krypted.com

Tiny Deathstars of Foulness

The command to create and tear down an Open Directory environment is slapconfig. When you disable Open Directory from the Server app you aren’t actually removing users. To do so, you’d use slapconfig along with the -destroyldapserver. When run, you get a little insight into what’s happening behind the scenes. This results in the following:

bash-3.2# slapconfig -destroyldapserver

Note: Currently the system is not working as intended on replicas. The replica will remove, but the Open Directory Master will not remove the replica from the Open Directory list. The process will fail in 10.12 and above. I’ve filed a radar on this. You can archive and restore the master and then rebuilt the Open Directory tree. The logs are as follows: 2016-09-08 04:17:58 +0000 slapconfig -destroyldapserver 2016-09-08 04:17:58 +0000 Deleting Cert Authority related data 2016-09-08 04:17:58 +0000 Removed directory at path /var/root/Library/Application Support/Certificate Authority/Krypted Open Directory Certificate Authority. 2016-09-08 04:17:58 +0000 command: /usr/sbin/xscertadmin add –reason 5 –issuer Krypted Open Directory Certificate Authority –serial 3449505949 2016-09-08 04:18:19 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd.plist 2016-09-08 04:18:19 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertd-helper.plist 2016-09-08 04:18:19 +0000 command: /bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.xscertadmin.plist 2016-09-08 04:18:19 +0000 Stopping LDAP server (slapd) 2016-09-08 04:18:20 +0000 Stopping password server 2016-09-08 04:18:24 +0000 Removed all service principals from keytab for realm OSXSERVER.KRYPTED.COM 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.001. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.002. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.003. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.004. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.005. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/__db.006. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/altSecurityIdentities.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-config-realname.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-generateduid.bdb. 2015-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-group-memberguid.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-group-nestedgroup.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-group-realname.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/apple-hwuuid.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/cn.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/DB_CONFIG. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/dn2id.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/entryCSN.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/entryUUID.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/gidNumber.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/givenName.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/id2entry.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/ipHostNumber.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/log.0000000001. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/macAddress.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/mail.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/memberUid.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/objectClass.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/ou.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/sn.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/uid.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/openldap-data/uidNumber.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.001. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.002. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.003. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.004. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.005. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/__db.006. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/alock. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/authGUID.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/DB_CONFIG. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/dn2id.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/draft-krbPrincipalAliases.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/draft-krbPrincipalName.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/entryCSN.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/entryUUID.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/id2entry.bdb. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/log.0000000001. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/openldap/authdata/objectClass.bdb. 2016-09-08 04:18:24 +0000 Removed directory at path /var/db/openldap/authdata. 2016-09-08 04:18:24 +0000 Removed file at path /etc/openldap/slapd_macosxserver.conf. 2016-09-08 04:18:24 +0000 Removed file at path /etc/openldap/slapd.conf. 2016-09-08 04:18:24 +0000 Removed file at path /etc/openldap/rootDSE.ldif. 2016-09-08 04:18:24 +0000 Removed file at path /var/db/dslocal/nodes/Default/groups/com.apple.access_dsproxy.plist. 2016-09-08 04:18:24 +0000 Removed directory at path /etc/openldap/slapd.d/cn=config. 2016-09-08 04:18:24 +0000 Removed file at path /etc/openldap/slapd.d/cn=config.ldif. 2016-09-08 04:18:24 +0000 Removed directory at path /etc/openldap/slapd.d. 2016-09-08 04:18:24 +0000 Removed directory at path /etc/openldap/slapd.d.backup/cn=config. 2016-09-08 04:18:24 +0000 Removed file at path /etc/openldap/slapd.d.backup/cn=config.ldif. 2016-09-08 04:18:24 +0000 Removed directory at path /etc/openldap/slapd.d.backup. 2016-09-08 04:18:27 +0000 Stopping password server 2016-09-08 04:18:27 +0000 Removed file at path /etc/ntp_opendirectory.conf. 2016-09-08 04:18:27 +0000 Removed file at path /Library/Preferences/com.apple.openldap.plist.

September 17th, 2016

Posted In: Mac OS X Server

Tags: , ,