Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Request: 10.13 APFS formatted - how is Disk Utility reporting your layout please?
475 views
Skip to first unread message
Ian McCall
Sep 30, 2017, 12:52:50 PM9/30/17
to
Mine is:
APPLE SSD AP0512H Media
> Container disk1
> Macintosh HD
Can you please let me know what your layout looks like?
Context:
Have been on with Apple support about my problem not enabling
filevault. The tech consiered that layout to be unusual and the
probable cause. I'm not so sure, I think it's the remnants of the old
iCloud password account;
error 16:39:36.162143 +0100 opendirectoryd Successful verification
using Shadowhash but failed SecureToken (out-of-sync)
default 16:39:36.165329 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
default 16:39:36.182921 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
error 16:39:38.376477 +0100 opendirectoryd Successful verification
using Shadowhash but failed SecureToken (out-of-sync)
default 16:39:38.378020 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
default 16:39:38.525193 +0100 opendirectoryd getpwuid failed with
result Not Found
default 16:39:38.718900 +0100 opendirectoryd getpwuid failed with
result Not Found
error 16:39:40.596598 +0100 opendirectoryd Failed to rewrap token for
EC1C2AD9-B618-4ED6-BD8D-50F361C27507 size 154 - [-536870194: Unknown
error: -536870194]
default 16:39:40.597189 +0100 opendirectoryd ODNodeCustomFunction
failed with result ODErrorCredentialsOperationFailed
default 16:39:40.597401
+0100 com.apple.preference.security.remoteservice setSecureTokenRecoveryCloud
error Error Domain=com.apple.OpenDirectory Code=5103 "Authentication
server failed to complete the requested operation."
UserInfo={NSLocalizedDescription=Authentication server failed to
complete the requested operation.,
NSLocalizedFailureReason=Authentication server failed to complete the
requested operation.}
See 'Authentication server failed to coplete the requested operation"?
That's what I see as the error dialog when I try to switch on filvault.
Cheers,
Ian
--
Check out Proto the album: <http://studioicm.com/proto/>
APPLE SSD AP0512H Media
> Container disk1
> Macintosh HD
Can you please let me know what your layout looks like?
Context:
Have been on with Apple support about my problem not enabling
filevault. The tech consiered that layout to be unusual and the
probable cause. I'm not so sure, I think it's the remnants of the old
iCloud password account;
error 16:39:36.162143 +0100 opendirectoryd Successful verification
using Shadowhash but failed SecureToken (out-of-sync)
default 16:39:36.165329 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
default 16:39:36.182921 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
error 16:39:38.376477 +0100 opendirectoryd Successful verification
using Shadowhash but failed SecureToken (out-of-sync)
default 16:39:38.378020 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
default 16:39:38.525193 +0100 opendirectoryd getpwuid failed with
result Not Found
default 16:39:38.718900 +0100 opendirectoryd getpwuid failed with
result Not Found
error 16:39:40.596598 +0100 opendirectoryd Failed to rewrap token for
EC1C2AD9-B618-4ED6-BD8D-50F361C27507 size 154 - [-536870194: Unknown
error: -536870194]
default 16:39:40.597189 +0100 opendirectoryd ODNodeCustomFunction
failed with result ODErrorCredentialsOperationFailed
default 16:39:40.597401
+0100 com.apple.preference.security.remoteservice setSecureTokenRecoveryCloud
error Error Domain=com.apple.OpenDirectory Code=5103 "Authentication
server failed to complete the requested operation."
UserInfo={NSLocalizedDescription=Authentication server failed to
complete the requested operation.,
NSLocalizedFailureReason=Authentication server failed to complete the
requested operation.}
See 'Authentication server failed to coplete the requested operation"?
That's what I see as the error dialog when I try to switch on filvault.
Cheers,
Ian
--
Check out Proto the album: <http://studioicm.com/proto/>
Jaimie Vandenbergh
Sep 30, 2017, 1:39:38 PM9/30/17
to
On Sat, 30 Sep 2017 17:52:47 +0100, Ian McCall <i...@eruvia.org> wrote:
>Mine is:
>
>APPLE SSD AP0512H Media
> > Container disk1
> > Macintosh HD
>
>Can you please let me know what your layout looks like?
