Open Directory database missing?!?

Not open for further replies.


Here's my issue:

Yesterday about halfway through the day, one of my users came to me with an error message that one of their files was locked and unavailable. I gave them the standard IT response, "Have you restarted yet?" Of course they hadn't, so I sent them on their way to do so. Two minutes later the same user is back saying he can't log in. Sure enough, for some reason his UN/PW were not working.

I got into Workgroup Manager to reset his password, thinking maybe somehow he reset it and didn't realize it, or whatever...

Come to find out, my entire Open Directory database seems to have disappeared. I could not authenticate to the OD using the diradmin user. It appeared that the entire user list was empty - not even an administrator account.

By this time, all hell had broken loose and not a single user on the network was able to do any kind of work, as all authentication had failed and all users were locked out of their network home folders.

I am sure that I didn't do anything that would affect the OD DB, although I was poking around in server admin looking at some of the services I have not yet had a chance to use but want to.

Now, since I do not have any good method for backing up (Finance won't approve any dang expenditures - not even to safeguard the priceless data on the server), I use SuperDuper to clone the entire HDD through firewire onto a partition of my iBook HDD. I have a clone copy of the server from the previous day.

What I'm wondering is if there is any way to restore the data that is currently on my laptop back onto the server. I fear simply copying files and folders back to the server, as I'm not sure what effect this will have on permissions, etc.

If anyone can point me in the right direction here, I would most certainly appreciate it. Thanks for taking the time to read and help.
Wow, I almost cried when you talked about the inability to get a backup solution in place. That's absolutely vital! Ok, I think you've learned your lesson, so lets see what we can do to get you running again! :)

First things first, what Server OS are you running? Have you done any updates or upgrades on this machine recently? If so, how did you perform them?

Have you tried repairing the permissions on the Server? Possibly you may have had some vital permissions on key components become a bit off kilter and that could throw your services off track. Also, have you had any power failures, etc lately? You may also want to try running a filesystem consistency check in single user mode at boot.

Before restoring anything, anywhere, always remember that dragging and dropping items through the Finder can be a permissions nightmare, if you don't know what the proper permissions are supposed to be.

So, SuperDuper creates a clone, not a disk image, correct? Try using SuperDuper to replicate the data to an unused drive in your Xserve and see what type of results you get. The issue with this is that an OpenDirectory really needs to be stopped to properly back up the data. You'll have to hope that, if you do need to restore, that it's not too fuzzy of a backup.

You can shut down the OD LDAP by using a command like:

/System/Library/StartupItems/LDAP/LDAP stop

You can backup the LDAP with:

/usr/sbin/slapcat > BackUp_Directory_Here/ldap.dump

Start up your LDAP again with:

/System/Library/StartupItems/LDAP/LDAP start

All of those need to be run as root, or use the sudo command. Remember, there's the OD LDAP, there's your Kerberos and your Password Server that all need to be backed up. :)
This is a Mac OS X Server 10.4.1. It's running on (yeah, I know) an old iMac G4 flat-panel. Again, funding is hard to come by around here. :mad:

I checked permissions using disk utility and it did not find any incorrect permissions.

I booted into single user mode and ran "fsck /volumes/server" (server is the name of the volume) and it told me it could not read block 16-32 (it was a little more verbose than that) and that the volume was not a character <something>. I really need to start writing this stuff down... :rolleyes:
I also tried just "fsck" but did not get any return messages.

Yes, SuperDuper creates a clone, not a dmg. So basically the file system on the partition of my iBook is an exact copy of all files and folders on the server volume. Or at least it should be.

Oh, to be able to afford a nice new Dual-G5..... :(
Ok, we're getting someplace, at least! :)

When you ran fsck, did you run it as fsck -yf, to have it force the operation on the journaled disk?

Also, how did you get to 10.4.1? Did you formerly have a 10.3 OD on the same machine?
Ok, I ran fsck -yf on /volumes/server and here is the output:


/volumes/server is not a character device

* /volumes/server (NO WRITE)


THE FOLLOWING DISK SECTORS COULD NOT BE READ: 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31
ioctl (GCINFO): Inappropriate ioctl for device
fsck: /volumes/server: can't read disk label


As far as OS version, this is our first server, so it was a clean install on a blank HDD to 10.4, and was updated when 10.4.1 was released.

Thanks for helping with this - I *really* appreciate it.

If your booting from the /Volumes/Server drive, it should be the root level.

Are you specifying the /Volumes/Server in the fsck -yf command? If you are, try leaving it off.

ioctl performs many device control functions...and that is the first time i've seen that returned. :-/
When I don't specify /volumes/server, I get no output whatsoever. Being unfamiliar with fsck, I don't know if no output means that everything is OK or if it means that it did not do anything.
SuperDuper has a Restore function.
Sounds like you have a drive problem. Maybe use DiskWarrior.
I'd say overall it sounds like the hardware could be failing. Depending on your tolerance for downtime and data loss, coupled with cost, you may even want to just get yourself a new HD. Drives are pretty cheap these days.

You may also want to at least get a FireWire drive as well, for backups. ;)
Ok, so I went ahead and stuck a spare 80GB WD HDD in the machine, assuming that I would have to erase and reinstall OS X Server on the old drive anyway, and fearing another major data loss.

Drive went in just fine, booted to OS X Server Install Disc, ran Disk Utility, partitioned the drive, quit Disk Utility, ran installer, and went through the initial configuration. Booted up just fine. I was happy.

Then I decided I'd run Software Update, which I did. Software update ran without a hitch. When it finished, it restarted and hung on the grey Apple with the spinny thing.

Ok, Software Update must have written some permissions I rebooted again to the Install Disk, ran Disk Utility, repaired permissions, and it did indeed find some incorrect permissions. Great! I figured I had solved the problem.

Nope. OS X Server will NOT boot after running SU. Any suggestions?
Not open for further replies.