david.stodolsky
Registered
I tried to follow the Apple manuals, turning on only what was needed - DNS, Mail, Web, Open Dir., and finally iCal. When I got to turning on the Wiki, it said I need Open Dir., so I turned that on and configed it. I am unable to add a local dir. account to a LDAP Group, even though I was able to do that before. The accounts I do add don't work on the web, even though they are fine for mail. Also, at an earlier time, OD showed all accounts, even he ones on my client. I can't select the Search Policy in WM, even thought I can authenticate both the Local and LDAP dirs (This eventually stopped, the earlier time). I see two types of problem when I try to authenticate to the Group web page. In some cases, the login box wobbles as usual, but one time (and once in the earlier case) I saw it just stay still and clear the password. Again I have the accounts going offline problem in Mail mentioned just below. See the logs below.
I tried to follow some of this earlier, but I got some funny errors :
<http://www.afp548.com/filemgmt_data/files/Leopard%20Server%20Quickstart%20Guide.pdf>
As reported:
I set up a share point, enabled Automount (use home folders in LDAP dir.), and then created some homes with with WGM (this worked). Then I added an application preference at /System/Library/CoreServices and selected Folder Redirection.
I checked that the client was bound to the Server, but when I try to boot all I got is a flashing globe and a lot of fan activity. Did I miss something in the steps above?
(looked different on different clients
I set up two test IMAP accounts on 10.5 Server, the only difference is that one uses MD-5 and the other Kerberos for authentication (not sure why). They are set to store all mail on the Server, but to download mails and attachments.
The odd thing is that only the Inboxes appear in Mail where they should be on the 10.5 client. The Trash has one of the account's mailboxes, but Junk, Sent Messages, and Drafts appear under "On this Mac". The Drafts folder has nothing in it.
The only other odd thing is that sometime Mail shows accounts on another server as being offline, when the are online. Syncing with that Server makes the problem go away.
As far as I can see the new test accounts are set up just like the old ones. Could this be a Server side problem, or must it be something on the client?
dss
Server Admin:
Open Dir, Config Log:
Contacting the Directory Server
Authenticating to the Directory Server
Creating Kerberos directory
Creating KDC Config File
Creating Admin ACL File
Creating Kerberos Master Key
Creating Kerberos Database
Creating Kerberos Admin user
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
Adding kerberos auth authority to admin user
Creating keytab for the admin tools
Adding KDC & kadmind to launchd
Adding the new KDC into the KerberosClient config record
Finished
2008-03-16 12:57:55 +0100 - command: /usr/sbin/sso_util configure -x -r SECUREID.NET -f /LDAPv3/127.0.0.1 -a diradmin -p **** -v 1 all
2008-03-16 12:57:55 +0100 - sso_util command output:
Contacting the directory server
Creating the service list
Creating the service principals
WARNING: no policy specified for cifs/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ldap/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for xgrid/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for vpn/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ipp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for xmpp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for XMPP/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for host/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for smtp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for nfs/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for http/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for HTTP/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for pop/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for imap/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ftp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for afpserver/secureid.net@SECUREID.NET; defaulting to no policy
Creating the keytab file
kadmin.local: No entry for principal cifs/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ldap/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal xgrid/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal vpn/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ipp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal xmpp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal XMPP/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal host/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal smtp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal nfs/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal http/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal HTTP/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal pop/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal imap/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ftp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal afpserver/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
Configuring services
WriteSetupFile: setup file path = /temp.iAJ8/setup
2008-03-16 12:57:55 +0100 - command: /sbin/kerberosautoconfig -f /LDAPv3/127.0.0.1 -u -v 1
2008-03-16 12:57:55 +0100 - command: /usr/sbin/mkpassdb -kerberize
2008-03-16 12:57:56 +0100 - mkpassdb command output:
WARNING: no policy specified for secureid.net$@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for root@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "diradmin@SECUREID.NET".
WARNING: no policy specified for secureid.net$@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "secureid.net$@SECUREID.NET".
WARNING: no policy specified for root@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "root@SECUREID.NET".
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "diradmin@SECUREID.NET".
2008-03-16 12:57:56 +0100 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 12:57:56 +0100 - command: /usr/sbin/vpnaddkeyagentuser -q /LDAPv3/127.0.0.1
2008-03-16 12:57:56 +0100 - slapconfig -selfwrite
2008-03-16 12:57:56 +0100 - slapconfig -setldapconfig
2008-03-16 12:57:56 +0100 - command: /usr/sbin/mkpassdb -setreplicationinterval 300 SyncDefault
2008-03-16 12:57:56 +0100 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 12:59:24 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 12:59:24 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 13:00:38 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 13:00:38 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 13:00:38 +0100 - slapconfig -selfwrite
2008-03-16 15:27:18 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 15:27:18 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 15:27:18 +0100 - slapconfig -selfwrite
Secure Log:
Mar 16 13:00:00 secureid newsyslog[9396]: logfile turned over due to size>100K
Mar 16 14:53:53 secureid /usr/sbin/PasswordService[9241]: client response doesn't match what we generated
Mar 16 15:11:48 secureid shutdown[10998]: reboot by hostmaster:
Mar 16 15:12:22 secureid com.apple.SecurityServer[36]: Entering service
Mar 16 15:12:46 secureid com.apple.SecurityServer[36]: Succeeded authorizing right config.modify.com.apple.CoreRAID.admin by client /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer for authorization created by /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer.
Mar 16 15:13:19 secureid loginwindow[64]: Login Window Started Security Agent
Mar 16 15:13:25 secureid SecurityAgent[172]: Showing Login Window
Mar 16 15:13:56 secureid SecurityAgent[172]: User info context values set
Mar 16 15:13:57 secureid SecurityAgent[172]: Login Window done
Mar 16 15:13:57 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.login.console by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 15:13:57 secureid loginwindow[64]: Login Window - Returned from Security Agent
Mar 16 15:13:58 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.login.done by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 15:51:46 secureid /usr/sbin/PasswordService[62]: client response doesn't match what we generated
Mar 16 16:23:20 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.burn by client /Applications/Utilities/Disk Utility.app for authorization created by /Applications/Utilities/Disk Utility.app.
Mar 16 16:29:46 secureid shutdown[1300]: reboot by hostmaster:
Mar 16 16:30:09 localhost com.apple.SecurityServer[35]: Entering service
Mar 16 16:30:14 secureid com.apple.SecurityServer[35]: Succeeded authorizing right config.modify.com.apple.CoreRAID.admin by client /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer for authorization created by /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer.
Mar 16 16:30:51 secureid loginwindow[64]: Login Window Started Security Agent
Mar 16 16:30:58 secureid SecurityAgent[192]: Showing Login Window
Mar 16 16:31:31 secureid SecurityAgent[192]: User info context values set
Mar 16 16:31:32 secureid SecurityAgent[192]: Login Window done
Mar 16 16:31:32 secureid com.apple.SecurityServer[35]: Succeeded authorizing right system.login.console by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 16:31:32 secureid loginwindow[64]: Login Window - Returned from Security Agent
Mar 16 16:31:33 secureid com.apple.SecurityServer[35]: Succeeded authorizing right system.login.done by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
System Log:
Mar 16 18:00:00 secureid com.apple.launchd[1] (0x10f740.cron[1274]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:01:30 secureid ctl_cyrusdb[1306]: checkpointing cyrus databases
Mar 16 18:01:30 secureid ctl_cyrusdb[1306]: done checkpointing cyrus databases
Mar 16 18:05:00 secureid com.apple.launchd[1] (0x10f740.cron[1344]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:10:00 secureid com.apple.launchd[1] (0x10f740.cron[1402]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:15:00 secureid com.apple.launchd[1] (0x10f740.cron[1468]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:15:08 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:08 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:20:00 secureid com.apple.launchd[1] (0x10f740.cron[1532]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:25:00 secureid com.apple.launchd[1] (0x10f740.cron[1608]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:27:14 secureid Unknown[30]: Client application bug: DNSServiceResolve(ae._airport._tcp.local.) active for over two minutes. This places considerable burden on the network.