Same. However, the GUI DU lies about all sorts of things, and that's
>Mine is:
>
>APPLE SSD AP0512H Media
> > Container disk1
> > Macintosh HD
>
>Can you please let me know what your layout looks like?
probably not particularly useful info.
Try 'diskutil list' instead, and this is an example of a standard APFS
layout:
>Anaximander:~ jaimie$ diskutil list
>/dev/disk0 (internal, physical):
> #: TYPE NAME SIZE IDENTIFIER
> 0: GUID_partition_scheme *1.0 TB disk0
> 1: EFI EFI 209.7 MB disk0s1
> 2: Apple_APFS Container disk1 999.3 GB disk0s2
> 3: Apple_KernelCoreDump 655.4 MB disk0s3
>
>/dev/disk1 (synthesized):
> #: TYPE NAME SIZE IDENTIFIER
> 0: APFS Container Scheme - +999.3 GB disk1
> Physical Store disk0s2
> 1: APFS Volume iMac HD 846.1 GB disk1s1
> 2: APFS Volume Preboot 47.1 MB disk1s2
> 3: APFS Volume Recovery 520.2 MB disk1s3
> 4: APFS Volume VM 24.6 KB disk1s4
Being daft I didn't open Console until after kicking off the encryption,
but I did get there early enough to see these:
default 18:35:17.478109 +0100 opendirectoryd AuthenticationAllowed:
Evaluation result for record "<private>", record type "<private>":
Success
default 18:35:17.489248 +0100 opendirectoryd AuthenticationAllowed:
Success
Evaluation result for record "<private>", record type "<private>":
Success
default 18:35:39.582812 +0100 opendirectoryd getpwuid failed with
Success
result Not Found
default 18:35:39.601488 +0100 opendirectoryd getpwuid failed with
result Not Found
followed by more success and not found. So those seem to be expected. No
credential issues reports.
When you go through the "enable filevault" procedure, theres a pane for
"each of these users must enter their passwords now in order for them to
be able to unlock the disk". Have you tried creating/using one of the
other users to do this bit, and not add your own to the list? I think
you'd need to run the Enable FV from another user.
Out of interest I put in a wrong password for one of those, and that
reports
fault 18:38:35.922974 +0100 opendirectoryd Authentication failed
for <private> with ODErrorCredentialsInvalid
default 18:38:35.923262 +0100 opendirectoryd ODRecordVerifyPassword
failed with result ODErrorCredentialsInvalid
Not sure if that's any use for you, but there we go.
Cheers - Jaimie
--
If you are not paying for it, you're not the customer; you're the product being sold.
-- blue_beetle
Richard Tobin
Sep 30, 2017, 1:55:02 PM9/30/17
to
In article <f3a0f0...@mid.individual.net>,
Container disk1
Macintosh HD
-- Richard
Ian McCall <i...@eruvia.org> wrote:
>Mine is:
>
>APPLE SSD AP0512H Media
> > Container disk1
> > Macintosh HD
>
>Can you please let me know what your layout looks like?
Crucial_CT512MX100SSD1 Media
>Mine is:
>
>APPLE SSD AP0512H Media
> > Container disk1
> > Macintosh HD
>
>Can you please let me know what your layout looks like?
Container disk1
Macintosh HD
-- Richard
Ian McCall
Sep 30, 2017, 2:00:02 PM9/30/17
to
not quite expecting the changes that APFS brought as yet.
I did say I thought it was normal for APFS to go
disk->contained->volume, but also added that I have a sample size of 1
so no real experience of it.
