[andrina]

I’d be more inclined to go to my backup netinfo database and see if that solves the issue you’re describing – have a read through one of the archived articles that Joel has done [url]https://www.afp548.com/Articles/system/netinfobackup.html[/url]

Cheers,
Andrina

[andrina]

That disk was available through the rest of the show, however, you may be able to get a copy now by contacting the conference team (e-mail addresses here – [url]http://www.macworldexpo.com/live/20/contactus[/url])

The MacworldEncore DVD has the added benefit of all the slide-decks + speaker comentary from each session laid out in a really nice format.

Cheers,
Andrina

[andrina]

Just to clarrify – have you removed the VPN server from the machine that’s running OD? Curious if it’s a combination of the two running on the same machine, or simply that the VPN server is querrying OD that causes the crash?

On your testing machine I’d set up a vanilla OD structure (i.e. only a few users, not an import of your OD) and set up VPN there also, and see if you can replicate the problem. It’s not a matter of incompatibility as there are several people I know running both services on one server.

Is VPN the only way to access this server – do you have SSH open, or any other ports open from your router/firewall into the server?

[andrina]

I had a very similar situation to this while ago – have you tried archiving the OD setup, demoting to standalone, repromoting your OD and bringing your archive of users back in?

Is this your only server running all these services? You may be better off splitting things up to at least a couple servers in the long run.

[andrina]

Did you get both mcx_caches – there may be two – one at the root of your Netinfo structure, the other in config.

[andrina]

If the data that is shared on your server is not a big issue, then certainly an overnight rsync would take care of that. The best plan for the OD is indeed to have the secondary machine running as a replica – this should be running all the time, not set up from the post-acq scripts.

Do note that you are going to have to write the IP Failover scripts to start the services when your secondary machine acquires the primary IP address – this isn’t an automatic function of IP Failover.

Cheers,
Andrina

[andrina]

Did you try the following on your server when it was misbehaving?
[code]mkpassdb -kerberize[/code]

[andrina]

How did you do your upgrade? Did you upgrade in place, or did you migrate your OD otherwise? If you upgraded in place you may find doing an archive of your OD, clean installing 10.4.x and then restoring the OD archive will rid you of your errors. Are you getting any more explanatory errors in your logs, or using CLI?

[andrina]

I’m not sure you really want to create a new database… Setting up Open Directory on OS X Server will have created the schema for you – the point of having a directory structure is to have one directory – in essence so you only have to change details in one location. If you’re simply looking to add user accounts, or contact information into your structure take a look at this script – https://www.afp548.com/filemgmt/index.php?id=31

Cheers,
Andrina

[andrina]

Perhaps I’m not understanding what you’re looking for, but changing the group so that the average user can’t see the share, or simply turning off sharing on that directory isn’t what you’re looking for?

[andrina]

Try using “which”

andrina@cactus_101: which perl                                                           
/usr/bin/perl

[andrina]

I assume that the shared folder is being mounted over AFP – or is this over NFS? Is there anything odd about the mount-point otherwise – anything bizarre or unexpected in /Volumes? Does the problem persist on the same machine for another user?

[andrina]

All of my servers (save for cluster nodes obviously) also use software mirroring for the boot drive – very happy with it.

(i feel like such a sheep…)

[andrina]

If you’re just looking something up, I don’t think you actually need the authentication in there at all – i.e.:

ldapsearch -x -b "dc=mydomain,dc=com" uid=someuser

[andrina]

What are you trying to kill exactly, and why? Is it something that can’t be killed due to being held up by another process?

[Author]

Posts