Again: Mobile accounts and folder date
Hi,
for a while syncing between MacBooks and Lion server worked.
But now I have issues again without changing a running system
1. On my MacBooks everyday, i.e after restarting, Spotlight indexes my files
2. Actually my MacBook Pro syncs my whole folder structure and modifies the date of the folder to the actual date! What a mess!
Anyone with the same behaviour?
Any solutions or simply a bug in Lion server?
I use 10.7.3 with Filesyncagent activated.
Ishan
See also http://support.apple.com/kb/TS3346
Symptoms
Active Directory users may receive the message "You are unable to log in to the user account (username) at this time" when trying to log in. This can happen with successive Active Directory users who have home directories on different sharepoints of the same server. They can log in if the Mac OS X client is restarted.
Resolution
Edit the /etc/auto_master file of the affected Mac OS X client. Comment out the /Network/Servers entry as shown in the example below:
# Automounter master map
+auto_master # Use directory service
/net -hosts -nobrowse,hidefromfinder,nosuid
/home auto_home -nobrowse,hidefromfinder
#/Network/Servers -fstab
/- -static
Save the file, then restart.
Similar Messages
-
What is 'mobile account' and how does it work?
This is a hidden feature in Mac OS Leopard, that I believe require an Leopard Server on the network.
I have not found it in the regular user interface, but it can be revealed by following the below process:
1. Go to System Preferences > Accounts
2. Unlock
3. Search for mobile account, and press Enter
4. Wait for the Mobile account options to show up
What is this feature? How does it work?
I have found no references to it in the normal documentation.Google is your friend:
"A mobile account is a Mac OS X Server user account that has been copied to a local computer and remains synchronized with the server account so that both locations contain a matching set of data."(Mac OS X Server User Management, p. 46).
And it has been around since 10.3, so it is not something new to Leopard.
see: http://www.afp548.com/articles/Panther/mcx2.html -
Mixing mobile account and network account.
Is it possible to have mobile account on some computers and network account on others and having the same user logging in (only one login at a time) without sync issues ?
I have tested it with account preferences set on computers and it is working nice until I have been logged in on a computer with networked account, then I experience sync issues. Every time I log in mobile account I got a dialog window asking me to select "Sync Later" , "Mobile" or "Networked". It does not matter what I select, the dialog comes back everytime I log off and on with the mobile account. I have only managed get rid of it by deleting mobile account and sync it again.
Message was edited by: kenguruAgain, thanks for taking your time explaining this for me.
After been reading the User Management documentation from apple about Managing Portable Computers (Chapter 8), I got the opposite impression about running Mobile Account on multiple computers. From this text, as I read it, it is a common thing to do, as long as we are aware of sync issues that might occur and know how we shall deal with it.
So I'm a little confused about this topics, as it seem to make sense what you are saying, but the documentation says something different.
I have tried setting sync preferences on the user instead, so that every login is made with a mobile account on every computer. That seems to work ok. Off course sync issues may arise, but here the the file sync can be fixed through the dialogs windows that pops up. Unlike under the mix of network logins and mobile account logins where it doesn't matter which location I set to be the place containing the most recent files. This only occurs after a network account login. If I have been logged on another computer set up with mobile account everything syncs nicely. I think
So for now, I think I will stick with setting up users with mobile account preferences and skip the networked account.
Does this make any sense or am I still mistaking here?
Ok, thanks for all you help.
Bernt -
Mobile Account and Active Directory home folder
We install a XServe server (Mac OS X 10.6.3). We join it to Active Directory for authentification and Open Directory for policy. I read the magic triangle on the web.
I mount a MacBook Pro with Mac OS X 10.6. I join it to AD and after to OD. When I configure an account to be mobile, the home folder configure in AD stop to mount automatically. If the account is not mobile the home folder mount correctly.
Somebody has an idea of waht happen?Hello, sifeduc, and welcome to the AppleBoards,
This really seems like a Directory Services question and is probably best suited to this board: http://discussions.apple.com/forum.jspa?forumID=1353
That being said are you talking about Portable Home Directories? If so PHDs should be created on the server first and on the client second. If you have a client account you want to sync to the OD you need to delete the client account - *but leave it in place* - create a server account and then use the local account which will then sync to the server. The steps for this are a little more complicated than that but not much.
