run /usr/sbin/changeip for your system with the
appropriate directory with the following values
/usr/sbin/changeip 128.178.123.45 128.178.123.45 Mickeymouse.local server2.disney.ch
dirserv:success = “success”[/code][b]3. Finding a way to tell sshd to never mount[/b]I’m looking into this suggestion by @tlarkin.
Any docs on this somewhere, beyond the man-pages?
I found a 2002 article here: http://www.macwrite.com/critical-mass/secure-shell-logins-and-mac-os-x-part-1[b]4. Using a custom mount-point per user ?[/b]
If I can’t avoid the double-mount, what do you guys think of @TK’s solution to make a custom mount point per user?
http://discussions.apple.com/message.jspa?messageID=9991495&tstart=0
That would allow the double-mount to happen, but at a low-enough level so that the file-permission problems don’t matter.s.
DrKdevParticipantSorry to say this but,..
That ‘solution’ only seems to work under two conditions 🙁
1. when sshing from the newly installed laptop
2. when using a fully qualified hostname for the server (as opposed to Local name)When coming from an [b]older[/b] laptop [i]mac6[/i] (but still using the [i]user1[/i] account that had been successful from [i]mac9[/i]) ssh-ing into [i]server2[/i] still causes server2.disney.ch (the ODreplica) to RE-MOUNT /Volumes/team1/users whether or not the ssh-ing is to server2.disney.ch or to server2.local (causing us those file permission errors that lead off this thread).
When using the [b]new[/b] laptop [i]mac9[/i] (using that user1 account) ssh-ing into server2.disney.ch does [b]NOT[/b] cause any mount to happen (So the permissions on /Volumes/team1/users – which is inside the already mounted /Volumes/team1 – happily don’t change) and the user’s home directory (specified in the full path via WGM) is respected thanks to the manually installed symbolic link in /Network/Servers/server1.disney.ch/Volumes/team1/users–> /Volumes/team1 ).
BUT
When using that new laptop to ssh into server2.local, the server double-mounts (I called this afs-prejudice in a related posting – http://discussions.apple.com/thread.jspa?threadID=2483662&tstart=0 ).[b]Any new brainstorm thoughts @tlarkin,.. @macshome ?[/b]
shawn
p.s. Upgrading the server and clients to 10.6.4 + rebooting, didn’t resolve the issue.
DrKdevParticipant[b]I FOUND A SOLUTION[/b] (I’m so happy)[code]On server2, do the following:
1. comment-out the /Network/Servers line in /etc/auto_master
2. tell autofs to reread the config files: sudo automount -v
3. in /Network/Servers create the folder server1.disney.ch
4. in /Network/Servers/server1.disney.ch create the folder Volumes
5. in /Network/Servers/server1.disney.ch/Volumes create a symbolic link to /Volumes/team1[/code]So now, when user1 (who has a mobile account) ssh’s from mac1 into server2, he will be given his network home folder, as usual: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1
He’s given that because in WGM on server1 (where the afp server is autosharing the /Volumes/team1/users) has configured his home folder as follows:[code]CONFIGURATION 1
Server/sharepoint url: afp://server1.disney.ch/users
Path to home folder: user1
Full path: /Network/Servers/server1.epfl.ch/Volumes/team1/users/user1[/code]Since /Network/Servers is no longer managed by autofs, and the symbolic link (of step5) is in place, the home folder is correctly provided. 🙂 (I still want to know why autofs was failing to handle the /Network/Servers folder and am wondering if it’s related to our use of XSan).And since there is no actually mounting going on, the double-mount problem mentioned at the head of this thread isn’t happening either. 🙂
On the client machines, his mobile account means that he logs into /Users/user1. When he syncs his portable home directory (PHD + [i]’a synced subset of his network home folder and local home folder[/i]’ according to the 10.6 manuals) a temporary mount of /Volumes/users (from the afp sharepoint on server1) occurs during syncing.
OOF!
