Tag Archives: wgm

Better workaround when unable to authenticate to WGM in OS X

I oversee a large OpenLDAP / OpenDirectory network, and when implementing Apple’s OpenDirectory into the mix we came across some very stage errors and bugs. When dealing with OpenDirectory we found that it was not well documented and the fixes to a lot of our problems were to demote and promote or reboot. Both of these fail to explain why and introduce down time into the system, this was un acceptable. So one of our biggest pains was the authentication to the directory was not working via WGM or when attempting to do an authenticated bind. However when a restart was preformed (as was recommend by Apple) everything starting working correctly again. This seem to occur randomly with out any real concrete event causing it, after extensive review of our logs.

With further inspection I was able to craft a simple bash script which flushed out & restarted the services that were having the problems. This prevented downtime and was simple enough to schedule via launchd on our servers or to simple run it when needed. Now this is NOT a fix but a better work around then restarting the entire server or the ridiculous demote and promote of the server (If someone suggests this then they have no idea what they are talking about, you might as well as do a full reinstall).

Below the flushodm.sh script can be easily run to restore most normal server operations.

#!/bin/bash

# Author: Joseph J. Viscomi    E-Mail: jjviscomi [at] gmail [dot] com || jviscomi [at] brehm [dot] org
# Date: 3/23/2011
# Description: This script can be used to flush the state of OpenDirectory Service without
#              restarting the server. This should be run as root or using sudo.

# KILLS Directory Service Process - It will automatically restart.
dscacheutil -flushcache
kill -9 `ps ax | grep DirectoryService | grep -v grep | awk '{ print $1 }'`

# KILLS Password Service - It will automatically restart.
dscacheutil -flushcache
kill -9 `ps ax | grep /usr/sbin/PasswordService | grep -v grep | awk '{ print $1 }'`

# FLUSHES mDNSResponder
dscacheutil -flushcache
kill -HUP `ps ax | grep /usr/sbin/mDNSResponder | grep -v grep | awk '{ print $1}'`
dscacheutil -flushcache

#FORCE REPLICATION - JUST FOR GOOD MEASURE
slapconfig -replicatenow
Performance Optimization WordPress Plugins by W3 EDGE