Good Luck,
=Tod -
Problem syncing Mobile account home folder
I'm trying to get mobile accounts working correctly so that i can support users (including myself) having laptops and iMacs with files all in sync. My initial tests seem to go well, but when I started moving the first user account over (mine) I noticed a number of errors appear. Here is an example of what I'm currently working on (I've trimmed it down to just before the error message):
<hr>
Client ~/Library/Logs/FileSyncAgent/FileSyncAgent-verbose.log:
<Logout> 1:: \[10/06/16 15:22:57.357] <OK> network: MODIFY "Library/Preferences/com.apple.recentitems.plist" {(Priority=1, EXECUTING)}
<Logout> 1:: \[10/06/16 15:22:57.387] <OK> network: MODIFY "Library/Preferences/com.apple.systemuiserver.plist" {(Priority=1, EXECUTING)}
<Logout> 1:: \[10/06/16 15:22:57.417] <OK> network: MODIFY "Library/Preferences/com.apple.Terminal.plist" {(Priority=1, EXECUTING)}
<Logout> 0:: \[10/06/16 15:22:57.435] EXCEPTION: \[data writeToFile:'/Volumes/Users/synctest/.FileSync/PHD-R-wO-0oQq9MqC-synctest.FileS yncHistory' options:0 error:&error] (Cocoa error 512) <-\[SStoreFileOperator_FS writeFileData:] (StoreFileOperator-FS.m:1091): "(Error Domain=NSCocoaErrorDomain Code=512 UserInfo=0x102fdd8c0 "The file “PHD-R-wO-0oQq9MqC-synctest.FileSyncHistory” couldn’t be saved in the folder “.FileSync”." Underlying Error=(Error Domain=NSPOSIXErrorDomain Code=35 "The operation couldn’t be completed. Resource temporarily unavailable"))">
<Logout> 0:: \[10/06/16 15:22:57.435] USERINFO: {
<Logout> 0:: \[10/06/16 15:22:57.435] NSFilePath = "/Volumes/Users/synctest/.FileSync/PHD-R-wO-0oQq9MqC-synctest.FileSyncHistory";
<Logout> 0:: \[10/06/16 15:22:57.435] NSUnderlyingError = "Error Domain=NSPOSIXErrorDomain Code=35 \"The operation couldn\U2019t be completed. Resource temporarily unavailable\"";
<Logout> 0:: \[10/06/16 15:22:57.435] }
<Logout> 0:: \[10/06/16 15:22:57.435] BACKTRACE: {
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x1000bc73c
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x1000b9eec
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x100066a00
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x100065fe6
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x1000c8f1a
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x7fff800cbe8d
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x7fff820a3456
<Logout> 0:: \[10/06/16 15:22:57.435] ? | 0x7fff820a3309
<Logout> 0:: \[10/06/16 15:22:57.435] }
<Logout> 1:: \[10/06/16 15:22:57.544] -\[SStore(protected) cleanupTree]: PHD-L-iI.arrVC0G4-synctest: required 0.0 seconds to execute
<Logout> 1:: \[10/06/16 15:22:57.557] Store "PHD-L-iI.arrVC0G4-synctest" finished syncing with root version PHD-L-iI.arrVC0G4-synctest1276714848PHD-R-wO-0oQq9MqC-synctest1276714849\[]
<Logout> 1:: \[10/06/16 15:22:57.558] -\[SStore_FS deleteStateTreeTurdFile] (Store-FS.m:481): unlink('/Users/synctest/.FileSync/store.filesyncstatetree.statetree_dirty')
<Logout> 1:: \[10/06/16 15:22:57.737] Store "PHD-R-wO-0oQq9MqC-synctest" finished syncing with root version PHD-L-iI.arrVC0G4-synctest1276714848PHD-R-wO-0oQq9MqC-synctest1276714849\[]
<Logout> 1:: \[10/06/16 15:22:59.041] Compress/upload of "/Volumes/Users/synctest/.FileSync/Store-FS-PHD-network-home.filesyncstatetree. bz2" took 1.30 seconds
<Logout> 1:: \[10/06/16 15:22:59.041] -\[SStore_FS deleteStateTreeTurdFile] (Store-FS.m:481): unlink('/Volumes/Users/synctest/.FileSync/Store-FS-PHD-network-home.filesyncsta tetree.bz2.statetree_dirty')
<Logout> 1:: \[10/06/16 15:22:59.043] 1-pass sync of "HomeSync_Mirror" took 4.75 seconds
<Logout> 0:: \[10/06/16 15:22:59.374] Finished sync of "HomeSync_Mirror".
