New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
OS X - Operating System General OS operation information and support

Workgroup Manager greyed out when authenticated as diradmin


Post Reply New Thread Subscribe

 
Thread Tools
BarryWAaMC

 
Member Since: Sep 07, 2011
Posts: 5
BarryWAaMC is on a distinguished road

BarryWAaMC is offline
Hi,

We are running Mac OS X Server v10.5.8.
The machine supports 36 iMac clients with access rights using OD LDAP v3.
Authentication for all Mac users is done directly with AD running on Windows Server 2003 via Thursby's AdmitMac.

The setup has been running smoothly for about 3 years now.
The other day I went to make some group changes in Workgroup Manager, to allow access to new software.
I logged in as diradmin with the usual password, (padlock appeared open), but discovered, that everything was greyed out!
The only item I was able to change and save was the diradmin password.
I could not add / remove any users, groups. Could not change any preference settings.

As you can imagine, this is causing a BIT of a problem.

The correct access rights are still being granted to all users, so clients are not seeing anything different.

Any ideas or thoughts as to why the server has decided to deny access, would be much appreciated.

Many thanks,

Barry.
QUOTE Thanks
MacsWork

 
MacsWork's Avatar
 
Member Since: May 22, 2005
Location: Closer than you think.
Posts: 2,146
MacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really nice
Mac Specs: Performa 6116 2GBSCSI 8MB OS 7.5.3

MacsWork is offline
Are you running the same version of the server admin tools?
QUOTE Thanks
BarryWAaMC

 
Member Since: Sep 07, 2011
Posts: 5
BarryWAaMC is on a distinguished road

BarryWAaMC is offline
MacWorks,

Thanks for replying.

I am running v10.5.5 of the Workgroup Manager, which I believe is the correct version for v10.5.8 of MacOS X Server.

Cheers,

Barry.
QUOTE Thanks
MacsWork

 
MacsWork's Avatar
 
Member Since: May 22, 2005
Location: Closer than you think.
Posts: 2,146
MacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really nice
Mac Specs: Performa 6116 2GBSCSI 8MB OS 7.5.3

MacsWork is offline
In server admin, does Open Directory list LDAP, Password and Kerberos as Running under the Overview section?
QUOTE Thanks
BarryWAaMC

 
Member Since: Sep 07, 2011
Posts: 5
BarryWAaMC is on a distinguished road

BarryWAaMC is offline
MacsWork,

Thanks again.

In the Overview of Open Directory, LDAP and Password Server are both running, but Kerberos is Stopped.

I am also unable to change any of the settings in the Server Admin console.

Cheers,

Barry.
QUOTE Thanks
MacsWork

 
MacsWork's Avatar
 
Member Since: May 22, 2005
Location: Closer than you think.
Posts: 2,146
MacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really nice
Mac Specs: Performa 6116 2GBSCSI 8MB OS 7.5.3

MacsWork is offline
Bummer,...Your OD is broken.

The problem is you have no idea when it broke I assume. Therefore a restore is pretty much out of the question. That is unless you have a separate OD backup?

Most likely you will have to export the user and group lists from WM and recreate OD. The export will not contain password info so you'll have to enter new passwords for all users. I only suggest the export because importing is better than manual creation of your user list.

This has most likely been caused by improper DNS. Most folks that I have worked with setup their servers thinking they are like AD and next thing you know OD is broken and they don't know why. DNS is almost always the reason.

I was informed by Apple Support there is really no way to resolve this other than recreating OD.

Sorry,....
QUOTE Thanks
BarryWAaMC

 
Member Since: Sep 07, 2011
Posts: 5
BarryWAaMC is on a distinguished road

BarryWAaMC is offline
Do you know how easy it would be to recreate the OD without having to re-install the server.
I was advised that a clean install is the best way to do it, but I would like to find a quick and safe way if possible.

Cheers.
QUOTE Thanks
MacsWork

 
MacsWork's Avatar
 
Member Since: May 22, 2005
Location: Closer than you think.
Posts: 2,146
MacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really niceMacsWork is just really nice
Mac Specs: Performa 6116 2GBSCSI 8MB OS 7.5.3

MacsWork is offline
You should be able to change the role to Stand Alone server and then reboot. Then make sure DNS is running and healthy on the Mac server and that it uses itself as DNS, then Change the OD role to OD master and make it the same name as before. Another note is not to name the domain .local, instead use something like .lcl or .lan, this is another Appleism.

Also, if this is a Mac Pro or Xserve with two NICS, be sure that they are either bonded with one IP or you only use one NIC. The server should not have two IPs. OD will break for sure.

Also be sure to export users and groups in WM before you start to save you time after you create the new OD. Passwords will need to be reset after import.

Be sure to archive the OD DB after you finish for safe keeping.

Good Luck.
QUOTE Thanks

Post Reply New Thread Subscribe


« Lion Crashing | How To Delete 'BootX' & 'boot.efi' from Trash? »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Unable to set proxy server to Workstations through Workgroup Manager Leyton OS X - Operating System 6 10-20-2011 06:44 AM
Workgroup manager crashes when adding new user timgolding OS X - Operating System 2 05-23-2011 11:23 AM
Using Workgroup Manager to restrict apps on Mac mrxphatman OS X - Operating System 1 10-14-2010 08:34 AM
Workgroup Manager Login Shreya Internet, Networking, and Wireless 0 04-15-2009 11:06 AM
Link LDAP Groups to Workgroup Manager Groups Kimono OS X - Operating System 0 10-11-2007 04:35 AM

All times are GMT -4. The time now is 02:22 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?