Mar 16 18:28:03 secureid imap[1645]: TLS server engine: cannot load CA data
Mar 16 18:28:03 secureid imap[1645]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:28:03 secureid imap[1645]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
Mar 16 18:28:03 secureid imap[1645]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:28:03 secureid imap[1645]: skiplist: recovered /var/imap/user/d/dss.seen (3 records, 5948 bytes) in 0 seconds
Mar 16 18:28:03 secureid imap[1648]: TLS server engine: cannot load CA data
Mar 16 18:28:03 secureid imap[1648]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:28:03 secureid imap[1648]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:28:03 secureid imap[1648]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:00 secureid com.apple.launchd[1] (0x10e9e0.cron[1675]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:30:13 secureid imap[1696]: TLS server engine: cannot load CA data
Mar 16 18:30:13 secureid imap[1696]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:30:13 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:13 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:13 secureid imap[1699]: TLS server engine: cannot load CA data
Mar 16 18:30:13 secureid imap[1699]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:30:13 secureid imap[1699]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:13 secureid imap[1699]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1699]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1699]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1648]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1648]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1645]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1645]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:31:30 secureid ctl_cyrusdb[1716]: checkpointing cyrus databases
Mar 16 18:31:30 secureid ctl_cyrusdb[1716]: done checkpointing cyrus databases
Mar 16 18:33:22 secureid imap[1749]: TLS server engine: cannot load CA data
Mar 16 18:33:22 secureid imap[1749]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:22 secureid imap[1749]: STARTTLS negotiation failed: [10.0.1.200]
Mar 16 18:33:30: --- last message repeated 1 time ---
Mar 16 18:33:30 secureid imap[1749]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
Mar 16 18:33:30 secureid imap[1749]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1753]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1753]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1753]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1753]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1754]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1754]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1754]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1754]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1749]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1749]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1756]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1756]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1756]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1756]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:35:00 secureid com.apple.launchd[1] (0x10ebe0.cron[1777]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:40:00 secureid com.apple.launchd[1] (0x10ebe0.cron[1848]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:45:00 secureid com.apple.launchd[1] (0x10ebf0.cron[1931]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:50:00 secureid com.apple.launchd[1] (0x10ebf0.cron[2030]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:55:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2110]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:00:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2184]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:01:30 secureid ctl_cyrusdb[2217]: checkpointing cyrus databases
Mar 16 19:01:30 secureid ctl_cyrusdb[2217]: done checkpointing cyrus databases
Mar 16 19:03:54 secureid imap[1753]: idle for too long, closing connection
Mar 16 19:05:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2270]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:08:48 secureid Python[53]: CGImageSourceCreateWithData data parameter is nil
Mar 16 19:08:48 secureid com.apple.wikid[53]: Sun Mar 16 19:08:48 secureid.net Python[53] <Error>: CGImageSourceCreateWithData data parameter is nil\n
Mar 16 19:08:48 secureid Python[53]: CGImageSourceCreateWithData data parameter is nil
Mar 16 19:08:48 secureid com.apple.wikid[53]: Sun Mar 16 19:08:48 secureid.net Python[53] <Error>: CGImageSourceCreateWithData data parameter is nil\n
Mar 16 19:10:00 secureid com.apple.launchd[1] (0x10eae0.cron[2345]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:11:23 secureid imap[1756]: idle for too long, closing connection
Mar 16 19:15:00 secureid com.apple.launchd[1] (0x10e9e0.cron[2446]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:20:00 secureid com.apple.launchd[1] (0x10eae0.cron[2505]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:21:48 secureid imap[1754]: idle for too long, closing connection
Mar 16 19:25:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2564]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:25:08 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:08 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:30:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2598]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:31:30 secureid ctl_cyrusdb[2615]: checkpointing cyrus databases
Mar 16 19:31:31 secureid ctl_cyrusdb[2615]: done checkpointing cyrus databases
Mar 16 19:35:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2629]): Could not setup Mach task special port 9: (os/kern) no access
I tried to follow some of this earlier, but I got some funny errors :
<http://www.afp548.com/filemgmt_data/files/Leopard%20Server%20Quickstart%20Guide.pdf>
As reported:
I set up a share point, enabled Automount (use home folders in LDAP dir.), and then created some homes with with WGM (this worked). Then I added an application preference at /System/Library/CoreServices and selected Folder Redirection.
I checked that the client was bound to the Server, but when I try to boot all I got is a flashing globe and a lot of fan activity. Did I miss something in the steps above?
