Ticket Options
Question Profile
| DATE | Nov 15, 2007 |
| TICKET | #335028 |
| STATUS | Closed |
| SUBJECT | Leopard Upgrade - Short names not wrking |
| CAT | Computers, Operating Systems, Applications or Connected Devices |
| TYPE | Operating System Features, Bugs and Problems |
| DESC | Apple |
| DESC | 10.5.X (Leopard) |
| PLATFORM | Apple Macintosh (Intel) |
| MODEL | Mac Pro |
| PROC | 2.7GHZ Dual Core |
| RAM | 2.0GB |
| DRIVE | 1.41TB |
| NAME | James |
| USERNAME | casket88 |
| TECHNICAL | Lots of Experience |
| ISSUE | Stumped |
Question Details
TICKET ARCHIVE -> Leopard Upgrade - Short names not wrking
casket88 - Nov 15, 2007 - 11:01 pm
Hi there,
We have an XServ that was running Tiger, that is up until Monday when the drive controller failed while both IT staff (myself included) were out of state on business.
We aranged to purchase a new system to temporarily allow us to use Email and VPN. A support technician at Apple Australia built and configured a new Leopard server to the exact same specs as our previous server while it is out of comission (waiting for parts from Indonesia).
When importing across all the users, the short names did not come with them. We use the following naming conventions:
(Default shortname)
. (For older email configs)
. (New configs)
Now Joe Bloggs email client is either configured for joeb or joe.bloggs depending on how recent the configuration is. When the user accounts were copied accross only the default shortname came with them. As you can imagine even though email was temporarily working, no one could use it.
We got the apple tech to configure the 120+ users with the remaining two short names.
The problem is now that even though the users can authenticate against the server via LDAP, they can not pull any email down (POP3). This is using the exact same client configuration (SMTP requires no auth). The apple technician has no idea why this has happened and has never seen this before.
Short of configuraring every single email account across multiple operating environments to poll the server using the default short name (), the business is still at a stand still.
What makes this a bit more interesting is those users running Macs (OS X Tiger) CAN get their emails even if they are configured for a different short name. This is a minority of the users.
If anyone could offer some support I would be very appreciative as right now I am at an absolute loss.
We have an XServ that was running Tiger, that is up until Monday when the drive controller failed while both IT staff (myself included) were out of state on business.
We aranged to purchase a new system to temporarily allow us to use Email and VPN. A support technician at Apple Australia built and configured a new Leopard server to the exact same specs as our previous server while it is out of comission (waiting for parts from Indonesia).
When importing across all the users, the short names did not come with them. We use the following naming conventions:
Now Joe Bloggs email client is either configured for joeb or joe.bloggs depending on how recent the configuration is. When the user accounts were copied accross only the default shortname came with them. As you can imagine even though email was temporarily working, no one could use it.
We got the apple tech to configure the 120+ users with the remaining two short names.
The problem is now that even though the users can authenticate against the server via LDAP, they can not pull any email down (POP3). This is using the exact same client configuration (SMTP requires no auth). The apple technician has no idea why this has happened and has never seen this before.
Short of configuraring every single email account across multiple operating environments to poll the server using the default short name (
What makes this a bit more interesting is those users running Macs (OS X Tiger) CAN get their emails even if they are configured for a different short name. This is a minority of the users.
If anyone could offer some support I would be very appreciative as right now I am at an absolute loss.
vinko - Nov 17, 2007 - 12:57 am
Dear James,
My name is Vinko and I will attempt to assist you.
I do not know the exact cause of your problem nor do I understand exactly what your issue is. May be you can clarify your "naming conventions issue" above.
But hearing that you have problems with only non-Tiger users; I presume that these other users are on Leopard. Makes me wonder if this problem of yours have something to do with the new Leopard KeyChain file naming convention, and Leopard's signing of all applications.
You may want to try correcting the KeyChain naming issue for one of your Leopard user to see if the problem can resolve itself.
The Leopard KeyChain file naming convention has to do with the fact that Leopard really likes to have the current active user's KeyChain file be named "login.keychain". Although, if your user's account was migrated over the years from previous Mac OS, it will have the naming convention, ".keychain".
You need to correct the Leopard KeyChain naming issue from each of the users' Macintosh. To do so you can try the following steps:
1. From KeyChain Access you should see a list of Keychains. If you don't, you will have to show it by selecting "Show Keychains" menu item from the View menu.
2. Copy the content of the "login" keychain to the keychain with the short name.
3. Lock all keychains then quit KeyChain Access.
4. Ensure all applications are closed so none would be accessing any of the keychains.
5. Go to the Home directly of the user, Library --> Keychains.
6. Rename the "login.keychain" to something like "login.keychain.org"
7. Rename the.keychain file to "login.keychain"
That should resolve the Leopard KeyChain Naming issue.
