NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
afp connection rejected: (bad user/pass) afp log: "too many"
I just solved my own problem, but not without a lot of frustration and head-banging.
Here was the post I was writing (eg in the *present* tense) to describe the situation:
On my macbook pro, running OS X 10.5.8, every time it tries to log into my new ReadyNAS NV+:
I'm mostly trying command-K, "connect to Server"; no dice. "Invalid username or password."
Left sidebar sees it, but if I click on it, I get 'connection failed' or whatever.
Here is a log file from Console.app:
The afp daemon log on 'turbot' (readynas NV+) as I'm being rejected from logging in:
I have an older NV+ to which I can do afp connections just fine. Both are running 4.1.6.
I can log into the new one (turbot) with CIFS with no problems.
I cannot log into the new NAS via afp with other user credentials on the NAS.
I cannot log into the new NAS via afp from other macs.
On the old NAS (specialdisk) the process descriptor looks like this:
On the new NAS (turbot) the process descriptor looks like this:
Oho.
(I have not made any changes to any config files yet; I'm just studying file contents.)
Hmm, looks like -c is the culprit. Looking further:
They look identical to me (same checksum), permissions look the same on the enclosing directories and on the conf files themselves, etc.
I feel like I'm not looking in the right place for the config, or that part of the conf is coming from somewhere else...
Let's look at /etc/init.d/netatalk: both files are identical in size, same checksum, same perms.
Oh wait, reading is fundamental, it references /etc/default/netatalk:
And on my old one, that file has stuff in it. On the new one, it existed, but was empty.
Copied contents of one to the other, rebooted, it works wonderfully.
The new NAS came with 4.1.5 and I upgraded it to 4.1.6 right away, FWIW.
Maybe this post will help someone else out there who runs into the same problem.
Here was the post I was writing (eg in the *present* tense) to describe the situation:
On my macbook pro, running OS X 10.5.8, every time it tries to log into my new ReadyNAS NV+:
I'm mostly trying command-K, "connect to Server"; no dice. "Invalid username or password."
Left sidebar sees it, but if I click on it, I get 'connection failed' or whatever.
Here is a log file from Console.app:
9/17/09 7:46:22 PM kernel ASP_TCP CancelOneRequest: cancelling slot 1 error 89 reqID 2 flags 0x9 afpCmd 0x3F so 0x8c00000
9/17/09 7:46:22 PM kernel ASP_TCP CancelOneRequest: cancelling slot 1 error 89 reqID 2 flags 0x9 afpCmd 0x3F so 0x8c00000
9/17/09 7:47:14 PM kernel ASP_TCP CancelOneRequest: cancelling slot 1 error 89 reqID 2 flags 0x9 afpCmd 0x3F so 0x909a4c8
The afp daemon log on 'turbot' (readynas NV+) as I'm being rejected from logging in:
turbot:/var/log# tail -f netatalk.log
Sep 17 20:01:54 afpd[1277][server_child.c:390]: I:Default: server_child[1] 1308 exited 1
Sep 17 20:01:55 afpd[1310][dsi_tcp.c:208]: I:Default: ASIP session:548(6) from 192.168.1.70:50062(8)
Sep 17 20:01:55 afpd[1277][server_child.c:390]: I:Default: server_child[1] 1309 exited 1
Sep 17 20:01:55 afpd[1277][server_child.c:393]: I:Default: server_child[1] 1310 done
Sep 17 20:01:56 afpd[1277][server_child.c:390]: I:Default: server_child[1] 1312 exited 1
Sep 17 20:01:56 afpd[1313][dsi_tcp.c:208]: I:Default: ASIP session:548(6) from 192.168.1.70:50066(8)
Sep 17 20:01:56 afpd[1277][server_child.c:393]: I:Default: server_child[1] 1313 done
Sep 17 20:01:56 afpd[1314][dsi_tcp.c:208]: I:Default: ASIP session:548(6) from 192.168.1.70:50067(8)
Sep 17 20:01:56 afpd[1314][dsi_getsess.c:91]: I:Default: dsi_getsess: too many connections
Sep 17 20:01:56 afpd[1277][server_child.c:390]: I:Default: server_child[1] 1314 exited 1
I have an older NV+ to which I can do afp connections just fine. Both are running 4.1.6.
I can log into the new one (turbot) with CIFS with no problems.
I cannot log into the new NAS via afp with other user credentials on the NAS.
I cannot log into the new NAS via afp from other macs.
On the old NAS (specialdisk) the process descriptor looks like this:
root 1579 0.0 0.2 7840 2432 ? S Sep13 0:00 /usr/sbin/afpd -U uams_dhx.so,uams_clrtxt.so,uams_guest.so -c 50 -n specialdisk
On the new NAS (turbot) the process descriptor looks like this:
root 1277 0.0 0.2 7840 2432 ? S 19:58 0:00 /usr/sbin/afpd -c -n
Oho.
(I have not made any changes to any config files yet; I'm just studying file contents.)
Hmm, looks like -c is the culprit. Looking further:
specialdisk:/etc/netatalk# tail -1 afpd.conf
- -uamlist uams_clrtxt.so,uams_dhx.so,uams_guest.so -nosavepassword -unixcodepage UTF8 -maccodepage MAC_ROMAN
turbot:/etc/netatalk# tail -1 afpd.conf
- -uamlist uams_clrtxt.so,uams_dhx.so,uams_guest.so -nosavepassword -unixcodepage UTF8 -maccodepage MAC_ROMAN
They look identical to me (same checksum), permissions look the same on the enclosing directories and on the conf files themselves, etc.
