When I try to remove a user in the Workgroup Manager on OS X Server 10.6.2, it looks as though the user is removed correctly at first. But when refreshing, the user pops right back into view without any error messages. I can change any attributes of the user, and my current workaround has simply been to disable the accounts that really should be removed.
The only log that seems to report anything at all when I do this is the LDAP Log, which makes sense, unfortunately it's a rather unhelpful message:
slapd[4937]: SASL [conn=22] Failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Key table entry not found)
I googled the error but couldn't really find a solution. Has anyone else seen this before and if so, how did you solve it?
Macke, I had a similar situation in MacOS X Server 10.5.x.
Use a tool like Carbon Copy Cloner and make a good backup of your server.
From the Terminal, run:
sudo changeip -checkhostname. If that comes back without issue then try Step 2. If not, repair the underlying issues with the servername/DNS issues.In ServerAdmin, in OpenDirectory, run a backup (Archive) of the OpenDirectory data. Save it somewhere safe. In fact make 2 copies. Then demote your OpenDirectory Master to a Standalone server. And then reboot. Now, promote it to an OpenDirectory Master. And reboot. And then Restore your OpenDirectory backup. And finally reboot once more.
That should do the trick hopefully
Your error log reminds me of something I encountered recently. Check your DNS settings; make sure forward and reverse lookups are correct. Next, disable SSL for LDAP. Logout of WGM, then back in. If the SASL error goes away, and you can use WGM as intended, then try adding back an SSL cert and see what happens.