+ Post New Thread
Page 2 of 4 FirstFirst 1234 LastLast
Results 16 to 30 of 56
Mac Thread, Uncheck 'Force local home directory..' causes serious delays in Technical; Originally Posted by Rozzer I would look at how you are caching. I have enabled caching in a school to ...
  1. #16

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    10,047
    Thank Post
    3,579
    Thanked 1,119 Times in 1,024 Posts
    Rep Power
    377
    Quote Originally Posted by Rozzer View Post
    I would look at how you are caching. I have enabled caching in a school to the local machine and it made it worse than caching to the network drive. But as JR mentioned above maybe down to a large factor of things. It maybe worth setting up your image again from scratch. If all else fails get a consultant in. If you spend several days on fixing the issue and its still not done then get someone in. PM me if you want any info on help.

    Ross
    Any chance you have a guide on common things you do with issues like the one Sheridan has that you could pm me as well as pm'ing me what was done to resolve his issue if you manage to fix it ?

    Thanks @Rozzer !!!

  2. #17
    Rozzer's Avatar
    Join Date
    Aug 2005
    Location
    South West
    Posts
    720
    Thank Post
    21
    Thanked 81 Times in 61 Posts
    Rep Power
    34
    I will try and produce something and put it on my blog

  3. #18
    Rozzer's Avatar
    Join Date
    Aug 2005
    Location
    South West
    Posts
    720
    Thank Post
    21
    Thanked 81 Times in 61 Posts
    Rep Power
    34
    Just curious but I would remove the folder redirect with the manifest preferences and see if you see an improvement. I am working on a site Friday with a slowness issue with logins and general performance. I am going to setup a fresh image on them to see if it cures the issue they are having.

    Ross

    Quote Originally Posted by Sheridan View Post
    When you join the macs to the both open directory ( OS X Server ) and AD, I presume you are placing the AD domain first and the OS X ( open directory server ) 2nd in the list ( on both a mac connected to the same switch as the server and on a mac in the classroom or wherever they are )

    Yes - thats how we have them set up

    DNS Wise can you ping / nslookup / trace route to the server both by hostname and ip address without any issues

    DNS is working fine - checked using ping and dig both ways

    Also on each mac if you flush dns ( sudo dscacheutil -flushcache ) --> How to flush DNS cache in Mac OS X (Snow) Leopard « Marius van Witzenburg

    Then try the resolution of a few of the servers ( AD, OD ) both by name and ip address ?

    I've tried the flush as well - and resolution still working OK

    Also on a test AD standard user account ( on the home path , what is the UNC path like exactly ) ? Not sure how much difference this will make if any but I remember having worked at one school and the unc path was something along the lines of

    \\Server\users$\students\year_group\%username%

    Going from memory I think I shortened this to something like

    \\Server\users$\students\%username%

    OR

    \\Server\users$\%username%

    Our home directories are mapped very similar to your, ie. \\server\folder\username

    Also on both macs ( one from the classroom and one on the same switch as the server ) I presume

    * Date / Time and Time Zone are correct ( within aprox 10 or 15 mins max of the NTP Server or in comparison to your other servers )
    * DNS Servers are configured and in the search domain you at least have the relevant FQDN of your AD Domain ?

    All the Macs use our DC as their time server, which in itself is the time server for the domain so the clocks match exactly.

    Also, we only locally cache the tmp folder - which I understand is best for application performance.

  4. #19
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,435
    Thank Post
    129
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    The odd thing is its not slow logins or any kind of performance issue - everything works perfectly, apart from a random complete system hang (when even cmd+alt+esc won't even bring up the task manager)

    Once the 'hang' is over, everything works perfectly until the next time! I've had videos streaming whilst editing videos in Premiere with no performance issues, but I can have the system hang even with nothing running!
    Last edited by Sheridan; 16th May 2012 at 03:09 PM.

  5. #20

    Join Date
    May 2012
    Location
    Minnesota
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by Sheridan View Post
    Our Macs (10.6.8) are working nicely with AD - authenticating users and get preferences from our Mac server. But we still have the Directory Utility option 'Force local home directory on startup disk' checked, because when we uncheck this, it causes random and severe system hangs. You get the spinning wheel for anything from 30 seconds to 2 minutes and the whole system is hung - and won't respond to anything.