1:: \[10/06/16 15:22:59.914] -\[MainObj shutdownAgent]
0:: \[10/06/16 15:22:59.949] EXCEPTION: User Cancelled <_incomingIPC (ipc.m:210): "'((userCanceledErr))' error -128">
0:: \[10/06/16 15:22:59.949] USERINFO: {
0:: \[10/06/16 15:22:59.949] NSLocalizedDescription = "User Cancelled";
0:: \[10/06/16 15:22:59.949] }
0:: \[10/06/16 15:22:59.949] BACKTRACE: {
0:: \[10/06/16 15:22:59.949] ? | 0x10000e2a8
0:: \[10/06/16 15:22:59.949] ? | 0x7fff82d74af1
0:: \[10/06/16 15:22:59.949] ? | 0x7fff82d0f171
0:: \[10/06/16 15:22:59.949] ? | 0x7fff82d0d84f
0:: \[10/06/16 15:22:59.949] ? | 0x1000049d9
0:: \[10/06/16 15:22:59.949] ? | 0x7fff820a3456
0:: \[10/06/16 15:22:59.949] ? | 0x7fff820a3309
0:: \[10/06/16 15:22:59.949] }
1:: \[10/06/16 15:22:59.949] _incomingIPC: caught exception _incomingIPC (ipc.m:210): "'((userCanceledErr))' error -128"
0:: \[10/06/16 15:23:00.669] Bye (PID:2246)
<hr>
Server ~/Library/Logs/FileSync-server/FileSync-server-verbose.log:
1:: \[10/06/16 15:22:54.616] PHD-R-wO-0oQq9MqC-synctest Scanning flagged directory "Library/"
1:: \[10/06/16 15:22:54.625] PHD-R-wO-0oQq9MqC-synctest Scanning flagged directory "Library/Preferences/"
1:: \[10/06/16 15:22:54.644] PHD-R-wO-0oQq9MqC-synctest Scanning flagged directory "Library/Preferences/ByHost/"
1:: \[10/06/16 15:22:54.665] Store "PHD-R-wO-0oQq9MqC-synctest" finished prepareForSync with root version PHD-L-iI.arrVC0G4-synctest1276714845PHD-R-wO-0oQq9MqC-synctest1276714849\[]
1:: \[10/06/16 15:22:54.671] -\[SStore_FS deleteStateTreeTurdFile] (Store-FS.m:481): unlink('/Users/synctest/.FileSync/Store-FS-PHD-network-home.filesyncstatetree.s tatetree_dirty')
1:: \[10/06/16 15:22:56.113] -\[SPeer_FS zip] (Peer-FS.m:361): unlink('/Users/synctest/.FileSync/Store-FS-PHD-network-home.filesyncstatetree')
0:: \[10/06/16 15:22:59.705] EXCEPTION: Unknown error 2002 <-\[SNetworkReachabilityMonitor init] (NetworkReachabilityMonitor.m:72): "(Error Domain=com.apple.SystemConfiguration Code=2002 UserInfo=0x100243d20 "The operation couldn<E2><80><99>t be completed. (com.apple.SystemConfiguration error 2002 - Configuration daemon not (no longer) available)")">
0:: \[10/06/16 15:22:59.705] USERINFO: {
0:: \[10/06/16 15:22:59.705] NSDescription = "Configuration daemon not (no longer) available";
0:: \[10/06/16 15:22:59.705] }
0:: \[10/06/16 15:22:59.705] BACKTRACE: {
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x100014831
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x100014688
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x7fff82ffb535
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x7fff8300963e
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x7fff83001eaa
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x7fff82ffa1ba
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x1000036c3
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x10007f4e0
0:: \[10/06/16 15:22:59.705] ?<C2><A0>|<C2><A0>0x2
0:: \[10/06/16 15:22:59.705] }
0:: \[10/06/16 15:22:59.705] Bye (PID:9460)
<hr>
Now I've not done much with OS X programming, but I've done quite a bit of Unix systems work. The client appears to be getting an EAGAIN error (essentially that the syscall didn't complete, but not that it failed). Ideally, it should try again, and perhaps there is something I can set that will have it do a couple of retry attempts before giving up?
