I had this problem too. Rebuilding my server was not an option. After trying many things I found the solution to the problem.
The problem is caused by an option in
Server Admin -> Open Directory -> Settings -> Policy -> Passwords
The option is “Password must be reset on first user login”
When this option is checked, it interferes badly with the part of Open Directory required to add a new computer to the network. Apparently, when you add a new computer of name XXX, it creates a new “user” in Open Directory of name XXX. When the new computer tries to bind to OpenDirectory on the server, it is denied access because it is “supposed” ot change its password. The clues of all this can be seen in the “Password Service Server Log” above.
Solution (work-around):
1. Un-check the option in question.
2. Delete the non-working binding from client and server.
2. Re-name your client machine and re-do the binding under the new name; reboot the client just before binding to be sure. Using a new name is necessary; the old name is stuck forever in a “need” to change its password on first login, even though you have un-checked the option in question.
Recent Comments