BTW: may I assume that you are configure to do a NetBoot of all your client Macs? If so you may be able to do the above from the server.
PS: this new naming convention was changed sometime back in 10.2.x or 10.1.x but 10.5 is the first time that the OS enforce it. Therefore, it should not be problem if you want to rename the Keychain file for the other users (not on Leopard).
I hope this helps.
Regards,
-- Vinko
Thank you for using MacOSX.Com's free Mac support.
My name is Vinko and I will attempt to assist you.
I do not know the exact cause of your problem nor do I understand exactly what your issue is. May be you can clarify your "naming conventions issue" above.
But hearing that you have problems with only non-Tiger users; I presume that these other users are on Leopard. Makes me wonder if this problem of yours have something to do with the new Leopard KeyChain file naming convention, and Leopard's signing of all applications.
You may want to try correcting the KeyChain naming issue for one of your Leopard user to see if the problem can resolve itself.
The Leopard KeyChain file naming convention has to do with the fact that Leopard really likes to have the current active user's KeyChain file be named "login.keychain". Although, if your user's account was migrated over the years from previous Mac OS, it will have the naming convention, "
You need to correct the Leopard KeyChain naming issue from each of the users' Macintosh. To do so you can try the following steps:
1. From KeyChain Access you should see a list of Keychains. If you don't, you will have to show it by selecting "Show Keychains" menu item from the View menu.
2. Copy the content of the "login" keychain to the keychain with the short name.
3. Lock all keychains then quit KeyChain Access.
4. Ensure all applications are closed so none would be accessing any of the keychains.
5. Go to the Home directly of the user, Library --> Keychains.
6. Rename the "login.keychain" to something like "login.keychain.org"
7. Rename the
That should resolve the Leopard KeyChain Naming issue.
BTW: may I assume that you are configure to do a NetBoot of all your client Macs? If so you may be able to do the above from the server.
PS: this new naming convention was changed sometime back in 10.2.x or 10.1.x but 10.5 is the first time that the OS enforce it. Therefore, it should not be problem if you want to rename the Keychain file for the other users (not on Leopard).
I hope this helps.
Regards,
-- Vinko
Thank you for using MacOSX.Com's free Mac support.
casket88 - Nov 18, 2007 - 5:26 pm
Hi Vinko,
Thank you for your support and appologies for the delay in my response. I think I may not have clearly explained my problem and have now confused you. This is couple with the fact that the 'naming conventions' i used were not properly formatted when I submitted the post. I will try to explain our situation more clearly.
-----
We originaly had an XServe running Tiger. This had numerous services running on it including, but not limited to:
- Email
- DNS
- Windows Services
Through Workgroup manager we configured all the users in the company. This is so we could allow them to access the Internet and get email (as well as create a /home/ directory on the server for them). When I talk about naming conventions I talk about the short name aliases that reference their account in Workgroup Manager.
Say we are creating a user Henry Bloggs. The default shortname created by Workgroup manager is henrybloggs. This means that when I configure Henery's email account I will use the login name henrybloggs (and the respective password) to pull email down via POP3. As such Henry's email address is now henrybloggs@ourdomain.com.au.
When the system was first designed the CIO decided he didn't want the email address to be firstnamelastname@, but rather firstname.firstletteroflastname. In this case another short name would be created for Henry, his email address now became henryb@ourdomain.com.au. Old email clients are configured to use this 'naming convention'. This user now has two shortnames: henrybloggs and henryb. Both of these could be configured for email, but only henryb was.
For newer employees and system builds, Henry would have a third shortname created, henry.bloggs. As such his email address is now henry.bloggs@ourdomain.com.au
When the drive controller fialed in the XServe, we needed to hire a professional from Apple Australia to build up a temporary server with the exact same settings as the old server, and all data copied across (esentially it became a backup 'plug and play' box). Because this was a new installation Leopard was installed.
However, when copying across the user accounts from Workgroup Manager only henrybloggs came with it, the other two shortnames henryb and henry.bloggs did not. As you can imagine now henry cannot get email as even though email is working he is configured for short names that were not configured.
So we got the technician to configure all users for the other two short names. This should have allowed all the users, regardless of what their email address/short name was to start pulling down email. This was not the case. Even though the Email client (on either Windows or Linux) showed that it was properly authenticating to the alternate short names, email was not coming through.
So now even though Henry has all three short names: henrybloggs, henryb and henry.bloggs and all three authenticate against the Mac server fine for each of the short names - he can only pull mail down from the server when using henrybloggs. As you can imagine, as we have well north of 100 users on MULTIPLE operating systems, the time it is going to take for me to configure every single users email client to move from jack.smith@ or jacks@ to jacksmith@ is going to take days.
