UnThreaded | Threaded | Whole Thread (12) | Ignore Thread Prev Thread | Next Thread
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: of 65308  
Subject: Back to My Mac Date: 11/15/2012 12:07 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I've posted on this topic before but got no response, so I'd try again with a little additional observation.

I've noticed when using Back to My Mac (BTMM) to log into my MBP (left in my office at work) from my Mac mini at home, I get presented with a dialog box asking for a username and password and with the options to use my Apple ID and to remember my password. When I use BTMM in the other direction, however, it logs me in automatically without a dialog box.

I'd like to have the option of getting that dialog box back, for reasons I mentioned earlier (i.e. having that extra layer of security). I'm guessing that I must have checked the box on my MBP to remember my password. When I look through my Keychain for likely suspects, I find only a set of BTMM keychains that, after I delete them, do not restore the dialog box when I try BTMM. Instead, the keychains get restored.

I'm thinking of turning off iCloud on my MBP and then turning it back on, but when I do, I get additional dialog boxes warning me about contacts, calendars, and other things that can be deleted from my MBP if I do so (with options to retain copies on the MBP). It's enough warnings to give me pause. It's a lot of data to re-sync, and my faith in iCloud to handle things without serious glitches is neither blind nor infinite. I'm concerned about both lost data as well as duplicates when I re-sync, with lost data being more serious.

So, before I do so, does anyone have an idea for a less drastic way to restore that username and password dialog box? Some keychain or other that I may be missing? Or, has anyone turned off and then turned back on iCloud on a Mac, with or without glitches?

-awlabrador
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: TwoCybers Big gold star, 5000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61432 of 65308
Subject: Re: Back to My Mac Date: 11/15/2012 1:45 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Do you have OSX's auto login feature activated? The article below suggests that could be your problem.

http://support.apple.com/kb/HT4908?viewlocale=en_US&loca...

You can only login your work/home PC if you have access to iCloud which requires your Apple ID and login. So making sure that password is strong seems an important step in any case -- strong for me = >11 characters, at least one symbol and at least one UPPER case.

While I have never used BTMM, I notice there is a check box in the iCloud section of System Preferences. Are the settings the same there for both PCs? Assuming yes, you might want to uncheck both PCs, reboot and recheck just incase something is crossed.

Gordon
Atlanta

Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61433 of 65308
Subject: Re: Back to My Mac Date: 11/15/2012 2:01 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Hi Gordon,

The automatic login is disabled on both my Macs, and passwords are required either immediately after or very soon after (5 sec) the screensaver kicks in. I also have nearly-insanely-strong passwords on all my Macs. I have a strong password for iCloud/AppleID, but I'm thinking of upping it to the same level of complexity.

The BTMM checkbox on both Macs are checked. Turning it off and back on and rebooting doesn't seem to change things.

One thing I haven't tried recently is using BTMM with both Macs at home. That would make things easier to test. The problem there is that, since both Macs are then on the same network, I expect I'm going through simple screen sharing and not through BTMM. I'd probably have to put the MBP on a MiFi or something to get on another network while still having them adjacent for testing.

-awlabrador

Print the post Back To Top
Author: stevenjklein Big funky green star, 20000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61438 of 65308
Subject: Re: Back to My Mac Date: 11/15/2012 3:41 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
You can test your keychain theory by logging in under a different user account on your work Mac.

If you get the desired behavior while logged in under a test account, then the solution is almost certainly finding the right keychain entry and deleting it.

Print the post Back To Top
Author: TwoCybers Big gold star, 5000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61439 of 65308
Subject: Re: Back to My Mac Date: 11/15/2012 4:03 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Yea I expected your Passwords were just fine, but while you were having this issue just in case to add protection I had to mention it.

I like Steven's idea to isolate the problem.

Gordon
Atlanta

Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61442 of 65308
Subject: Re: Back to My Mac Date: 11/15/2012 6:49 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
You can test your keychain theory by logging in under a different user account on your work Mac.

Excellent idea, Steven, thanks. Here's what I tried:

Since my existing accounts tend to have well-populated keychains, I created a temp account without access to iCloud. Upon logging in, I opened Keychain Access to watch how the keychain changed.

At first, there's only an "Apple Persistent State Encryption" application password.

Once I started iCloud, but without BTMM, I got an iCloud application password (with access allowed to InternetAccounts, iCloudAccounts, MobileMe Application Group, and com.apple.iCloudHelper), an AppleID Authentication application password (access for AppleIDAuthAgent), an AppleID public key (access for all applications), and an AppleID private key .

Then I activated BTMM in System Preferences. No change to the Keychain

So, time to go BTMM via screen sharing. I try to log in and get the dialog box asking for my username and password. I enter it, boom, I'm in. I log out and try again, this time saving my password to my keychain. Back in, keychain now has a network password to my mini at home. No change in access control to other keychain items. Logging out and logging back in gives me access without having to enter my username and password. I delete the network password from the keychain and try BTMM again, and this time, as expected, I need the password.