However, the error on the server side is the likely culprit. I don't know what the error message regarding com.apple.SystemConfiguration means, but my googling for hints implies that it is some sort of error connecting over the network. To try and debug that, I had both machines connected to the same switch with firewalls turned off and the error continues. The previous lines imply that it is trying to delete a file that it created from the local disk. What bothers me about that is that in the WGM I set the home directory to be "afp://servername/Users" and it shows that it should be either "afp://servername/Users/synctest" or "/Network/Servers/servername/Users/synctest" but the server is accessing the home folder directly, so why an issue with network reachability?
Can anyone offer any hints as to what I should be looking for? I had hoped that PHDs would solve the whole multiple computer issue, but they don't seem to be working reliably for me. Since I get this issue consistently I'm guessing that there is something misconfigured on my end.Shawn,
I've done the deletion of those folders a number of times, with no luck.
The most recent attempt to get this to work was:
1. Delete ~/.FileSync and ~/Library/FileSync from the server machine.
2. With a brand-new install of OS X on a laptop, create a local administrator, join the server, then login as the user account that wants a mobile account
3. Look at logs
I still get an exception on the server
0:: \[10/07/31 13:39:47.791\] EXCEPTION: Unknown error 2002 <-\[SNetworkReachabilityMonitor init\] (NetworkReachabilityMonitor.m:72): "(Error Domain=com.apple.SystemConfiguration Code=2002 UserInfo=0x10027adc0 "The operation couldn<E2><80><99>t be completed. (com.apple.SystemConfiguration error 2002 - Configuration daemon not (no longer) available)")">
0:: \[10/07/31 13:39:47.791\] USERINFO: {
0:: \[10/07/31 13:39:47.791\] NSDescription = "Configuration daemon not (no longer) available";
0:: \[10/07/31 13:39:47.791\] }
0:: \[10/07/31 13:39:47.791\] BACKTRACE: {
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x100014831
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x100014688
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x7fff82ffb535
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x7fff8300963e
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x7fff83001eaa
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x7fff82ffa1ba
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x1000036c3
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x10007f4e0
0:: \[10/07/31 13:39:47.791\] ?<C2><A0>|<C2><A0>0x2
0:: \[10/07/31 13:39:47.791\] }
0:: \[10/07/31 13:39:47.792\] Bye (PID:38660)
as well as the corresponding error on the client.
I'm quite frustrated with the whole situation at this point. I'm sure some folks have gotten it to work, but since it has exceptions like this silently, it slowly corrupts the data in an account. I still want to get it to work, but am skeptical that it will.
Message was edited by: Benjamin Kuperman -
Lion Server Setup (Network Login/Mobile Account and more...)
Hardware:
Mac mini Intel Core i7, 2 GHz, 8 GB memory (Server) x 1
iMac 21.5" 2.8GHz Intel Core i7, 12 GB memory (Workstation) x 6
Operating System:
Mac OS X Server Lion 10.7.4 (11E53)
Mac OS X Lion 10.7.4 (11E53)
Relevant Software:
Server.app Version 10.7.4 (1.4.3)
Workgroup Manager Version 10.7 (400.3)
Server Admin Version 10.7 (355)
So my head's swimming with "I dunno's" and I've been perusing probably all the wrong threads trying not to sound like a noob and find the literature that will finally lead me to a solution. This is my first rodeo so make no assumptions about my experience (maybe).
Short Version
I can't login network users. I get an error "You are unable to log in to the user account "<%short_name%>" at this time. Logging in using >console tells me this No home directory: <path to home directory> i.e. /Network/Servers/department.domain.com/Department/Accounts/bbunny
If anyone can point me where to read, I will do so.