In relation to the mac users, they are all running TIGER. What is confusing is that their email client, regardless of what short name it is configured for will pull down mail for each of them. The Windows and Linux clients do not have the same luxury.
I hope I haven't confused you. Thank you for your ongoing support.
James
Thank you for your support and appologies for the delay in my response. I think I may not have clearly explained my problem and have now confused you. This is couple with the fact that the 'naming conventions' i used were not properly formatted when I submitted the post. I will try to explain our situation more clearly.
-----
We originaly had an XServe running Tiger. This had numerous services running on it including, but not limited to:
- DNS
- Windows Services
Through Workgroup manager we configured all the users in the company. This is so we could allow them to access the Internet and get email (as well as create a /home/ directory on the server for them). When I talk about naming conventions I talk about the short name aliases that reference their account in Workgroup Manager.
Say we are creating a user Henry Bloggs. The default shortname created by Workgroup manager is henrybloggs. This means that when I configure Henery's email account I will use the login name henrybloggs (and the respective password) to pull email down via POP3. As such Henry's email address is now henrybloggs@ourdomain.com.au.
When the system was first designed the CIO decided he didn't want the email address to be firstnamelastname@, but rather firstname.firstletteroflastname. In this case another short name would be created for Henry, his email address now became henryb@ourdomain.com.au. Old email clients are configured to use this 'naming convention'. This user now has two shortnames: henrybloggs and henryb. Both of these could be configured for email, but only henryb was.
For newer employees and system builds, Henry would have a third shortname created, henry.bloggs. As such his email address is now henry.bloggs@ourdomain.com.au
When the drive controller fialed in the XServe, we needed to hire a professional from Apple Australia to build up a temporary server with the exact same settings as the old server, and all data copied across (esentially it became a backup 'plug and play' box). Because this was a new installation Leopard was installed.
However, when copying across the user accounts from Workgroup Manager only henrybloggs came with it, the other two shortnames henryb and henry.bloggs did not. As you can imagine now henry cannot get email as even though email is working he is configured for short names that were not configured.
So we got the technician to configure all users for the other two short names. This should have allowed all the users, regardless of what their email address/short name was to start pulling down email. This was not the case. Even though the Email client (on either Windows or Linux) showed that it was properly authenticating to the alternate short names, email was not coming through.
So now even though Henry has all three short names: henrybloggs, henryb and henry.bloggs and all three authenticate against the Mac server fine for each of the short names - he can only pull mail down from the server when using henrybloggs. As you can imagine, as we have well north of 100 users on MULTIPLE operating systems, the time it is going to take for me to configure every single users email client to move from jack.smith@ or jacks@ to jacksmith@ is going to take days.
In relation to the mac users, they are all running TIGER. What is confusing is that their email client, regardless of what short name it is configured for will pull down mail for each of them. The Windows and Linux clients do not have the same luxury.
I hope I haven't confused you. Thank you for your ongoing support.
James
casket88 - Nov 18, 2007 - 7:36 pm
Hi Vinko,
Thank you for your support and appologies for the delay in my response. I think I may not have clearly explained my problem and have now confused you. This is couple with the fact that the 'naming conventions' i used were not properly formatted when I submitted the post. I will try to explain our situation more clearly.
-----
We originaly had an XServe running Tiger. This had numerous services running on it including, but not limited to:
- Email
- DNS
- Windows Services
Through Workgroup manager we configured all the users in the company. This is so we could allow them to access the Internet and get email (as well as create a /home/ directory on the server for them). When I talk about naming conventions I talk about the short name aliases that reference their account in Workgroup Manager.
Say we are creating a user Henry Bloggs. The default shortname created by Workgroup manager is henrybloggs. This means that when I configure Henery's email account I will use the login name henrybloggs (and the respective password) to pull email down via POP3. As such Henry's email address is now henrybloggs@ourdomain.com.au.
When the system was first designed the CIO decided he didn't want the email address to be firstnamelastname@, but rather firstname.firstletteroflastname. In this case another short name would be created for Henry, his email address now became henryb@ourdomain.com.au. Old email clients are configured to use this 'naming convention'. This user now has two shortnames: henrybloggs and henryb. Both of these could be configured for email, but only henryb was.
For newer employees and system builds, Henry would have a third shortname created, henry.bloggs. As such his email address is now henry.bloggs@ourdomain.com.au
When the drive controller fialed in the XServe, we needed to hire a professional from Apple Australia to build up a temporary server with the exact same settings as the old server, and all data copied across (esentially it became a backup 'plug and play' box). Because this was a new installation Leopard was installed.