(looked different on different clients
I set up two test IMAP accounts on 10.5 Server, the only difference is that one uses MD-5 and the other Kerberos for authentication (not sure why). They are set to store all mail on the Server, but to download mails and attachments.
The odd thing is that only the Inboxes appear in Mail where they should be on the 10.5 client. The Trash has one of the account's mailboxes, but Junk, Sent Messages, and Drafts appear under "On this Mac". The Drafts folder has nothing in it.
The only other odd thing is that sometime Mail shows accounts on another server as being offline, when the are online. Syncing with that Server makes the problem go away.
As far as I can see the new test accounts are set up just like the old ones. Could this be a Server side problem, or must it be something on the client?
dss
Server Admin:
Open Dir, Config Log:
Contacting the Directory Server
Authenticating to the Directory Server
Creating Kerberos directory
Creating KDC Config File
Creating Admin ACL File
Creating Kerberos Master Key
Creating Kerberos Database
Creating Kerberos Admin user
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
Adding kerberos auth authority to admin user
Creating keytab for the admin tools
Adding KDC & kadmind to launchd
Adding the new KDC into the KerberosClient config record
Finished
2008-03-16 12:57:55 +0100 - command: /usr/sbin/sso_util configure -x -r SECUREID.NET -f /LDAPv3/127.0.0.1 -a diradmin -p **** -v 1 all
2008-03-16 12:57:55 +0100 - sso_util command output:
Contacting the directory server
Creating the service list
Creating the service principals
WARNING: no policy specified for cifs/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ldap/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for xgrid/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for vpn/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ipp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for xmpp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for XMPP/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for host/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for smtp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for nfs/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for http/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for HTTP/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for pop/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for imap/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for ftp/secureid.net@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for afpserver/secureid.net@SECUREID.NET; defaulting to no policy
Creating the keytab file
kadmin.local: No entry for principal cifs/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ldap/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal xgrid/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal vpn/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ipp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal xmpp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal XMPP/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal host/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal smtp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal nfs/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal http/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal HTTP/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal pop/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal imap/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal ftp/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
kadmin.local: No entry for principal afpserver/secureid.net@SECUREID.NET exists in keytab WRFILE:/etc/krb5.keytab
Configuring services
WriteSetupFile: setup file path = /temp.iAJ8/setup
2008-03-16 12:57:55 +0100 - command: /sbin/kerberosautoconfig -f /LDAPv3/127.0.0.1 -u -v 1
2008-03-16 12:57:55 +0100 - command: /usr/sbin/mkpassdb -kerberize
2008-03-16 12:57:56 +0100 - mkpassdb command output:
WARNING: no policy specified for secureid.net$@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for root@SECUREID.NET; defaulting to no policy
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "diradmin@SECUREID.NET".
WARNING: no policy specified for secureid.net$@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "secureid.net$@SECUREID.NET".
WARNING: no policy specified for root@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "root@SECUREID.NET".
WARNING: no policy specified for diradmin@SECUREID.NET; defaulting to no policy
add_principal: Principal or policy already exists while creating "diradmin@SECUREID.NET".
2008-03-16 12:57:56 +0100 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 12:57:56 +0100 - command: /usr/sbin/vpnaddkeyagentuser -q /LDAPv3/127.0.0.1
2008-03-16 12:57:56 +0100 - slapconfig -selfwrite
2008-03-16 12:57:56 +0100 - slapconfig -setldapconfig
2008-03-16 12:57:56 +0100 - command: /usr/sbin/mkpassdb -setreplicationinterval 300 SyncDefault
2008-03-16 12:57:56 +0100 - command: /usr/bin/ldapmodify -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 12:59:24 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 12:59:24 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 13:00:38 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 13:00:38 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 13:00:38 +0100 - slapconfig -selfwrite
2008-03-16 15:27:18 +0100 - slapconfig -setmacosxodpolicy
2008-03-16 15:27:18 +0100 - command: /usr/bin/ldapadd -c -x -H ldapi://%2Fvar%2Frun%2Fldapi
2008-03-16 15:27:18 +0100 - slapconfig -selfwrite
Secure Log:
Mar 16 13:00:00 secureid newsyslog[9396]: logfile turned over due to size>100K
Mar 16 14:53:53 secureid /usr/sbin/PasswordService[9241]: client response doesn't match what we generated
Mar 16 15:11:48 secureid shutdown[10998]: reboot by hostmaster:
Mar 16 15:12:22 secureid com.apple.SecurityServer[36]: Entering service
Mar 16 15:12:46 secureid com.apple.SecurityServer[36]: Succeeded authorizing right config.modify.com.apple.CoreRAID.admin by client /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer for authorization created by /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer.