    Now, as we want to force our users to save their files to their AD home folder this is the only way we can do it. However I have tried everything I can think of and have run out of ideas. I've been trying to sort this since we got the Macs in over a year ago, running 10.6.5. We have also upgraded the Windows servers from 2003 to 2008 so thats also changed!

    So it points to OSX being the problem - question is, how can I find out what is causing these hangs? It happens on all of the Macs when this option is unchecked and renders them unusable until the option is rechecked as the 'hangs' can happen at any time, running any (or no) application and several times during a login session, there is no real pattern!

    A 4 pack of EduBeer for anyone who cracks this, I'm stuck now!
    We have been doing this for a couple of years now. For performance issues, we ended up going with the ExtremeZip solution.
    But before that and currently, we use the golden triangle setup AD for authentication and profile paths and OD for configurations settings for Mobile Sync accounts.
    For our setup on the AD side, we set their local account location, for windows roaming profiles and then set the drive mapping, for Mobile sync account location.
    \\server\share\%username%\Windows
    H: \\server\share\%username%
    On the mac client, we bind to AD with these settings:
    important to bind AD first as it is for authentication.
    User Experience tab, check use UNC path, set your protocol and check Default user shell (default setting)
    The rest is default. If we did not have an OD server to tell the apple computers to log in with a mobile sync account settings, all users would be a network account and create havok on our network.
    We then bind to our open directory master for the preferences that are set, such as sync rules.

    We set these up by using our AD groups.

    We have been using this method for a few years with great ease.

  6. #21
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,435
    Thank Post
    129
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    I wonder if its something to do with the share permissions on the servers. Currently each user accesses their home folder via the share \\server\yeargroup\username and the Yeargroup is the Shared folder. They then have Modify rights on their own folder and subfolders.

    Its difficult to pin down as it happens so randomly - you can have 3 in a row,none for an hour and so on!

  7. #22

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    10,047
    Thank Post
    3,579
    Thanked 1,119 Times in 1,024 Posts
    Rep Power
    377
    Quote Originally Posted by Sheridan View Post
    I wonder if its something to do with the share permissions on the servers. Currently each user accesses their home folder via the share \\server\yeargroup\username and the Yeargroup is the Shared folder. They then have Modify rights on their own folder and subfolders.

    Its difficult to pin down as it happens so randomly - you can have 3 in a row,none for an hour and so on!
    So if you create a dummy AD account with a dummy user area ( and give the dummy user area full access rights ) does that make any difference??

  8. #23
    JR-PCS's Avatar
    Join Date
    Apr 2012
    Posts
    91
    Thank Post
    3
    Thanked 19 Times in 18 Posts
    Rep Power
    12
    My suggestion, and just to clarify I make a living out of fixing AD integration issues like this every day of the week for the past 8 years, would be to work off my earlier list. I would be totally shocked if it isn't one of them.

  9. #24

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,192
    Thank Post
    300
    Thanked 215 Times in 185 Posts
    Rep Power
    57
    Is the domain name pushed out via dhcp and entered in the Search Domains? If so is it also listed in the proxy exceptions list? I have seen this when someone was using a .local domain and if the domain name was not listed under the exceptions then the client would keep trying to go outbound to the web.

    Also what version of Server are you running. I had massive issues with 10.5.8 and AFP shares. The service was maxing out at 100%. After upgrading to 10.6 the service never got past 65% under the same load. There was an issue with the threads being held open in 10.5.8 server causing the cpu to max out and causing slow down.

    If you haven't, move the Safari cache to a tmp location (although 5.1.7 seems to handle this better now), and any other areas that hit the network home dir regularly, such as the logs. These can get written to constantly. Also check the logs to see if there is any software writing to the logs repeatedly in short space of time. This coupled with the logs being stored in the networked home dirs could cause an issue.

    Also forwarding DNS address. I had login issues as I was using an incorrect DNS forwarding address. Everything worked as expected, just really slowly.

  10. #25
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,435
    Thank Post
    129
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    I've tried with a 'blank' account and it does the same thing. All the Macs are 10.6.8 and so is the server, although the users don't have and afp shares on the server as they use their smb shares on the Windows server.