[b]@TLARKIN & @MACSHOME,.. When next you come to Switzerland, your free beer’s on me.[/b]
DrKdevParticipant[b]Oh my goodness.. what a brilliant idea…. for the servers :-))))[/b]
Actually… if they ssh from one clientmac to another, it’s normal (and it works) that they are given access to their network home. For example:[code]user1@mac1:~ > pwd
/Users/user1
user1@mac1:~ > ssh mac2
Password:
Last login: Thu Jun 24 16:14:09 2010 from mac1.disney.ch
user1@mac2:~ > pwd
/Network/Servers/server1.epfl.ch/Volumes/team1/users/user1user1@mac2:/Volumes > df -h
Filesystem Size Used Avail Use% Mounted on
/dev/disk0s2 298G 42G 256G 14% /
devfs 108K 108K 0 100% /dev
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2d00000e
6.9T 3.8T 3.2T 55% /Network/Servers/server1.disney.ch/Volumes/team1/users[/code]But YOU’RE RIGHT!
If I can find a way so that that sshing/logging into server2 sets their HOME to /Volumes/team1/users/user1 then everthing would work!
(Actually, equivalently.. if I could just somehow force /Network/Servers, on server2, to contain a symbolic link server1.epfl.ch–>/ that would do the trick too) 🙂I can feel success around the corner.
DrKdevParticipantOk.
Actually, that much *is* actually working for me.
As long as the users are only using the client macs, they can use the login-panels with their LDAP credentials.My problems start when we consider them ssh-ing or login-paneling into the file-server (server1) or computation-server (server2).
Thanks for all your help so far, btw.
shawn
DrKdevParticipantok. Cool.
So, on [i]xs106-b[/i] you have a hard disk mounted on [i]/Volumes/data_hd[/i] and in there you have [i]homes[/i].
You’ve created a sharepoint called [i]homes[/i] from [i]/Volumes/data_hd/homes[/i], guest-sharing automountable.I suspect that you do NOT also have a sharepoint called [i]/Volumes/data_hd[/i] like we do?
(maybe that’s my mistake).Are 11briric is able to ssh into xs106-b? Is his resulting HOME set to
1. /Users/11briric
2. /Network/Servers/xs106/b.kckps.org/Volumes/data_hd/homes/wyanadotte_2011/11briric
or
3. /Volumes/data_hd/homes/wznadotte_2011/11briricIf the answer is 1, or 2, then what happens when both [i]11briric[/i] and [i]11bob[/i] are ssh-d into [i]xs106-b[/i] at the same time. Do they both retain write access?
And if 11briric logs in via the login panel on xs106-b, what is their HOME? 1.,2.,or 3.?
Maybe it works for you because your sharepoint is called [i]homes[/i] and not [i]users[/i].
DrKdevParticipant[b]Could my problem be related to my sharepoint setup on Server1?[/b]
In ServerAdmin for server1 I have 3 sharepoints:[code]team1 – which is from /Volumes/team1 (Volumes/team1 is the disk mounted on /dev/disk7)
shared – which is from /Volumes/team1/shared
users – which is from /Volumes/team1/users[/code][b]So for ServerAdmin on server1[/b]
[i]team1[/i] is shared, it has neither guest access, nor automountable enabled. It’s mounted on both server1 and server2.
[i]shared[/i] has guest access enabled (we put all our shared pdfs and data files here) but not automount.
[i]users[/i] has guest access enabled AND is automountable
– the automount is configured to use /LDAPv3/127.0.0.1
– it’s marked as Use for: User home folders (saying that it should show up in /Network/Servers)
– in the protocol options under AFP I’ve enabled share this item using AFP, and allow AFP guest access
– in the protocol options under AFP we’ve set the custom AFP name to ‘users’
[b]
In ServerAdmin for server2[/b] I also have some sharepoints (none have automount enabled).
[i]Users[/i] (capital U) is shared via AFP. This is *not* the /dev/disk7 that is shared as ‘users’ from server1.
That Users folder contains the two local accounts of [i]Shared[/i], and [i]admin[/i] just like on server1.Then, as mentioned before, we have configured the user in WGM as follows:[code]share point url: afp://server1.disney.ch/users
path to home folder: user1
full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code][b]SHOULD I PERHAPS NOT BE SHARING[/b] /Volumes/team1/users and instead change /Volumes/team1 to have guest access (?!!) + automountable + ‘use for home directories’ (I don’t think so but…). In that case, our user WGM config would then look like this:[code]CONFIG2:
share point url: afp://server1.disney.ch/team1
path to home folder: users/user1
full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code]rather then the current config::[code]CONFIG1:
share point url: afp://server1.disney.ch/team1
path to home folder: user1
full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code]What do you guys think?[b]@TLARKIN,..[/b] in your screendump [url]http://i120.photobucket.com/albums/o189/tlarkin80/Picture6.png[/url] what does wyandotte_2011 represent? Is your username 11briric inside of a group of users called wzandotte_2011 ?? Your ‘homes’ corresponds to my ‘team1’ ? So we don’t have the equivalent of your wzandotte_2011?
DrKdevParticipantOne caveat..
Although I *can* ssh in Server1 with corrected behavior:[code]user1@mac123:~ > ssh server1
Password:
Last login: Thu Jun 24 08:25:22 2010 from mac123.disney.ch
user1@server1:~ > echo $HOME
/Network/Servers/server1.disney.ch/Volumes/team1/users/user1
user1@server1:~ > [/code]If I use the login pane on Server1, then I am proposed to make a mobile directory (which does succeed btw, in creating a folder for me in /Users/user1).[code]Create a mobile account with a portable home directory?
Cancel/Don’tCreate/CreateNow[/code]If I use the login pane on Server2, then I am told:[code]You are unable to log in to the user account “user1” at this time. Logging in to the account failed because an error occurred.
[/code]If I use the login pane on mac123, then I am successfully logged in,
and home syncing works fine:before home syncing:[code]user1@mac123:~ > echo $HOME
/Users/user1user1@mac123:~ > df -h
Filesystem Size Used Avail Use% Mounted on
/dev/disk0s2 112G 49G 63G 44% /
devfs 109K 109K 0 100% /dev
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2d000003
6.9T 3.8T 3.2T 55% /Network/Servers/server1.disney.ch/Volumes/team1/users[/code]during home syncing:
[code]user1@server1:~ > df -h
Filesystem Size Used Avail Use% Mounted on
/dev/disk0s2 112G 49G 63G 44% /
devfs 109K 109K 0 100% /dev
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2d000003
6.9T 3.8T 3.2T 55% /Network/Servers/server1.disney.ch/Volumes/team1/users
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2d000007
6.9T 3.8T 3.2T 55% /Volumes/users[/code]I’m really starting to believe that the correct configuration in WGM for user1 should indeed specify the full path NOT as /Network/Servers/server1.disney.ch/Volumes/team1/users/user1 but as /Volumes/team1/users/user1 even though this doesn’t concur with the documentation and causes the double-mount/permission-hell problem (under 10.6)(because under 10.5 *that* configuration worked).
did I say arghh?
DrKdevParticipantA user configured with [code]share point url: afp://server1.disney.ch/users
path to home folder: user1
full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code][b]can log into all machines correctly EXCEPT Server2[/b].On Server2, if coming in via ssh, [b]almost ok[/b]. The home directory is incorrectly set to /Network/Servers/server1.disney.ch/Volumes/team1/users/user1. I say incorrectly, because on that machine he should have his home in /Volumes/team1/users/user1 which is already directly mounted thanks to the /Volumes/team1 mounted on /dev/disk7 in which the users folder resides that contains the user1 folder. Since /Network/Servers does NOT contain any mention of server1… using a HOME of /Network/Servers/server1…etc. is bound to fail; It’s a broken path. 🙁
On Server2, if logging in via the login-pane, [b]no luck[/b]. Just a bit of wiggling, and then ‘user cannot log in’.. then back to the login pane.
On Server1, logging in via login-pane or ssh… [b]works perfectly[/b]. The home directory works because in /Networks/Servers there is a symbolic link of server1.disney.ch–>/ so since the home directory is afp://server1.disney.ch/Volumes/team1/users/user I imagine that that symbolic link is allowing the user to reach his folder in users/user1. I don’t know how that symbolic got there.. but I really wish I could put the same symbolic link into /Network/Servers on Server2. But I can’t see how to get server1.disney.ch–>/ into /Network/Servers on Server2 🙁
On client macs, logging in via login-pane or ssh [b]works perfectly[/b]. Since the user has a mobile directory his home directory is set to /Users/user1 which is home-synced at appropriate times (and the syncing works!). I’ve noticed that when syncing is happening, there is a temporary afp mount on /Volumes/users which goes away after the sync is done. I’ve also noticed that in /Network/Servers there is a server1.disney.ch folder in which there is a Volumes and then team1 and then users folder.
Maybe this helps:
[code]user1@server1:/ > df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk4 155954976 76156512 79542464 49% /
devfs 190 190 0 100% /dev
/dev/disk7 7324196864 3973110448 3351086416 55% /Volumes/team1[/code]That /dev/disk7 drive is ALSO mounted locally on server2[code]user1@server2:~ > df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk3 155954976 45679440 110019536 30% /
devfs 191 191 0 100% /dev
/dev/disk7 7324196864 3973110416 3351086448 55% /Volumes/team1[/code]I get slightly greater success if I change the configuration of the user1 account as follows:[code]share point url: afp://server1.disney.ch/users
path to home folder: user1
full path: /Volumes/team1/users/user1[/code] but this causes the file-permission problems mentioned by JKaplan at the top of this thread.That is,
BEFORE logging user1 into server2 df shows this:[code]admin@server2:~ > df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk3 155954976 45679440 110019536 30% /
devfs 191 191 0 100% /dev
/dev/disk7 7324196864 3973110416 3351086448 55% /Volumes/team1
[/code]And AFTER logging user1 into server2 with this alternate configuration,..[code]user1@server2:/Volumes/team1 > df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk3 155954976 45679264 110019712 30% /
devfs 192 192 0 100% /dev
/dev/disk7 7324196864 3973122368 3351074496 55% /Volumes/team1
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2e000006
7324196864 3973122288 3351074576 55% /Volumes/team1/users[/code]See how, with this configuration, a new mount is made on /Volumes/team1/users over-top of the existing users folder in /Volumes/team1? This means that all the other users that are logged in lose their write access, because user1 now ‘owns the mount’. And that is why this thread was originally about preventing that double-mounting.DrKdevParticipant[b]@MACSHOME,..[/b]
Thanks for the mnthome suggestion, dude!.. but still no joy 🙁 [code]user1@mac123:~ > ssh server2
Last login: Tue Jun 22 19:15:45 2010 from mac123.disney.ch
Could not chdir to home directory /Network/Servers/server1.disney.ch/Volumes/team1/users/user1: No such file or directory
Server2:/ user1$ mnthome
This is not a valid AFP volume ( fsctl or statfs returned 22 errno = 2, No such file or directory)
Password:
Error: Mount failed with error 45 Operation not supported[/code]The man-pages for mnthome don’t shed much light,.. but I did double-check that ServerAdmin shows /Volumes/team1/users protocol-options [i]allow AFP guest access[/i] from Server1. Actually, I think this error message is correct, because the user1 home directory was NOT mounted (in /Network/Servers…etc.) so this mightn’t be a permissions problem. I just wish the system would realize that the user’s home directory *is* already accessible (via /Volumes/team1/users/user1)(and not /Network/Servers…etc.). [code]Server2:/ user1$ set | grep HOME
HOME=/Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code]It would be so much nicer if HOME was HOME=/Volumes/team1/users/user1 ?? Can’t I just force that somewhere, based on if he’s logged into server2? (but clearly I shouldn’t configure it in WGM full-path for the user ’cause that causes the double-mount issue described by @JKaplan at the top of this thread).[b]@TLARKIN,..[/b] (your continued involvement in this question continues to amaze me, as does the SIZE your network… wow.. one day I hope to be near your shoes LOL.
We have 4 Xserves and above 15 mac clients, all running OD. 1 OD Master.
By [i]Tier 1 replica[/i], are you talking about an OpenDirectory replica?.. In that case, I guess we have 1 replica (server2).
Server1 is our file server (afp) but those files are also mounted directly on server2.
Kerberos is running for us too 🙂 But all *our* home folders are in one place on server1 (but mounted on all the Xserves).
We’re running portable home directories for all users (At least I think so… It seems that in 10.6.4 these are just called ‘mobile accounts’ as in WGM/Preferences/Mobility I’ve enabled the [i]Create mobile account when user logs in to network account[/i]. Any user can log into any machine on our network.I believe that I have DNS running correctly as pinging with hostnames works fine.
Our servers (and all clients) *are* in OD. Server1 is the master, and server2 is the OD-replica.