Mar 16 15:13:19 secureid loginwindow[64]: Login Window Started Security Agent
Mar 16 15:13:25 secureid SecurityAgent[172]: Showing Login Window
Mar 16 15:13:56 secureid SecurityAgent[172]: User info context values set
Mar 16 15:13:57 secureid SecurityAgent[172]: Login Window done
Mar 16 15:13:57 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.login.console by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 15:13:57 secureid loginwindow[64]: Login Window - Returned from Security Agent
Mar 16 15:13:58 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.login.done by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 15:51:46 secureid /usr/sbin/PasswordService[62]: client response doesn't match what we generated
Mar 16 16:23:20 secureid com.apple.SecurityServer[36]: Succeeded authorizing right system.burn by client /Applications/Utilities/Disk Utility.app for authorization created by /Applications/Utilities/Disk Utility.app.
Mar 16 16:29:46 secureid shutdown[1300]: reboot by hostmaster:
Mar 16 16:30:09 localhost com.apple.SecurityServer[35]: Entering service
Mar 16 16:30:14 secureid com.apple.SecurityServer[35]: Succeeded authorizing right config.modify.com.apple.CoreRAID.admin by client /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer for authorization created by /System/Library/PrivateFrameworks/CoreRAID.framework/Versions/A/Resources/CoreRAIDServer.
Mar 16 16:30:51 secureid loginwindow[64]: Login Window Started Security Agent
Mar 16 16:30:58 secureid SecurityAgent[192]: Showing Login Window
Mar 16 16:31:31 secureid SecurityAgent[192]: User info context values set
Mar 16 16:31:32 secureid SecurityAgent[192]: Login Window done
Mar 16 16:31:32 secureid com.apple.SecurityServer[35]: Succeeded authorizing right system.login.console by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
Mar 16 16:31:32 secureid loginwindow[64]: Login Window - Returned from Security Agent
Mar 16 16:31:33 secureid com.apple.SecurityServer[35]: Succeeded authorizing right system.login.done by client /System/Library/CoreServices/loginwindow.app for authorization created by /System/Library/CoreServices/loginwindow.app.
System Log:
Mar 16 18:00:00 secureid com.apple.launchd[1] (0x10f740.cron[1274]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:01:30 secureid ctl_cyrusdb[1306]: checkpointing cyrus databases
Mar 16 18:01:30 secureid ctl_cyrusdb[1306]: done checkpointing cyrus databases
Mar 16 18:05:00 secureid com.apple.launchd[1] (0x10f740.cron[1344]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:10:00 secureid com.apple.launchd[1] (0x10f740.cron[1402]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:15:00 secureid com.apple.launchd[1] (0x10f740.cron[1468]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:15:08 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:08 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1472]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:15:09 secureid postfix/smtp[1471]: warning: SASL authentication failure: No worthy mechs found
Mar 16 18:20:00 secureid com.apple.launchd[1] (0x10f740.cron[1532]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:25:00 secureid com.apple.launchd[1] (0x10f740.cron[1608]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:27:14 secureid Unknown[30]: Client application bug: DNSServiceResolve(ae._airport._tcp.local.) active for over two minutes. This places considerable burden on the network.
Mar 16 18:28:03 secureid imap[1645]: TLS server engine: cannot load CA data
Mar 16 18:28:03 secureid imap[1645]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:28:03 secureid imap[1645]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
Mar 16 18:28:03 secureid imap[1645]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:28:03 secureid imap[1645]: skiplist: recovered /var/imap/user/d/dss.seen (3 records, 5948 bytes) in 0 seconds
Mar 16 18:28:03 secureid imap[1648]: TLS server engine: cannot load CA data
Mar 16 18:28:03 secureid imap[1648]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:28:03 secureid imap[1648]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:28:03 secureid imap[1648]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:00 secureid com.apple.launchd[1] (0x10e9e0.cron[1675]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:30:13 secureid imap[1696]: TLS server engine: cannot load CA data
Mar 16 18:30:13 secureid imap[1696]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:30:13 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:13 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:13 secureid imap[1699]: TLS server engine: cannot load CA data
Mar 16 18:30:13 secureid imap[1699]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:30:13 secureid imap[1699]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:13 secureid imap[1699]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1699]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1699]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1648]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1648]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1645]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1645]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:30:39 secureid imap[1696]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:30:39 secureid imap[1696]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:31:30 secureid ctl_cyrusdb[1716]: checkpointing cyrus databases
Mar 16 18:31:30 secureid ctl_cyrusdb[1716]: done checkpointing cyrus databases
Mar 16 18:33:22 secureid imap[1749]: TLS server engine: cannot load CA data
Mar 16 18:33:22 secureid imap[1749]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:22 secureid imap[1749]: STARTTLS negotiation failed: [10.0.1.200]
Mar 16 18:33:30: --- last message repeated 1 time ---
Mar 16 18:33:30 secureid imap[1749]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits new) no authentication
Mar 16 18:33:30 secureid imap[1749]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1753]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1753]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1753]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1753]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1754]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1754]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1754]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1754]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1749]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1749]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:33:30 secureid imap[1756]: TLS server engine: cannot load CA data
Mar 16 18:33:30 secureid imap[1756]: TLS server engine: No CA file specified. Client side certs may not work
Mar 16 18:33:30 secureid imap[1756]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
Mar 16 18:33:30 secureid imap[1756]: login: [10.0.1.200] dss plaintext+TLS user logged in
Mar 16 18:35:00 secureid com.apple.launchd[1] (0x10ebe0.cron[1777]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:40:00 secureid com.apple.launchd[1] (0x10ebe0.cron[1848]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:45:00 secureid com.apple.launchd[1] (0x10ebf0.cron[1931]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:50:00 secureid com.apple.launchd[1] (0x10ebf0.cron[2030]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 18:55:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2110]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:00:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2184]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:01:30 secureid ctl_cyrusdb[2217]: checkpointing cyrus databases
Mar 16 19:01:30 secureid ctl_cyrusdb[2217]: done checkpointing cyrus databases
Mar 16 19:03:54 secureid imap[1753]: idle for too long, closing connection
Mar 16 19:05:00 secureid com.apple.launchd[1] (0x10ebe0.cron[2270]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:08:48 secureid Python[53]: CGImageSourceCreateWithData data parameter is nil
Mar 16 19:08:48 secureid com.apple.wikid[53]: Sun Mar 16 19:08:48 secureid.net Python[53] <Error>: CGImageSourceCreateWithData data parameter is nil\n
Mar 16 19:08:48 secureid Python[53]: CGImageSourceCreateWithData data parameter is nil
Mar 16 19:08:48 secureid com.apple.wikid[53]: Sun Mar 16 19:08:48 secureid.net Python[53] <Error>: CGImageSourceCreateWithData data parameter is nil\n
Mar 16 19:10:00 secureid com.apple.launchd[1] (0x10eae0.cron[2345]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:11:23 secureid imap[1756]: idle for too long, closing connection
Mar 16 19:15:00 secureid com.apple.launchd[1] (0x10e9e0.cron[2446]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:20:00 secureid com.apple.launchd[1] (0x10eae0.cron[2505]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:21:48 secureid imap[1754]: idle for too long, closing connection
Mar 16 19:25:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2564]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:25:08 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:08 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2575]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:25:09 secureid postfix/smtp[2576]: warning: SASL authentication failure: No worthy mechs found
Mar 16 19:30:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2598]): Could not setup Mach task special port 9: (os/kern) no access
Mar 16 19:31:30 secureid ctl_cyrusdb[2615]: checkpointing cyrus databases
Mar 16 19:31:31 secureid ctl_cyrusdb[2615]: done checkpointing cyrus databases
Mar 16 19:35:00 secureid com.apple.launchd[1] (0x10e8e0.cron[2629]): Could not setup Mach task special port 9: (os/kern) no access