Ian McCall
Sep 30, 2017, 3:05:32 PM9/30/17
to
On 2017-09-30 17:39:35 +0000, Jaimie Vandenbergh
/dev/disk0 (internal):
1: EFI EFI 314.6 MB disk0s1
2: Apple_APFS Container disk1 499.3 GB disk0s2
/dev/disk1 (synthesized):
#: TYPE NAME SIZE IDENTIFIER
0: APFS Container Scheme - +499.3 GB disk1
Physical Store disk0s2
1: APFS Volume Macintosh HD 442.5 GB disk1s1
2: APFS Volume Preboot 20.0 MB disk1s2
3: APFS Volume Recovery 520.0 MB disk1s3
4: APFS Volume VM 1.1 GB disk1s4
/dev/disk2 (disk image):
1: EFI EFI 209.7 MB disk2s1
2: Apple_HFS Time Machine Backups 3.3 TB disk2s2
So essentially the same, though interestng there's no Apple_KernelCoreDump
> <snip>
> When you go through the "enable filevault" procedure, theres a pane for
> "each of these users must enter their passwords now in order for them to
> be able to unlock the disk". Have you tried creating/using one of the
> other users to do this bit, and not add your own to the list? I think
> you'd need to run the Enable FV from another user.
Yes - The following users weren’t allowed to unlock this disk because
an unknown error occurred: test. If I try from the user test itself, I
get:
"Authentication server refused operation because the current
credentials are not authorized for the requested operation".
>
> Out of interest I put in a wrong password for one of those, and that
> reports
>
> fault 18:38:35.922974 +0100 opendirectoryd Authentication failed
> for <private> with ODErrorCredentialsInvalid
> default 18:38:35.923262 +0100 opendirectoryd ODRecordVerifyPassword
> failed with result ODErrorCredentialsInvalid
>
> Not sure if that's any use for you, but there we go.
Here's what I -think- has happened, but can't prove:
- My iCloud account goverened all of it under Sierra - filevault,
login password - everything
- Apple revoked that ability a year ago but didn't affect running
installations
- on upgrade, I was asked to set a different password to my iCloud one
- I set a temp one
- I then went in and set a new user password - got loads of keychain
errors about local items
- eventually worked, but I needed the origial 'different' password,
not the one I set later, when booting
- I tried to update filevault so I could use same password for both -
I disabled filevault
- nearly a week later, I went to turn it back on again expectig it to
ask for my newer password
- it didn't, and in fact can't proceed.
I think it's got confused and has the hash either of my iCloud password
or of the original one I was forced to reset. I think because it sees
the account names as the same it -thinks- it's up to date, but in
reality it's out of sync.
I think I'm screwed and need a full reinstall.
Damn.
<jai...@sometimes.sessile.org> said:
> On Sat, 30 Sep 2017 17:52:47 +0100, Ian McCall <i...@eruvia.org> wrote:
>
>> Mine is:
>>
>> APPLE SSD AP0512H Media
>>> Container disk1
>>> Macintosh HD
>>
>> Can you please let me know what your layout looks like?
>
> Same. However, the GUI DU lies about all sorts of things, and that's
> probably not particularly useful info.
>
> Try 'diskutil list' instead, and this is an example of a standard APFS
> layout:
Ians-MacBook:~ ian$ diskutil list
> On Sat, 30 Sep 2017 17:52:47 +0100, Ian McCall <i...@eruvia.org> wrote:
>
>> Mine is:
>>
>> APPLE SSD AP0512H Media
>>> Container disk1
>>> Macintosh HD
>>
>> Can you please let me know what your layout looks like?
>
> Same. However, the GUI DU lies about all sorts of things, and that's
> probably not particularly useful info.
>
> Try 'diskutil list' instead, and this is an example of a standard APFS
> layout:
/dev/disk0 (internal):
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme 500.3 GB disk0
1: EFI EFI 314.6 MB disk0s1
2: Apple_APFS Container disk1 499.3 GB disk0s2
/dev/disk1 (synthesized):
#: TYPE NAME SIZE IDENTIFIER
Physical Store disk0s2
1: APFS Volume Macintosh HD 442.5 GB disk1s1
2: APFS Volume Preboot 20.0 MB disk1s2
3: APFS Volume Recovery 520.0 MB disk1s3
4: APFS Volume VM 1.1 GB disk1s4
/dev/disk2 (disk image):
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme +3.3 TB disk2
1: EFI EFI 209.7 MB disk2s1
2: Apple_HFS Time Machine Backups 3.3 TB disk2s2
So essentially the same, though interestng there's no Apple_KernelCoreDump
> <snip>
> When you go through the "enable filevault" procedure, theres a pane for
> "each of these users must enter their passwords now in order for them to
> be able to unlock the disk". Have you tried creating/using one of the
> other users to do this bit, and not add your own to the list? I think
> you'd need to run the Enable FV from another user.
an unknown error occurred: test. If I try from the user test itself, I
get:
"Authentication server refused operation because the current
credentials are not authorized for the requested operation".