I don’t know much about what the kerberos ticketing is doing, or should be doing so that I’m [i]golden[/i], so I guess I should be reading docs in that direction to gain insight (sorry for my noobness again).The /Volumes/team1/users sharepoint on server1 was *not* owned by root (it was owned by one of the users… I’ve changed it now and am watching what happens). All home folders in /Volumes/team1/users are indeed owned by their user.
So I guess I’ve wrung you dry of ideas, eh? 🙁 🙁
Could you point me at two useful information sources…
1. Beyond successful pinging and ssh-ing, how can I be sure my DNS is working as it should? Tuts,. Logs,.. etc.
2. Where might I be going (Tutorials and Logs) to be sure we’re kerberosing as we should?
3. Anything else that comes to mind… (my best ideas hit me when I’m in the shower btw).shawn
p.s.
Since, on server2, the only problem seems to be that /Network/Servers/server1.disney.ch/Volumes/team1/users doesn’t exist..
and Since /Network/Servers seems related to ‘mount -fstab’ … [code]Server2:/ user1$ df
Filesystem 512-blocks Used Available Capacity Mounted on
/dev/disk3 311909952 93142704 218255248 30% /
devfs 383 383 0 100% /dev
/dev/disk4s2 311909984 198016 311711968 1% /Volumes/scratch
map -hosts 0 0 0 100% /net
map auto_home 0 0 0 100% /home
map -fstab 0 0 0 100% /Network/Servers
/dev/disk7 14648393728 7953233088 6695160640 55% /Volumes/team1[/code] I guess I should be looking at the arcane mysteries of fstab.. to force a server1 to appear in /Network/Servers/ on server2 arghhh!DrKdevParticipantHiya… thanks for not giving up on me!
Here’s the low-down with my current understanding/config:Logging into a client computer mac123 (either via login panel or ssh) works great 🙂
SSH-ing into Server1 from mac123 works great 🙂
SSH-ing into Server2 causes a major heart-wrenching catostrophe and general wailing :-(.[i]This seems to be because the afp mount of the home directory (afp://server1.disney.ch/users) is not happening.
Why not?! Arghh![/i]Watch the conflagration:
[code]user1@mac123:~ > ssh server2
Last login: Mon Jun 21 18:14:58 2010 from mac123.disney.ch
Could not chdir to home directory /Network/Servers/server1.disney.ch/Volumes/team1/users/user1: No such file or directory
Server2:/ user1$ [/code]The above problem occurs when I’ve configured WGM for the user1 like this:
[code]share point url: afp://server1.disney.ch/users
path to home folder: user1
full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code]I can see why I’m told the chdir to home directory failed on server2,..
[code]Server2:/ user1$ cd /Network/Servers
Server2:Servers user1$ ls -lag
total 6
dr-xr-xr-x 3 wheel 4 May 26 11:42 .
drwxr-xr-x@ 3 wheel 102 May 26 11:42 ..
lr-xr-xr-x 1 team1 1 Jun 22 18:15 Server2 -> /
lr-xr-xr-x 1 team1 1 Jun 22 18:15 Server2.local -> /
Server2:Servers user1$ [/code]You can see that Server1 (nor server1.disney.ch) is nowhere to be seen. ARGHH.
Whereas ssh-ing into server1 works without raising any eyebrows:[code]user1@server1:/ > cd /Network/Servers
user1@server1:/Network/Servers > ls -lag
total 3
dr-xr-xr-x 2 wheel 2 Jun 3 18:47 .
drwxr-xr-x 3 wheel 102 Jun 3 18:47 ..
lr-xr-xr-x 1 arve 1 Jun 22 18:18 server1 -> /
lr-xr-xr-x 1 wheel 1 Jun 22 18:17 server1.disney.ch -> /
user1@server1:/Network/Servers > [/code]Keep in mind that we are offering user1 a mobile home directory, served from the afp automount point afp://server1.disney.ch/users which, on server1, is actually /Volumes/team1/users. That actual disk (XRaid XSan) is ALSO directly mounted on Server2 (thank-you fibre channel); It’s mounted on /Volumes/users.[b]At the time of the original posting at the top of this thread, we had configured (via WGM) the user differently:[/b][code]share point url: afp://server1.disney.ch/users
path to home folder: user1
full path: /Volumes/team1/users/user1[/code]Under such a configuration, ssh-ing into Server1 succeeds, ssh-ing/loginpanel-ing into mac123 succeeds,
and even ssh-ing into Server2 succeeds (!!!).However, under this configuration, when user1 ssh’es into Server2 [b]ALL OTHER USERS LOSE WRITE ACCESS[/b].