Perhaps a longer discussion on how to verify that the proper permissions exist on the share/home directory in question and what those would be.
More detail...
I want to setup a Mac Mini server to have network login accounts stored on the 2nd data volume in a directory we shall call Accounts*. Here all the "network users/logins" have their home directories, so that when they login at the workstation the idea is the workstation will sync their account and allow them to login, if the server is not available, the hope is I can configure it to allow them to login if they've logged in before and the files will sync when they are able. That being the ideal, I get the impression that for best practices, Apple is discouraging the use of mobile accounts that use Home Sync perhaps because it's reliability has been iffy, please advise. A windows user might think of this as "roaming profiles" but, if I understand it, its a little more than that.
Note, I do not want to login to the server and actively work on that network share, I want the account to be local and sync'd as needed. But I want the user to be able to sit at any of the 6 other workstations and see the same documents, emails etc. Obviously if the server is down, it won't be possible to authenticate, but I think it should have cached credentials that should allow the user to login if the server is down and still go about their work.
This is the small picture...there is a larger picture that involves, parallel virtual machines of Windows Server 2008 R2 on server and and Windows 7 on the client, ical, ichat and perhaps wiki's.
I apologize for the roughness of this question, in the interest of brevity, I have plenty of problems that led me here that I can expound upon if asked.
Also a silly question someone might know the answer too, Why does the login payload settings that I have pushed to a workstation device, sometimes vanish inconsistently upon logout?Ok, Some Good news and clearer understanding to disseminate in this post I hope it helps
"the Universe" so I am posting it here in my "ever-the-noob" blog on apple forums.
Problem
What do you do when you get an error when logging into a mobile account setup?
One symptom would be the error message below...
"You are unable to log in to the user account "<%short_name%>" at this time.
Logging in using >console You get the message…
"No home directory: <path to home directory>"
or
"You are unable to log in to the user account "<%short_name%>" at this time.
Logging in using >console tells me this No home directory: <path to home directory>
Solution
Do the check list…
Short Version
Sever Admin.app > Access (Key Component)
Check Permissions on directories for your file shares.
(The reason stuff doesn't work especially when you're rebuilding/recovering a server)
File sharing setup (Turned ON, Home sharing Enabled)
Directory Utility > Directory Editor or dscl
( Do not underestimate the importance of this part!!!!
Use white-gloves when you're handling it though!!! )
Workgroup Manager
(You're poopy "main" interface that really is a "window", not a "door", but maybe Apple likes to do things "Dukes of Hazard" style?)
Long Version
Check Sever Admin.app > Access
Make sure that your user has the "Proper" access. For me I created a test user from Server.app and saw what access he had as a way to "check myself for a properly created users" and because I think one is kind of on his/her own using WGM and duplicated the same access. (I was a little neater, though and did it with a group, not individual users, that would have been a mess!)
Server Admin.app > Access
Click the "+" sign, sort by UID and Add the imported users to the following Services…
( You can use a group, but understand when Server.app creates users they get added
individually to each of these groups. )
Address Book
AFP
iCal
iChat
Mail
Profile Manager
SMB
VPN
Check Permissions on directories for your file shares.
(That's an understatement) I could go in depth about all the crap I had to read about, I still
know I am missing a chunk of tech brain when it comes to the particulars. Basically, I boil
it down to this…
Permissions require thinking about things first with regards to POSIX permissions... good
ole ls, chmod, chgrp, chown to the rescue with ugo permissions or the old 755, 600 etc
stuff.
Apple's file-sharing access uses this as a starting point to see what the user is allowed to
access.
I also needed to use chflags once to unhide a file that I mucked around with using xattr.
I still haven't figured out why folders can lose their triangles, but I didn't find out if you cp or
move them from terminal, the triangles come back in the moved or copied directory. For a
minute I thought it was because cp alone doesn't preserve flag attributes, but mv actually
works by doing a cp that preserves the flags, unless it's a bug. I dunno.
