• Netinfo/workgroup manager/password issue

    From Beth Platt@bplatt@emerson-school.org to comp.sys.mac.system on Tuesday, July 01, 2003 11:24:04
    From Newsgroup: comp.sys.mac.system

    Recently I have tried to get our 40+ OS X client lab machines to
    authenticate 400 users to the server on boot with Netinfo. The client side works flawlessly however, our netinfo database seemed to only be local (it
    was in /netinfo/root/servername). Therefore, nothing truly authenticated.
    The one administrative user in /netinfo/root authenticated just fine.

    Apple told me the solution was to export all the users from /netinfo/root/servername and import them into /netinfo/root. They said passwords would be lost. An inconvenience, but acceptable. I exported some users and imported them and by hand changed all their passwords to something simple. Clicking save, the passwords looked like they took, however upon
    trying to log into a client machine they would not accept the passwords, the client would only log in with a blank password. Any users created directly
    in /netinfo/root would work with passwords, and I could change their
    passwords as I saw fit through workgroup manager.

    I thought it was a permissions problem, so I repaired the permissions on the server, however the problem was still there. After working to no avail apple then suggested that I use the program passenger. Passenger would export the users with its own created and encrypted password, however once imported to /netinfo/root I could not change the password passenger gave it via
    workgroup manager. However, I could log into a client machine and change the password via "my account." this is not acceptable b/c people (and I'm
    talking 8 year olds) continually forget their password, so they couldn't log
    in to change it in the first place.

    Passenger support claims it is an OS X Workgroup manager problem. Apple then said our only option is to enter 400+ users by hand into /netinfo/root.
    However you cannot enter users into /netinfo/root unless you delete them in /netinfo/root/servername. Upon deleting them in the latter it will set their home folder's permissions to the administrator, meaning when I recreate them
    in /netinfo/root they cannot write to their home folder upon logging into
    the client. This would call for a whole lot of "chown."

    My question to you is has anyone gone through this before? Am I doing
    something horribly wrong? Apple said that 1) helping us move our db via
    command line tools, thus preserving the passwords is beyond the scope of
    their support and 2) please stop calling for help.

    If anyone has any help for me whatsoever, I would be appreciative. You may reply to this, or email me directly at bplatt@emerson-school.org.

    Thanks for your help,


    Beth

    --- Synchronet 3.18b-Win32 NewsLink 1.113