    Its a fundamental issue with osx for us - no matter what misconfiguration there is (and I'm yet to find it!) the fact the system locks out completely is a pretty poor showing - you can't even get the Force Quit dialogue up or run Activity monitor.

    Its also quite tricky to go through this - I've been checking suggestions posted on here (thanks to all!) but as its so random whenever I think it may be working I get a lock out all of a sudden...grrrrrrr

  11. #26

    Join Date
    May 2006
    Location
    West Bromwich
    Posts
    2,192
    Thank Post
    300
    Thanked 215 Times in 185 Posts
    Rep Power
    57
    Have you been able to rule out any network drop-outs? I know that if OS X is running using networked based accounts that if the network disconnects for long enough then the clients will crash causing the issues that you see. Occasionally if the network comes back up in time the client may be able to restore functionality. If off long enough, the client will just freeze. Maybe the connection to the SMB share is dropping out causing the clients to freeze. Finder is unresponsive as soon as network connectivity is lost. Local home dirs would not be affected like this so would not show the symptoms even if the home dir is mounted. This may disappear but it wouldn't cause the system to crash.

    OS X is notoriously bad when used on a networked account as it doesn't download a copy like Windows does. It runs right from the server, hence the reason to redirect any folders that could be written to frequently.

    You could maybe open up an SSH tunnel to a client and then run a tail on the logs to see what is happening. If the network connection does drop-out your connection may be lost as a result and then you would know what the cause is.

  12. #27

    Join Date
    Jan 2007
    Location
    The Console
    Posts
    236
    Thank Post
    22
    Thanked 29 Times in 23 Posts
    Rep Power
    23
    This is odd. We run a couple of hundred Macs, authenticating against AD with files stored on OSX server shared over AFP with 10.6.8 on the client and server. We redirect all cashes to the local machine. Your problem is reminiscent of how we first had things under 10.4 with NO redirection. There has to be some sort of network problem here, either name resolution or caching.

    You could set your Macs to have portable home directories - similar to Windows where it downloads a copy rather than running off the network.

    How many clients connect before things start to go wrong, by the way?

  13. #28
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,435
    Thank Post
    129
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    Theres 15 macs in the room - on the same network segment as maybe another dozen windows PCs. The problems can occur when only one Mac is in use and no Windows machines in use at all. I've tried moving to a difference network segment and switch but the problem can still occur.

    Its exactly as Hodgehi describes - I'll have to see if I can get one to hang regularly so I can test it in the hung state. Easier said than done with it being so variable when it happens.

  14. #29
    Sheridan's Avatar
    Join Date
    Oct 2010
    Posts
    1,435
    Thank Post
    129
    Thanked 109 Times in 73 Posts
    Rep Power
    33
    I'm going to try and do a fresh blank installation using a 10.6.8 image (I've just realised that the original disk was 10.6.5 and updates added to that)

    But where can I get a download for a full 10.6.8 install?, I can't find it on Apple site anywhere, just the update.

    I've also noticed an error today that doesn't seem to coincide with the 'hanging' but is relating to AD:

    Code:
    gssd[2194] Major error = 851968: Unspecified GSS failure. Minor code may provide more information
    gssd[2194] Minor error = 100006:
    DirectoryService[15]   GSSAPI Error: Unspecified GSS failure Minor code may provide more information (Server not found in Kerberos database)
    Does that error mean anything to anyone?
    Last edited by Sheridan; 29th May 2012 at 10:51 AM.

  15. #30
    JR-PCS's Avatar
    Join Date
    Apr 2012
    Posts
    91
    Thank Post
    3
    Thanked 19 Times in 18 Posts
    Rep Power
    12
    There is not a full 10.6.8 installer that I'm aware of. You will need to use your 10.6.5 disk and update if you want a 10.6.8 image.

  16. Thanks to JR-PCS from:

    Sheridan (29th May 2012)



SHARE:
+ Post New Thread
Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. Force local homes
    By _Bat_ in forum Mac
    Replies: 3
    Last Post: 26th October 2011, 11:46 AM
  2. Replies: 0
    Last Post: 24th May 2011, 03:44 PM
  3. Replies: 12
    Last Post: 6th May 2010, 10:33 AM
  4. Replies: 19
    Last Post: 20th June 2006, 04:53 PM
  5. Replies: 9
    Last Post: 16th June 2006, 10:28 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •