• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 849
  • Last Modified:

Snow Leopard Server - Issue deleting computers from Workgroup Manager

I have a site with two snow leopard servers.
One is the Directory Master, the other a Replica.
The IPs and names of the computers have been changed and although the DNS is working and looks right, there is something very deeply amiss with the setup.
Mail is installed and running on the replica without issue.

However........
Couple of issues include:
Cannot open Server Preferences on the Replica.
Cannot connect correctly to the iCal server on the Replica.
Cannot delete any computers in workgroup manager.

I know these are all related to DNS and the name change.

Rebuilding is not an option.

Can I.....?

Demote the Directory services on the Replica without breaking mail.
Can I simply not have a replica?
Do I need to join The replica server to the Directory Master?
Can I delete all the keychain entries on the Replica that reference the old server name and IP without breaking anything?

Look forward to some workable solutions.
0
OxygenITSolutions
Asked:
OxygenITSolutions
1 Solution
 
Britt ThompsonSr. Systems EngineerCommented:
I can almost guarantee you're not going to get all the dns problems ironed out after changing the names and IP's of your servers. Although the DNS can be setup correctly the KERBEROS info is always going to flake out. I recommend exporting out the user list, archiving Open Directory, reconfigure OD and import the user list (the only thing you lose is the passwords that have to be manually re-entered).

But, to answer your questions:

You can pretty much do anything to the replica and not effect the main server but removing the replica from the replica will not likely fix any issues since the main KERBEROS and DNS data lives on the Master.

Deleting the keychains will hurt nothing on either server.

When trying to connect to the services on the server you may need to try and connect to 127.0.0.1 or servername.local as opposed to the FQDN or short DNS names. If you still have trouble try changing the DNS server used in the NIC to something other than itself or the other Mac server. This will force it to use the bonjour name or loopback.

Rebuilding OD or changing the names/IP's back may be the only option. If you're going to try to repair the DNS issues I recommend you make a good clone of the servers' OS'es or verify you have a good Time Machine backup before hand.

Other questions...are you able to join new machines to OD? Have you verified that KERBEROS is running on the Master?

There's a slim chance that rebuilding KERBEROS could help out. Check this thread and use this method for rebuilding: http://discussions.apple.com/thread.jspa?threadID=1126264
0
 
OxygenITSolutionsAuthor Commented:
Great advice. I was able to change the Kerberos Realm. I was also able to successfully archive the OD, destroy it, recreate it and restore. All settings now appear as they should. I am sure deep down there are some underlying entries referencing the old .local name but for now, the server and services are functioning much better.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now