I deleted the account and then realized I hadn't tried everything, so I repeat most of the above, including recreating the account from scratch. Then, having automatic login via the username and password saved to my keychain, I delete the network password from the keychain and try to log in via my Apple ID.

However, before I can try to log in via Apple ID on the dialog box, I get logged in automatically. I reexamined the keychain, and there are two certificates there -- Apple Application Integration Certification Authority and com.apple.idms.appleid.prd.(lots of gibberish). Where did those come from? When did they pop up?

Delete the account once again and start over, to see when the certificates show up. Log in, log out, delete network password, etc. Got to the point of trying to log in via Apple ID, and the dialog box says it won't work, please try again with different credentials.

I go away, come back, and those certificates have appeared again, with no intervention on my part. I try to screen share (or log-in) via BTMM, and I log in automatically again, without the dialog box. I delete the certificates -- why didn't I delete just one at a time? -- and the username and password dialog box shows up again.

So, it seems that one or both of these certificates are used by Screen Sharing to bypass the username and password dialog box and log into my other Mac via BTMM. Googling and searching on Apple's community groups shows they're a focus of some BTMM problems, so it's an avenue for me to pursue. My immediate goal is to find out if it's safe to delete them, e.g. do other applications need them for some reason.

I'll save that for later though. As you can guess, I took a lot of notes to trace this issue, and I ended up entering my admin username and password -- the really long, complicated one I mentioned to Gordon -- what felt like a zillion times.

-awlabrador

Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: spinning Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61445 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 10:26 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I am befuddled by Back to My Mac. I recently upgraded my laptop and home desktop to Mountain Lion. I want to use BtMM to connect from my laptop to my home desktop when I am away from home. It works fine at home, but not away from home. But when I was on Snow Leopard, before BtMM, I had things set up so I could connect them at home. So I don't know whether, when I am at home, I am connecting with BtMM or with the old method. I did all the obvious things.

Any hints or urls would be appreciated.

Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61446 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 12:23 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I think you might just be using local Screen Sharing at home, rather than BtMM. Try turning off BtMM in your iCloud preferences and see if you still have screen sharing or file sharing at home. If so, then you're not really using BTMM at home.

FWIW, I can still connect to my old PowerPC Leopard machines locally, at home, so I'm clearly not using iCloud's BTMM in those cases.

-awlabrador

Print the post Back To Top
Author: spinning Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61447 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 1:16 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I think you might just be using local Screen Sharing at home, rather than BtMM. Try turning off BtMM in your iCloud preferences and see if you still have screen sharing or file sharing at home. If so, then you're not really using BTMM at home.


I think you are right. But how do I really use BtMM at home and away from home? Do I have turn off some sharing preferences that enabled Screen Sharing in Snow Leopard and then turn on BtMM?

Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61449 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 1:59 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
The way it's supposed to work is you turn on Screen Sharing on the target Mac and BtMM in iCloud preferences on both Macs. I turn Screen Sharing on on both Macs, since I use BtMM in both directions (home-to-office, office-to-home). I believe BtMM can also be used for File Sharing, though that's not what I usually do.

Really, the bottom line is that BtMM Screen and/or File Sharing is supposed to appear to the user the same way that both sharing types appear on a local network, just on separate networks connected to the Internet. Also, it's supposed to work the same as .Mac BtMM on Snow Leopard and Leopard. Except for the problem I've been having with automatic logins, BTMM has functioned the same way, for me, all the way back to Leopard.

One thing that's an issue is how your home network communicates with the outside world. Unless everything is set just right, BTMM won't see from your away-Mac to your home-Mac. It's been a while since I did my home network configuration, but I seem to recall you have to have not only DHCP but also NAT running, unless your home Mac has a dedicated IP address visible outside your home. Having dual NATs running on your home network can really screw things up, too; I have my ISP's router, but I don't like it, so I've disabled some services on it in favor of my Time Capsule.

But again, my recollection is that those settings are supposed to be the same between iCloud and .Mac, so if you had it working before with Snow Leopard, in principle it should be the same now.

-awlabrador

Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61450 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 4:32 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
I seem to have fixed my problem.

Using Keychain Access, I made a backup of the com.apple.idms.appleid.prd.blah blah blah certificate. If this experiment fails -- i.e. if it turns out something else really needs the certificate -- then I can restore it to my keychain.

I tried BTMM to log into my home Mac, and the dialog box requesting the username and password finally appeared.

I get the impression I'm the only one on this board who regularly uses BTMM and worries about this sort of thing, but just in case someone else needs the information in the future, it's here.

Thanks, Steven and Gordon, for your help and attention.

-awlabrador

Print the post Back To Top
Author: awlabrador Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 61451 of 65308
Subject: Re: Back to My Mac Date: 11/16/2012 4:46 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
(Oh, what the heck. I reimported the certificate back into my keychain, just in case something else really does need it. Meanwhile, I can delete and reimport the certificate as desired, but there's got to be a better solution.)

-awlabrador

Print the post Back To Top
UnThreaded | Threaded | Whole Thread (12) | Ignore Thread Prev Thread | Next Thread
Advertisement