>
> Out of interest I put in a wrong password for one of those, and that
> reports
>
> fault 18:38:35.922974 +0100 opendirectoryd Authentication failed
> for <private> with ODErrorCredentialsInvalid
> default 18:38:35.923262 +0100 opendirectoryd ODRecordVerifyPassword
> failed with result ODErrorCredentialsInvalid
>
> Not sure if that's any use for you, but there we go.
- My iCloud account goverened all of it under Sierra - filevault,
login password - everything
- Apple revoked that ability a year ago but didn't affect running
installations
- on upgrade, I was asked to set a different password to my iCloud one
- I set a temp one
- I then went in and set a new user password - got loads of keychain
errors about local items
- eventually worked, but I needed the origial 'different' password,
not the one I set later, when booting
- I tried to update filevault so I could use same password for both -
I disabled filevault
- nearly a week later, I went to turn it back on again expectig it to
ask for my newer password
- it didn't, and in fact can't proceed.
I think it's got confused and has the hash either of my iCloud password
or of the original one I was forced to reset. I think because it sees
the account names as the same it -thinks- it's up to date, but in
reality it's out of sync.
I think I'm screwed and need a full reinstall.
Damn.
Jaimie Vandenbergh
Sep 30, 2017, 4:29:51 PM9/30/17
to
10.13.1 beta last night! Checking my MacBook, it's identical to yours
apart from being half the size.
>> When you go through the "enable filevault" procedure, theres a pane for
>> "each of these users must enter their passwords now in order for them to
>> be able to unlock the disk". Have you tried creating/using one of the
>> other users to do this bit, and not add your own to the list? I think
>> you'd need to run the Enable FV from another user.
>
>Yes - The following users weren’t allowed to unlock this disk because
>an unknown error occurred: test. If I try from the user test itself, I
>get:
>"Authentication server refused operation because the current
>credentials are not authorized for the requested operation".
>Here's what I -think- has happened, but can't prove:
>
> - My iCloud account goverened all of it under Sierra - filevault,
>login password - everything
> - Apple revoked that ability a year ago but didn't affect running
>installations
I dodged that bullet, it does seem to have been a cockup with 10.13.
> - on upgrade, I was asked to set a different password to my iCloud one
>- I set a temp one
> - I then went in and set a new user password - got loads of keychain
>errors about local items
domain memberships, it's very annoying.
> - eventually worked, but I needed the origial 'different' password,
>not the one I set later, when booting
> - I tried to update filevault so I could use same password for both -
>I disabled filevault
> - nearly a week later, I went to turn it back on again expectig it to
>ask for my newer password
> - it didn't, and in fact can't proceed.
>
>I think it's got confused and has the hash either of my iCloud password
>or of the original one I was forced to reset. I think because it sees
>the account names as the same it -thinks- it's up to date, but in
>reality it's out of sync.
>I think I'm screwed and need a full reinstall.
cmd-r, splash and reinstall, forty minutes work, then off to bed for the
restore to complete.
Might be best to disable whatever dual/2fa you have right now and reset
your password to a non-temp one again on icloud.com while the reinstall
is happening. You might have to reset the keychain password manually
from one of the previous two to the new one.
Then put 2FA back on after, and then finally filevault.
Cheers - Jaimie
--
"On two occasions I have been asked [by members of Parliament],
'Pray, Mr. Babbage, if you put into the machine wrong figures, will
the right answers come out?' I am not able rightly to apprehend the
kind of confusion of ideas that could provoke such a question."
Ian McCall
Sep 30, 2017, 4:44:59 PM9/30/17
to
On 2017-09-30 20:29:48 +0000, Jaimie Vandenbergh
repartition? Can't remember - would rarther avoid the thumb drive fuss
if I can.
<jai...@sometimes.sessile.org> said:
> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
> restore to complete.
Can you blat the disk if you install from recovery? As in erase and
> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
> restore to complete.
repartition? Can't remember - would rarther avoid the thumb drive fuss
if I can.
