[nigelkersten]

Definitely don’t use /etc/hosts as a bandaid for this problem, it will bite you at some point later.

sciron has it right. It’s nothing to do with case-sensitivity, your server simply has the incorrect hostname set for its IP, or incorrect IP for its hostname, depending upon which way you look at it.

[nigelkersten]

I’m not sure if this is related or not, but I found when deploying 10.4.7 Universal that I couldn’t just create a clean install on the same hardware and pull down the existing Kerberos service principals from the machine record.

Services just wouldn’t work correctly, no matter how I joined the Kerberos domain, and I just had to trash the server machine records, generate new service principals and pull those new ones down to the freshly installed servers.

As another data point, I’ve set up several Kerberos environments from scratch with 10.4.7 where the OD Master is not the DNS server. I’d be surprised to see such a specific bug… as a good DNS config is usually a good DNS config, no matter the platform it’s come from…

[nigelkersten]

Terry, I haven’t quite read your problem in as detailed a manner as I should, but have you tried dumping the memberd log file and/or resetting the memberd cache ?

I’ve found that useful in the past for working around Finder problems.

1) dump memberd logfile – “sudo memberd -l”
2) reset cache – “sudo memberd -c”
3) Try using the terminal to access the files if the Finder can’t. I’ve found that can sometimes nail down whether it is a Finder issue, or something deeper.

Another point is that I’ve also found sometimes to my annoyance that a full reboot of the server is required wrt AFPServer and ACLs. This was earlier in the 10.4.x days, but twice I ran into issues that were only resolved with a reboot, not a service restart.

[nigelkersten]

That’s definitely the case. You can turn off root login otherwise.

[nigelkersten]

Have a look at my post in this thread

The last one explains it.

[nigelkersten]

ok, after chatting to mactroll, he’s given me a solution.

If you don’t have any existing replicas, this will work fine. I imagine that if you do have existing replicas, you’d probably want to tear them down first.

trash the authserverreplica* files in /var/db/authserver (well really, you should probably back them up first)
kill -9 the PasswordService process.

It will start up again, and create the authserverreplica file, just listing the primary PWS itself as a replica.

Then I was able to create replicas happily enough.

[nigelkersten]

I’m running into this same problem at the moment, and the fix above doesn’t work.

I’m not sure why it would anyway, destroying and creating the Kerb config won’t touch the authserver config.

I don’t have authserverreplicas at all as a file, and I can’t seem to construct it by hand either…

[nigelkersten]

I suggest you’re better off simply following the out-of-the-box instructions for phpBB from the main site. It works happily on OS X Server.

I may not have time to have this done before the new year, but I’ve been working on the ldap authentication module for phpBB and am in the middle of putting together an article for afp548 that covers phpBB installation on OS X Server such that you authenticate against Open Directory instead.

It does work, I’m running it currently btw. Still auditing the module for potential security problems, but I think I’m almost done in that regard.

[Author]

Posts