I booted up my Leopard server yesterday to discover that my directory administrator account — that’s the one used to authenticate to /LDAP/127.0.0.1 in Workgroup Manager — appeared to be broken. It looked as if I was locked out, as if I had forgotten my password. I knew that I hadn’t forgotten my password, and I verified that by logging into the directory using ldapsearch. However, Workgroup Manager insisted, “login information not valid for this server”.

I worked on it for awhile, sifting through log files and Googling for answers, but ran out of time for the evening: I was almost late for American Gangster. To my surprise, when I booted up Leopard server today, it worked. To confirm my sanity, I rebooted again: this time, no dice. So there was some kind of random failure happening. After some hunting around, I noticed a single entry in slapd.log:

slapd[40]: SASL [conn=9] Failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Decrypt integrity check failed)

(more…)

Picking up where the last article left off, this article looks at setting up the mail service in Leopard, including migrating mail data from Tiger.

Configuring the Mail Service

In the Server Admin application, I jumped right to the Settings part of the Mail section and filled out things appropriately. In the “Domain name” field I entered the fully qualified domain name of the server in its role as a mail server; this is the same address that is in the MX records in DNS. For example, “mail.netmojo.ca”.

The “Host name” field contains the fully qualified domain name of the server itself. “leopardserver.netmojo.ca”, for example.

(more…)

In Part One, I described the installation of Mac OS X Server 10.5, and the migration of settings from my old 10.4 Server to the new one, for a couple of services. In this article, I’ll go through the importing of user accounts and data from 10.4 (Tiger) to 10.5 (Leopard).

Migrating User Accounts From LDAP

The method that Apple recommends in their Upgrading and Migrating manual is to select user accounts in Workgroup Manager (WGM), and choose Export from Server menu. This creates a comma-delimited text file of your user account data which can be imported with WGM in Leopard. However, the passwords are left out of the export.

Note: The method I describe below is the hard way. Please see the comments after the article for a discussion on the easy way: use OD’s backup & restore capability. If the new server has different DNS and IP address settings, there are special steps, as discussed in the comments.

(more…)