However, when copying across the user accounts from Workgroup Manager only henrybloggs came with it, the other two shortnames henryb and henry.bloggs did not. As you can imagine now henry cannot get email as even though email is working he is configured for short names that were not configured.
So we got the technician to configure all users for the other two short names. This should have allowed all the users, regardless of what their email address/short name was to start pulling down email. This was not the case. Even though the Email client (on either Windows or Linux) showed that it was properly authenticating to the alternate short names, email was not coming through.
So now even though Henry has all three short names: henrybloggs, henryb and henry.bloggs and all three authenticate against the Mac server fine for each of the short names - he can only pull mail down from the server when using henrybloggs. As you can imagine, as we have well north of 100 users on MULTIPLE operating systems, the time it is going to take for me to configure every single users email client to move from jack.smith@ or jacks@ to jacksmith@ is going to take days.
In relation to the mac users, they are all running TIGER. What is confusing is that their email client, regardless of what short name it is configured for will pull down mail for each of them. The Windows and Linux clients do not have the same luxury.
I hope I haven't confused you. Thank you for your ongoing support.
James
Thank you for your support and appologies for the delay in my response. I think I may not have clearly explained my problem and have now confused you. This is couple with the fact that the 'naming conventions' i used were not properly formatted when I submitted the post. I will try to explain our situation more clearly.
-----
We originaly had an XServe running Tiger. This had numerous services running on it including, but not limited to:
- DNS
- Windows Services
Through Workgroup manager we configured all the users in the company. This is so we could allow them to access the Internet and get email (as well as create a /home/ directory on the server for them). When I talk about naming conventions I talk about the short name aliases that reference their account in Workgroup Manager.
Say we are creating a user Henry Bloggs. The default shortname created by Workgroup manager is henrybloggs. This means that when I configure Henery's email account I will use the login name henrybloggs (and the respective password) to pull email down via POP3. As such Henry's email address is now henrybloggs@ourdomain.com.au.
When the system was first designed the CIO decided he didn't want the email address to be firstnamelastname@, but rather firstname.firstletteroflastname. In this case another short name would be created for Henry, his email address now became henryb@ourdomain.com.au. Old email clients are configured to use this 'naming convention'. This user now has two shortnames: henrybloggs and henryb. Both of these could be configured for email, but only henryb was.
For newer employees and system builds, Henry would have a third shortname created, henry.bloggs. As such his email address is now henry.bloggs@ourdomain.com.au
When the drive controller fialed in the XServe, we needed to hire a professional from Apple Australia to build up a temporary server with the exact same settings as the old server, and all data copied across (esentially it became a backup 'plug and play' box). Because this was a new installation Leopard was installed.
However, when copying across the user accounts from Workgroup Manager only henrybloggs came with it, the other two shortnames henryb and henry.bloggs did not. As you can imagine now henry cannot get email as even though email is working he is configured for short names that were not configured.
So we got the technician to configure all users for the other two short names. This should have allowed all the users, regardless of what their email address/short name was to start pulling down email. This was not the case. Even though the Email client (on either Windows or Linux) showed that it was properly authenticating to the alternate short names, email was not coming through.
So now even though Henry has all three short names: henrybloggs, henryb and henry.bloggs and all three authenticate against the Mac server fine for each of the short names - he can only pull mail down from the server when using henrybloggs. As you can imagine, as we have well north of 100 users on MULTIPLE operating systems, the time it is going to take for me to configure every single users email client to move from jack.smith@ or jacks@ to jacksmith@ is going to take days.
In relation to the mac users, they are all running TIGER. What is confusing is that their email client, regardless of what short name it is configured for will pull down mail for each of them. The Windows and Linux clients do not have the same luxury.
I hope I haven't confused you. Thank you for your ongoing support.
James
TechSupport - Nov 21, 2007 - 7:40 pm
We apologize for not being able to resolve the issue you asked of us. It is the absolute worst case scenario for us to do this. In our review of why this happens, it generally is related to either the particular issue being addressed or frequently, incomplete or incorrect information provided. We hope by moving your request to the public forums that you will be able to get a solution without leaving you empty handed.
Your ticket has been closed with our support team. Your request has just been posted to Mac OS X System & Mac Software and is available for your viewing at:
http://macosx.com/forums/showthread.php?t=296610
Again, thank you for using Macosx.com. We hope you will consider using us again in the future.
Your ticket has been closed with our support team. Your request has just been posted to Mac OS X System & Mac Software and is available for your viewing at:
http://macosx.com/forums/showthread.php?t=296610
Again, thank you for using Macosx.com. We hope you will consider using us again in the future.
IF THIS IS YOUR QUESTION AND YOU WISH TO RESPOND, LOGIN HERE FIRST.
