corporateKeenan
asked on
Directory Utility/Users can't log into their computers??!?!
Xserver version 10.5.8 is giving me a headache. Users reported that they could not log into their systems(iMacs). I double clicked on the login screen to find that all said and "Some Network Accounts Available" and other saying "No accounts available". So I logged into the server then to entered Server Admin. Open Directory was shown as running, which is what we want right. Next I entered the Utilities > Directory Utility. From there the "Local Server" was shown as running but the "Active Directory Server(Windows 2003 Server R2)" was not and had a red button label next to it. I checked the setup and everything was labeled as what it should be. I then rebooted the server. The Directory Utility now shows both the Local and Active Directory Server as running, green lights. I reboot a few iMacs and find that they all now still say "Some Network Accounts available". What could be the issue, i'm sure I hit all of the hot spots and they are active and even show in the "Workgroup Manager" utility with their account info. What should I do next to fix this issue.
Also, Once you start to get a green directory services light across the board (ie all of your clients) ensure that you test logging on thoroughly, create 3 different test accounts. You may encounter an error message upon subsequent login / logouts. If that is the case there will be a file that you need to modify to ensure logons work correctly. I can post that info as well, however work on the green directory service ligth issue first.
ASKER
Yes you are correct the XServe is authenticating to Active Directory on the Windows Server which is hosting the AD, DHCP, DNS and etc. None of the iMacs are kerberized to the Active Directory Server and they never have been. Another issue that I didn't note was that the XServe's HD was filling up rapidly because of some .ASL files that grew to 28gb. On instances when the OSX HD gets low these issues arise with users not being able to log in. I have copied the files to a external HD and Deleted them from the Server HD. Going back to the AD issue, everything is bound and running smoothly from the server side(green lights everywhere) but the clients are not getting the same response. Should I possibly try rebooting the AD server to see if Windows is hanging?
what are your clients pointing to for time?
Also if you are not kerberizing to AD then i assume that OD is hosting your User Accounts. Am i correct in this assumption?
My main question is this, what are you using the xserver for? What services is it hosting that the windows server is not?
My main question is this, what are you using the xserver for? What services is it hosting that the windows server is not?
ASKER
The clients are pointing to the XServe to sync their clocks. The XServes only purpose is to securely lock down Apple clients access to certain network directories and to give acces to only certain apps, host updates/image files and to obtain the user profiles from our Windows Server's AD and provide access when the correct. The only services that it is hosting that Windows is not offering is really only QuickTime streaming and Netboot. It really only serves as a gateway for our Macs to access network info by user profiles.
ASKER
I'm also seeing that on the client pcs it is displaying that the "Open Directory Server is not responding"?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hey thanks for the script unfortunately my clocks were already pointing to the AD server. I really think that it is an issue with my Open Directory on XServe because each of my clients now have a green lights for the Active Directory Domain which is good they are bound but there is a red light for the Open Directory. I tried using the IP instead of the DNS Name to hopefully catch a break, it still didn't respond. So I will be posting some Print Screens from my Remote Desktops next.
ASKER
Here are a few screen captures of the client and the Xserve configs.
ClientProblem.png
ClientMac.png
XServesDUgreenlights.png
XServeOD.png
XServeODBinding.png
XServeODauth.png
ClientProblem.png
ClientMac.png
XServesDUgreenlights.png
XServeOD.png
XServeODBinding.png
XServeODauth.png
ASKER
Found the solution, it was an ip address change on the server that the clients do not recognize. Is there a script that I can run in terminal that will update the IP address of the Xserve?
ASKER
Nevermind the script I got the changes made to the ip and all is well now.
ASKER
Good starting tip.
Which servers are hosting particular services? ie DHCP, DNS. Are your OSX clients kerberized to the AD server? ie. Is AD handling your authentication or is Open Directory. All of these factors have a huge impact on what your particular solution might be.
From the information i feel i have been given so far it sounds like you are authenticating to Active Directory. If that is the case are all of your clients Clocks Set to sync to the IP address of the Active directory server? Also the OSX server should be set to sync to it as well. Provided that AD is handling your domain authentication?