Unable to log-in to client machines - Open Dir Master

A

ACaton

Registered
Ok.. sorry first for the multiple topics.. I really hope I can get this done soon and stop buggin y'all :)

I'm unable to login to the client machine I'm testing with at the moment.

Server is running open directory master.
-Kerberos is running
-LDAP is running
-Lookup server is running
-Password server is running

AFP is running
DNS is running
Using an external DHCP server

User accounts have been made on the LDAPv3 node.

The directory with the home directories in it is shared and set to be for home directories with LDAP.

Users home directories are selected.


On the client machine-
LDAPv3 plugin in directory access pointed to the server
Authentication/Contacts tab pointed to the server
DNS server is pointed to the server..


When I get the login window, I have the "Other..." option, but am unable to login to any of the accounts. It gives me the same thing that would happen if the password was wrong. I've quadruple-checked the passwords, and they're right.
The only thing I can think of is that the workgroup manager seems to change every password to an 8-char password, but I've been told this is a security measure to disguise the real length of the password.


Any help would be greatly appreciated. Thanks!
 
Try logging the user into the server first. This will tell you whether it is the user account or the client machine.
Check the home directory with inspector and make sure it is pointed to the right directory, folder and sharepoint
Use the ip address in the directory access to take dns out of the equation.
Make sure the host name of the machine is the fully qualified domain name.
 
I'm able to login as the directory administrator in workgroup manager, if that's what you mean..

Use the ip address in the directory access to take dns out of the equation.
Click to expand...

Could you elaborate on that? I'm a networking/mac novice, sorry..
 
Yeah, don't worry about the •••• length in WGM. Its security. The passwords are stored in secure shadow hashes outside of the user account.
 
I'm able to login to the accounts on the LDAP node on the server, but only if the home directory is set to something I've not set up in the DNS.. however the Network/etc. path is the same as what I thought was the correct afp:// path.
 
I think it may be a problem with the hosts file. The server I didn't recognize was what I set the server's IP as in the host file. I'm going to try fixing the host file and see what happens..
 
ACaton said:
I think it may be a problem with the hosts file. The server I didn't recognize was what I set the server's IP as in the host file. I'm going to try fixing the host file and see what happens..
Click to expand...

Have you used the Directory Access tool to tell the CLIENT where to look for the LDAP server. Especially when testing, use the IP-nummer in stead of a name.

For LDAP both the password and username may be anything you want, I have no limitations on my servers.

Good Luck, Kees
 
Used the IP on the CLIENT machine. Am on break at the moment so I can't get to the server.

However when I was working on it I tried deleting the LDAP db and then remaking the open dir master, but when I went to save it as an open dir master I got "error writing setings (69)" or something extremely similar to that (sure on the number at the end), so now I can't even set it to be an open dir master..
 
ACaton said:
Used the IP on the CLIENT machine. Am on break at the moment so I can't get to the server.

However when I was working on it I tried deleting the LDAP db and then remaking the open dir master, but when I went to save it as an open dir master I got "error writing setings (69)" or something extremely similar to that (sure on the number at the end), so now I can't even set it to be an open dir master..
Click to expand...

Also try with a different machine. Also remove under the directory access utility the entry and recreate it. That might work too. How did you setup the entry ?


Good luck, Kees
 
You must log in or register to reply here.
Back
Top