How to access “Server Preferences” on colo-ed Snow Leopard server

authenticationcolocationmac-osxosx-snow-leopard

We have a colocated Mac OS X 10.6 server, and I need to create a new user on the box. (The existing users were created by me when the box was on my desk.) I'm able to connect to the machine using SSH and also using the Server Admin utility. However, user management appears to require the Server Preferences utility. When I try to connect with Server Preferences, I get this error:

Unable to set node credentials for /LDAPv3/127.0.0.1 with the record name [FDQN]$.

There may be a problem with the Open Directory service.

(N.B. I've obscured the actual server name; where it says [FDQN] above, the actual error has the complete name of the server.)

In the server logs, which I can see using Server Admin, I see

Dec 10 11:31:05 eiffel servermgrd[63]: servermgr_accounts: got error 5203 trying to auth to local LDAP node

(N.B. eiffel is the hostname.) I think this is the relevant line; Jabber is flapping for some reason (different problem) and smothering the logs with its attempts to start up.

I'm not familiar with Open Directory, and I don't really want to have to be; I just want to administer my server, in particular to create a new unix user on the box so they can connect via SSH. Thanks for any pointers.

(ETA: My research suggests that VNC would solve this problem. Unfortunately, I need access to Server Preferences to allow VNC access, so that's a Chicken and egg problem. (See what I did there?) Setting up an SSH tunnel sounds like a great idea, but I need a bit more fine-grained advice (which ports on each end?) to put that into practice.)

ETA, 12/16: I'm able to add a new user with the Workgroup Manager utility, which is part of the server tools package. (I suspect I have it on my laptop and not my desktop, which is why I didn't find it sooner.) Even though the urgency is gone, I'm leaving the question open because I still can't connect with Server Preferences.

Best Answer

You could enable Apple Remote Desktop via the command line

As for the SSH tunnel, the main port is TCP 311

ie: ssh -N remoteUsername@remoteServer -L localPort/connectToHost/remotePort

for

ssh -N remoteUsername@remoteServer -L 311/localhost/311

Related Solutions

OS X Login Authentication Against Leopard Server

It sounds more likely something may be wrong with your configuration - how did you add the Open Directory server in Directory Utility as what you want is precisely how it is supposed to work.

Additionally, before too much else double check your DNS as DNS will cause all sorts of issues with Open Directory.

For instructions you can check the docs: Open Directory Admin PDF, specifically: page 118 quoted:

To connect to a standard or workgroup configuration server:

1 Open Directory Utility (in /Applications/Utilities/).
2 If the lock icon is locked, unlock it by clicking it and entering the name and password of an administrator.
3 Click Directory Servers, then click the Add (+) button.
4 From the “Add a new directory of type” pop-up menu, choose Open Directory.
5 In the “Server Name or IP Address” field, enter the server name or IP address.
6 (Conditional) Before you select the “Encrypt using SSL” checkbox, check with your Open directory administrator to determine if SSL is needed.
7 In the Introduction pane, a list of services offered by the server you are connecting to are displayed, click Begin Setup.
8 Enter the Authentication information for the server you are connecting to.
In the name and password field, enter the administrator name and password for the server you are connecting to.
Enter the password for the user account that appears in “Enter the password for the account username on this computer.”
9 Click Continue.
10 Under Configuration Options, choose to let Directory Utility configure your applications or not.
Select Yes if you want the server to configure your application to use services that it offers.
Select No to bypass this configuration.
11 Click Continue.
12 Click Finish Setup.

Mac OS X Server (SL) – System Preferences

Try hostname.local or the FQDN. You really SHOULD be able to use the FQDN. If you can't, it means your DNS server isn't set up correctly. All Apple OS X Servers need DNS to be set up correctly on the DNS server side. This is critical to getting almost all of the services set up correctly.

Since the OS has already been installed, verify that DNS is working by doing:

sudo changeip -checkhostname

You should get:

Primary address     = 10.10.10.10

Current HostName    = xserve.example.com
DNS HostName        = xserve.example.com

The names match. There is nothing to change.

Of course, substituting the IP address and hostname for their actual values.

I'd also recommend checking out http://consultants.apple.com/

**** Update ****

Your DNS is not set up correctly*. This is mandatory to set up OS X Server. Your DNS server (or whoever provides DNS) has to have a DNS record of the fqdn pointing to your server. Once that is done, run changeip - 192.0.0.12 192.0.1.10 oldhost newhost. oldhost would be server.local and newhost would be whatever your FQDN is. This MUST be done before you can go any further.

Since the server seems like a fresh setup, I would suggest even trying a re-install which will give you the chance to set it up correctly during the installation process which is a bit easier than trying to go back in and doing it afterwards.

A bit of advice though, Apple markets OS X Server to be "simple" and that it will "just work". While that may be true, you still need to know the ins and outs of it for when something stops working and you're not sure what to do. If you don't, hire someone who does.

*.local is not a FQDN. It is used for Apple's Bonjour service, which is a different thing altogether. Important to know the difference.

Best Answer

Related Solutions

OS X Login Authentication Against Leopard Server

Mac OS X Server (SL) – System Preferences

Related Topic