[hscherrer]

When switching the OpenDirectory role from "Standalone Server" to "Open Directory Master" (ldap), an administrators short name and password has to be entered. The manual says that this account from the local NetInfo database is used to create the initial administrator for the ldap data base. I can do this and the role successfully changes to "Open Directory Master".

When going to Workgroup Manager, the line below the toolbar shows the active directory. I can switch to "/LDAPv3/127.0.0.1", the lock on the right end of this line is closed, there are no users in the list. When I want to unlock the directory by clicking the lock, I get a screen asking for User Name and Password. I expect to enter the administrator name and password I have selected when switching the role. But this - and every other user I have tryed - is not accepted.

OS X Server 10.3 has been installed several times and been updated to 10.3.4.

I think I do not understand something correctly - it's so essential!

Thanks for any help provided.

[hscherrer]

I found following thread in the Apple forum about this issue:

http://discussions.info.apple.com/webx?128@@.599c058d

This seems to be a real issue and not only a dummy user problem...

[sbjordal]

Originally posted by hscherrer:
When switching the OpenDirectory role from "Standalone Server" to "Open Directory Master" (ldap), an administrators short name and password has to be entered. The manual says that this account from the local NetInfo database is used to create the initial administrator for the ldap data base. I can do this and the role successfully changes to "Open Directory Master".

When going to Workgroup Manager, the line below the toolbar shows the active directory. I can switch to "/LDAPv3/127.0.0.1", the lock on the right end of this line is closed, there are no users in the list. When I want to unlock the directory by clicking the lock, I get a screen asking for User Name and Password. I expect to enter the administrator name and password I have selected when switching the role. But this - and every other user I have tryed - is not accepted.

OS X Server 10.3 has been installed several times and been updated to 10.3.4.

I think I do not understand something correctly - it's so essential!

Thanks for any help provided.

Did you restart after changing to OD Master?
Also, I have seen, after setting up 20 replicas, that it takes time for the authentication service to fully work. It's prob. due to replication, but I have seen that some stuff does not work until the next day. Especially Kerberos related services. I am wondering if there are some Cron scripts running at night that completes the conversion from Stand Alone to OD master or replica.

[hscherrer]

I found a note in a book dealing with setting up OS X Server (I have translated the text from German - excuse my English):

-------
One of the most important aspects of setting up network services is the adress resolution of IP adresses. This is done preferably by a DNS server. If the network, to which the system is connected, does not have a DNS server, Mac OS X must supply this service. Otherwise it is not guaranteed that most of the services operate properly.
The most important step when setting up an OS X Server is to check availability of a DNS server. If it is not available do not use Directory Master - it will not work.
-------

So far I did not activate DNS server but have used explicit IP addresses. Do you have any experiance if a missing DNS server gives problems with Directory Master mode?