This is because, under such a configuration, Server2 mounts /Volumes/team1/users despite the fact that /Volumes/team1 is already mounted (this is why our original problem is called a double-mount problem).
Look:Everything is hunky-dory before user1 logs in…
[code]admin@server2:~ > df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk3 155954976 45690688 110008288 30% /
devfs 190 190 0 100% /dev
/dev/disk7 7324196864 3976125808 3348071056 55% /Volumes/team1[/code] but AFTER user1 logs in we get this:
[code]user1@server2:~ > df
/dev/disk3 155954976 45691372 110007604 30% /
devfs 190 190 0 100% /dev
/dev/disk7 7324196864 3976135456 3348061408 55% /Volumes/team1
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2e00000b
7324196864 3976135456 3348061408 55% /Volumes/team1/usersadmin@server2:~ > mount
/dev/disk3 on / (hfs, local, journaled)
devfs on /dev (devfs, local, nobrowse)
map -hosts on /net (autofs, nosuid, automounted, nobrowse)
map auto_home on /home (autofs, automounted, nobrowse)
map -fstab on /Network/Servers (autofs, automounted, nobrowse)
/dev/disk7 on /Volumes/team1 (acfs, local)
afp_4CklDY4dyApk4Cs3qI0ykk2M-1.2e00000c on /Volumes/team1/users (afpfs, nodev, nosuid, automounted, nobrowse, mounted by user1)[/code]Since /Volumes/team1/users1 is now ‘owned’ by user1, the other users (user2, user3 etc.) [b]lose write-access[/b] 🙁 until user1 logs out and the mount on /Volumes/team1/users disappears.My ‘solution’ is to properly configure the full path of the user to
[code]full path: /Network/Servers/server1.disney.ch/Volumes/team1/users/user1[/code]But doing so, provokes a [i]Could not chdir to home directory[/i] when user1 logs into Server2.
🙁thanks for reading.
/shawnDrKdevParticipantsorry for my noobness…
[b]1. Added manually into WGM ??[/b]
I don’t know how-to-know if the [i]replica servers[/i] (do you mean OD replica?) are added [i]manually[/i] into WGM 🙁 . And I wouldn’t know what to do with that knowledge. 🙁 Certainly in WGM we’ve manually added each client machine into a computer group (‘laptops’).
[b]2. Bound to the OD Master ??[/b]
Server2 DirectoryUtility (Preferences>Accounts>Login>Edit with 10.6.4) reveals the following:
[code]Active Directory is not checked.
BSD Flat Files andNIS is checked but grey
LDAPv3 (6.3) is checked, and specifies 127.0.0.1 as OpenDirectoryServer !!!!
Local is checked
Search base suffix: dc=server1,dc=disney,dc=ch[/code] So Server2 is perhaps not bound to the OD master (Server1) but IS bound to the replica (himself/Server2).
Is this wrong? Should I change it?[i]recall that,[/i]
Server1 (OD master), is where home folders are being afp-shared and home folders are automountable from.
Server2 (OD replica), where the [i]/Network/Servers/server1.disney.ch/users/[/i] mount is not happening (if I specify a full path home of [i]/Network/Servers/server1.disney.ch/users/user1[/i] ) or alternatively where [i]/Volumes/team1/users[/i] is double-mounting (see @jkaplan’s post at the top of this thread) if/when we specify the full path home using [i]/Volumes/team1/users/user1[/i] (which I believe to be incorrect btw).btw,
on the Mac123 where all works fine,
[code]Active Directory is not checked.
BSD Flat Files andNIS is checked but grey
LDAPv3 (6.4) is checked, and specifies Server1 as OpenDirectoryServer 🙂
Local is checked
Search base suffix: dc=server1,dc=disney,dc=ch[/code][b]3. full path & share point[/b]
Yes, I have configured this like your example.
Our top line is: [i]afp://server1.disney.ch/users[/i] which is the share point.
