Solved

MAC will not authenticate and log in network users, working with MAC server

Posted on 2011-09-14
9
444 Views
Last Modified: 2012-05-12
I have a MAC workstation running 10.6 that is in a network environment with a MAC server.  Everything was running fine for months until today, now this one computer will no longer allow network users to "authenticate" and log in.  I have tried the following:

Ran Onyx to clean up files
Un-bound and re-bound the machine to the server
Performed a reinstall of the OS files from the MAC disk

The problem still persists.  Of course I have ensured that there is good network connectivity and I can see the network and all network resources when logged in as the local administrator, I just can not get network users logged into this machine.  We are using LDAP on the server to administer the accounts.  Any ideas would greatly be appreciated.
0
Comment
Question by:jfoster316
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 

Expert Comment

by:abaskerville
ID: 36542054
Have you booted from the CD and done a repair disk?  

We had this problem once and it was caused because we restarted a computer that we thought was hung up during a firmware update.  It booted up okay, but you couldn't get anywhere.  For us, our only solution was to redeploy the system image from the server.

0
 

Author Comment

by:jfoster316
ID: 36542359
Yes, I tried booting from the disk and doing a repair, unfortunately that did not work either.  I can only think at this point it has something to do with the kerboros database getting corrupted somehow.  I am going to try and fix the kerberos, but barring that, reinstall is the only thing that I can think should work.
0
 
LVL 10

Expert Comment

by:EdTechy
ID: 36542758
A couple of things you can try.
Unbind the workstation from the server. Delete the file /Library/Preferences/edu.mit.Kerberos, rebind.
Check System Preferences>Accounts>Login Options. Make sure there is a check mark next to "Allow network users to log in at login window." Check the options for that and make sure they are appropriate.
Make sure your time is synced to the same server on the workstation and server. Or at least, the time is within a few seconds of each other.
0
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

 

Author Comment

by:jfoster316
ID: 36546819
I have reloaded the MAC, erased the HDD first and did a clean reload.  You may not believe this, but now I can not join it to the server now with the admin account.  It will not allow the admin user and password to even talk to the server.

Something is wickedly wrong with this set up.  I am out of ideas, and have tried all of the suggestions posted here and many others suggested by friends and colleagues.
0
 
LVL 10

Expert Comment

by:EdTechy
ID: 36548992
Try binding without authentication.
Here is some info from apple on authenticated binding. I do not require it on my server so I don't know much about it. http://docs.info.apple.com/article.html?path=ServerAdmin/10.5/en/c8od18.html
0
 

Assisted Solution

by:jfoster316
jfoster316 earned 0 total points
ID: 36551308
I use the binding with authentication so that I can use roaming profiles.
0
 

Accepted Solution

by:
jfoster316 earned 0 total points
ID: 36551326
Issue solved on my end.  Found that after reload and then rebooting the server, this machine finally allowed me to authenticate users on it.  Then hooked this mac back up to the original location and it failed again.  Did some checking and found that the ethernet cable had been crushed back behind some furninture.  This crushing did not seem to have totally terminated the connection, as I was still able to surf the web, see network resources, and the like, but for some reason, the signal was degraded enough to causee the connection to the server to become corrupted when Kerberos was trying to authenticate.  So, after replacing the ethernet cord and then rebooting the server to purge the database, the machine is up and running perfectly fine.  Only MAC could have this kind of crazy issue, IMO.
0
 

Author Closing Comment

by:jfoster316
ID: 36572287
This issue all stemmed from a bad cable, that for some reason caused the Kerberos database on the server to become corrupt and not allow this machine to log in.
0
 
LVL 10

Expert Comment

by:EdTechy
ID: 36552153
Glad you got it.
0

Featured Post

Do you have a plan for Continuity?

It's inevitable. People leave organizations creating a gap in your service. That's where Percona comes in.

See how Pepper.com relies on Percona to:
-Manage their database
-Guarantee data safety and protection
-Provide database expertise that is available for any situation

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When replacing some switches recently I started playing with the idea of having admins authenticate with their domain accounts instead of having local users on all switches all over the place. Since I allready had an w2k8R2 NPS running for my acc…
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question