I feel like I'm not looking in the right place for the config, or that part of the conf is coming from somewhere else...
Let's look at /etc/init.d/netatalk: both files are identical in size, same checksum, same perms.
Oh wait, reading is fundamental, it references /etc/default/netatalk:
# Set defaults. Please change these options in /etc/default/netatalk.
AFPD_UAMLIST="-U uams_dhx.so,uams_clrtxt.so,uams_randnum.so"
AFPD_GUEST=nobody
AFPD_MAX_CLIENTS=50
ATALK_ZONE=
ATALK_NAME=`/bin/hostname --short`
ATALK_BGROUND=no
# Read in netatalk configuration.
if [ -f /etc/default/netatalk ]; then
. /etc/default/netatalk
fi
And on my old one, that file has stuff in it. On the new one, it existed, but was empty.
Copied contents of one to the other, rebooted, it works wonderfully.
The new NAS came with 4.1.5 and I upgraded it to 4.1.6 right away, FWIW.
Maybe this post will help someone else out there who runs into the same problem.
16 Replies
Replies have been turned off for this discussion
- Hi,
I run in the same problem.
I can't get into the nas via AFP.
My /etc/default/netatalk is empty.
Can you post the content of the correct
/etc/default/netatalk
please?
Thank you
Massimiliano thom wrote: I just solved my own problem, but not without a lot of frustration and head-banging.
...
Maybe this post will help someone else out there who runs into the same problem.
@thom: Thank you very much: your post really helped me! I've been frustrated by the same problem for a while, and now it's solved.
That's really cool of you to take the time and post the solution.
@merlino73: I found that the following worked:
1. Use Frontview to stop AFP
2. ssh into your ReadyNAS
3. confirm that /etc/default/netatalk is empty - if not and you're having this same problem, you should definitely make a backup of the existing file before making any changes.
4. if /etc/default/netatalk is empty;
5. vi /etc/default/netatalk and paste in the text in the "Code" section below:
# Set defaults. Please change these options in /etc/default/netatalk.
AFPD_UAMLIST="-U uams_dhx.so,uams_clrtxt.so,uams_randnum.so"
AFPD_GUEST=nobody
AFPD_MAX_CLIENTS=50
ATALK_ZONE=
ATALK_NAME=`/bin/hostname --short`
ATALK_BGROUND=no
6. Use Frontview to start AFP - you should see your shares appear and they should be accessible.
Now, I doubt this is "officially supported", but it worked for me. Of course, you should know what you're doing if you're ssh'ing into your NAS.
I tested by shutting down AFP, creating an empty /etc/default/netatalk, starting AFP, and was back to the problem state. Following the procedure above restored AFP access to my ReadyNAS.
Thanks again, thom!!- Thank you thom and jameselee.
I finally solved. :D
Massimiliano - Genius. I have been banging my head against this for hours.
My /etc/default/netatalk was also empty, and I could not connect over afp:// (for timemachine), so I followed your instructions, pasted the magic voodoo words into the empty file and voila! It now works like a charm.
No idea what has been zeroing out that file, though. This system used to work, and I've not messed with it until just now when my timemachine login failed. Something for the boys at Netgear to look into.
Anyway, Kudos to thom & jameselee!
BTW, I'm not clear why the defaults have to be here as well as in /etc/init.d/netatalk. But it works! - Thank you. Thank you. Thank you!
I've been suffering with this since I upgraded to SL. I thought it was part of the AFP/SL/NV borkage. Never sat down to truly look at it but today for some reason I decided to start looking at the logs. Lo and behold I found my answer in less than 5 minutes.
Time machine is cranking away and everything is right with the world (at least for now). - Hi, I cannot connect to AFP all of a sudden either. These are the contents of my /etc/default/netatalk:
<Directory "/home/ftp/Toshiba">
HideFiles none
<Limit WRITE READ>
Order deny,allow
Allow from all
</Limit>
UserOwner root
GroupOwner root
</Directory>
Is this normal?
Tahnks. Tobermory wrote: Hi, I cannot connect to AFP all of a sudden either. These are the contents of my /etc/default/netatalk: <Directory "/home/ftp/Toshiba">
HideFiles none
<Limit WRITE READ>
Order deny,allow
Allow from all
</Limit>
UserOwner root
GroupOwner root
</Directory>
Is this normal?
Tahnks.
No - absolutely not. This is configuration data for the FTP server. Try the fix mentioned abovesphardy wrote: Tobermory wrote: Hi, I cannot connect to AFP all of a sudden either. These are the contents of my /etc/default/netatalk: <Directory "/home/ftp/Toshiba">
HideFiles none
<Limit WRITE READ>
Order deny,allow
Allow from all
</Limit>
UserOwner root
GroupOwner root
</Directory>
Is this normal?
Tahnks.
No - absolutely not. This is configuration data for the FTP server. Try the fix mentioned above
Thankyou, that has resolved the problem and AFP is now working. I was unable to paste the # symbol into the file using vi and I got a comment at the bottom of the screen saying '# not implemented'. I understand this is just a comment line so deleted it.
All of these problems have appeared since I tried to add a new disk which turned out to have SMART issues. I have also recently opened up FTP access from the internet. Could any of these things have caused the errors and should I be aware of anything else - just in case?
Thanks for the support. Quicker than Netgear's response!- I really don't know what could cause this - the file you refer to is a system setup file for AFP access, is not typically user accessible, and should never be, or need to be, changed. So why it should be truncated/deleted/modified is a mystery to me. Even adding a hard disk should not cause this.
Needs the netgear dev's to investigate - Indeed. I have pointed them to this thread so hopefully they will take a look. Thanks again.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