Jaimie Vandenbergh
Sep 30, 2017, 5:11:56 PM9/30/17
to
On Sat, 30 Sep 2017 21:44:57 +0100, Ian McCall <i...@eruvia.org> wrote:
>On 2017-09-30 20:29:48 +0000, Jaimie Vandenbergh
><jai...@sometimes.sessile.org> said:
>
>> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
>> restore to complete.
>
>Can you blat the disk if you install from recovery? As in erase and
>repartition? Can't remember - would rarther avoid the thumb drive fuss
>if I can.
Yes indeed you can. After you choose Reinstall it'll ask if you want to
>On 2017-09-30 20:29:48 +0000, Jaimie Vandenbergh
><jai...@sometimes.sessile.org> said:
>
>> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
>> restore to complete.
>
>Can you blat the disk if you install from recovery? As in erase and
>repartition? Can't remember - would rarther avoid the thumb drive fuss
>if I can.
erase.
https://support.apple.com/en-gb/ht204904 is updated for High Sierra.
Jaimie Vandenbergh
Sep 30, 2017, 5:31:38 PM9/30/17
to
On Sat, 30 Sep 2017 22:11:53 +0100, Jaimie Vandenbergh
<jai...@sometimes.sessile.org> wrote:
>On Sat, 30 Sep 2017 21:44:57 +0100, Ian McCall <i...@eruvia.org> wrote:
>
>>On 2017-09-30 20:29:48 +0000, Jaimie Vandenbergh
>><jai...@sometimes.sessile.org> said:
>>
>>> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
>>> restore to complete.
>>
>>Can you blat the disk if you install from recovery? As in erase and
>>repartition? Can't remember - would rarther avoid the thumb drive fuss
>>if I can.
>
>Yes indeed you can. After you choose Reinstall it'll ask if you want to
>erase.
Ha! What am I like. Read the below, it's way more accurate than I am
<jai...@sometimes.sessile.org> wrote:
>On Sat, 30 Sep 2017 21:44:57 +0100, Ian McCall <i...@eruvia.org> wrote:
>
>>On 2017-09-30 20:29:48 +0000, Jaimie Vandenbergh
>><jai...@sometimes.sessile.org> said:
>>
>>> cmd-r, splash and reinstall, forty minutes work, then off to bed for the
>>> restore to complete.
>>
>>Can you blat the disk if you install from recovery? As in erase and
>>repartition? Can't remember - would rarther avoid the thumb drive fuss
>>if I can.
>
>Yes indeed you can. After you choose Reinstall it'll ask if you want to
>erase.
about how to do it. I blame this *amazing* but 63% rum.
Cheers - Jaimie (Wray & Nephew white overproof)
--
"All power corrupts, but absolute power is kind of neat"
gong...@gmail.com
Nov 1, 2017, 9:49:49 PM11/1/17
to
Have you ever resolved the problem? I met the same issue which the FileVault could not be enabled with these promotions "Click lock button to lock the preference pane, then use another admin account to unlock and try again (Authentication server refused operation because the current credentials are not authorized for the requested operation.)."
I also find the similar errors from console.
Thanks.
Ian McCall
Nov 2, 2017, 6:46:38 AM11/2/17
to
On 2017-11-02 01:49:48 +0000, gong...@gmail.com said:
> Have you ever resolved the problem? I met the same issue which the FileVaul
> t could not be enabled with these promotions "Click lock button to lock the
> preference pane, then use another admin account to unlock and try again (A
> uthentication server refused operation because the current credentials are
> not authorized for the requested operation.)."
>
> I also find the similar errors from console.
Yes, but unfortunately it's not likely to be the answer you would like
> Have you ever resolved the problem? I met the same issue which the FileVaul
> t could not be enabled with these promotions "Click lock button to lock the
> preference pane, then use another admin account to unlock and try again (A
> uthentication server refused operation because the current credentials are
> not authorized for the requested operation.)."
>
> I also find the similar errors from console.
to hear. I found there was no resolution to it on the machine itself,
did a full back up, wiped the drive and restored from Time Machine. No
issues since.
I wasn't able to find a way past this without doing the reinstall am afraid.
0 new messages