The 2nd line is: user1
The 3rd line is: /Network/Servers/server1.disney.ch/Volumes/team1/users/user14. Is the full path info CACHED somehow and does this cause problems?
When I’d updated the user’s home [i]full path[/i] from the old bad (??) value (but it worked nonetheless) of /Volumes/team1/users/user1 to the new good (??)(but it fails on Server2) of /Network/Servers/server1.disney.ch/users/user1, Mac123 didn’t know this until I rebooted it. Although I have NOT rebooted server2, it seems that full path *is* immediately used because ssh-ing in causes the error message about[i] No such file or directory[/i]. I don’ know if that helps.Thanks again for your hand-holding. I’m hoping to repay the favour!
/shawn
DrKdevParticipant@tlarkin,.. You’re a PHD/mobile-home god. 🙂 thanks for the suggestion!
Did you really mean /Network/Servers/mycompanmy.com/Volumes/data_hd/homefolder/username or did you intend /Network/Servers/mycompanmy.com/homefolder/username (the sharepoint is homefolder)?
When I try to set the home directory to /Network/Servers/server1.disney.ch/Volumes/team1/users/user1 it works poifectly on server1 and on my client macs,.. but not at all, on server2 🙁
[code]user1@mac123:~ > ssh server2
Could not chdir to home directory /Network/Servers/server1.disney.ch/Volumes/team1/users/user1: No such file or directory
server2:/ user1$
[/code]Indeed,.. on server2, server1 isn’t mentioned in /Network/Servers 🙁
[code]server2:/ user1$ cd /Network/Servers
server2:Servers user1$ ls
server2 server2.local
server2:/ user1$[/code](we are mounting the external drive onto /Volumes/team1 of server1 and in that we have a users folder populated with user1 user2 user3 etc… for the home folders. We have the following sharepoints:
team1 /Volumes/team1
users /Volumes/team1/users
Remember that that same drive is mounted on server2 (it’s an XRaid XSan fibrechannel).I would have thought that a working value for the home would be, /Network/Servers/server1.disney.ch/users/user1 (since the sharepoint is called ‘users’ on server1)… but that gives no joy either 🙁
Any other ideas?
Thank-you for your help!
/shawnp.s. It’s weird elsewhere too. On the client mac (after reboot), once I’ve logged into the user1 account (a mobile account with phd) a df reveals that /Network/Servers/server1.disney.ch/Volumes/team1/users is mounted (by user1). When I ‘Sync home now’ a temporarily reveals a mount of /Volumes/users (on afp_4CklDYblahblahblah-1.2d00005). SSH-ing into server1 still works fine. SSH-ing into server2 still says no such file or directory (and /Network/Servers still doesn’t get populated with anything mentioning server1 🙁
ps.2. Why isn’t /Network/Servers/server1.disney.ch/Volumes/team1/users appearing/mounting on server2 when it does so on mac1, mac2, etc. I can understand that it doesn’t mount on server1 because, no doubt, the server recognizes that it’s a local drive and so just creates a link. But server2?
DrKdevParticipantYes, logging in as user on the server itself have been fixed in 10.6.
I wasn’t aware of this eventuality, and so make mobility preferences on a per-user basis (for one user.. me.. for testing). Logging into client worked correctly (created the local instance of the user account) and ssh-ing into the server (hmmm… ssh-ing.. not logging into via the login panel… perhaps that’s why I got lucky?) went fine.cheers.
shawnDrKdevParticipantMany years later, I know,.. but did your experience ever show your idea to have been bad?
We have an AFP server on Server1 and another on Server2 (a compute server) hooked into a RAID based XSAN for the users directory. I’ve got server1 allowing automounting so that mobile accounts (portable home directories) work on the client machines.
Everything is hunky-dory EXCEPT when a user tries to log into Server2. At that point, Server2 tries to mount the already-mounted /Volumes/team1/users folder (it’s already mounted on /Volumes/team1 go figure). This doesn’t cause user1 any problem… because he owns the mount-point. But all other users logged into the compute server lose their access to their files (the mount point is owned by user1 until he logs out).
Did you run into this?
What did you do?A more succinct description of the problem is here:
https://www.afp548.com/forum/viewtopic.php?showtopic=26009 -
AuthorPosts
Recent Comments