This helped me get my file visible again...
chflags hidden path_to_file
chflags nohidden path_to_file
Read up on those manuals, if you're not a terminal type go to apples website
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/
or download...
http://www.bruji.com/bwana/ I thought that was cool.
or if you prefer to read the manual in pdf try…
man -t sharing | pstopdf -i -o ./Desktop/Sharing\ Manual.pdf
man -t chown | pstopdf -i -o ./Desktop/CHOWN\ Manual.pdf
man -t chmod | pstopdf -i -o ./Desktop/CHMOD\ Manual.pdf
man -t chgrp | pstopdf -i -o ./Desktop/CHGRP\ Manual.pdf
My basic guideline was avoid using ACLs if at all possible, if you try to use them, things
can get crazy complicated, take notes and plan, baby. If you read above, opening up
permissions wide is wrong though. You would restrict permissions tightly to begin with and
then place ACE (Access Control Entries) to specifically target the rights you want to enable.
Here's one that's obviously a novice attempt to do this, but since the novice is the only one
speaking…. here it is, Universe… >:P
sudo chmod -R +ai "admin allow read,write,delete,file_inherit,directory_inherit,search,list" Department/
That allowed my admin to do all the things a normal user could do so far… It fixed things for
my admin, which made me happy. I really hate having to authenticate or sudo just to see
the contents of a nested directory. I could explain it, and even give a few notes on why its
probably overkill, but I will attempt to look less stupid till "poked".
There's another command line utility I STILL haven't read, which may bear mentioning
because…well I haven't read it. umask (see wikipedia or unix.com)…I worked past my
problems without going into it so far, but obviously it's there, and it serves a purpose.
I also found this article helpful…and educational. :O
http://www.bresink.de/osx/300321023/Docs-en/pgs/ACL.html
( Its enlightening to hear the air whistling between a developer/coder's ears, still it's
apparent he has a clear idea what's going on.
Ever wonder why when you use get info to check or assign permissions it kind of
flakes out and doesn't take? Read this article! )
Second, if you can't obtain the "specific" permissions you need with POSIX, chmod also
can set the 2nd category of permissions, which windows users may be familiar with
Access Control Lists (ACLs) and here you get some really fine granularity...messy stuff.
All in all, if I felt I could guide you through these murky waters, I would, but I think I'll let
the professionals weigh in on that one and cut my wall-of-text to ribbons.
To heuristically check I would connect from a client as one or two of my users and see what
folders I could mount as a share, armored with an understanding of what ls -le@O * showed
me in Terminal.
3.) File sharing setup (Turned ON, Home sharing Enabled)
Here is an example of using command line sharing utility where each share is properly
labeled (that took a bit for me to figure out) still this share only enables the AFP share as
you can see from my flags.
sudo sharing -a /Volumes/Hard\ Drive/Department/Database -A Database-afp -F Database-ftp -S Database-smb -n Database -s 100 -g 000 -i 10
Then you do a sudo sharing -l and get back what you just did…
List of Share Points
name: Database
path: /Volumes/Hard Drive/Department/Database
afp: {
name: Database-afp
shared: 1
guest access: 0
inherit perms: 1
ftp: {
name: Database-ftp
shared: 0
guest access: 0
smb: {
name: Database-smb
shared: 0
guest access: 0
If you mess up the sharing command, you may not be paying attention (I wasn't) but there
are a lot of defaults that Apple will just assume you meant to do anyway and it won't read
any of your flags, you have to get it right or the flags will be defaulted.
( Basically I could tell I was bombing it for one, I explicitly only wanted afp working, but
the default was afp and smb. So each time I ran sudo sharing -l after I shot my sharing
command…back would come smb shared: 1 and I knew that wasn't right. Also my
custom names were defaulting to the name of the directory not the name I had
specified. )
I like to know what protocol my share is over so when it doesn't work, I know which protocol's
are connecting. It's not full-proof, but it's a bookmark. I wish the network browser would
identify the protocol that its available listed shares are using, because small visual queues
like that help when you're trying to see what works. Maybe that's something I should
investigate via the command line?
As a note about reading forums, I discovered using command line that "\" is kind of like a
way of going to next line neatly with long commands…."\ " is a way to insert a space. As you
can see above where I have a volume with a space in it.
Removing shares was a little trickier though, sharing -r Share\ With-space didn't work….I
had to enclose it in quotes and do "Share With-space" instead. So nooby beware!
( *nix users are now rolling their eyes at this tip. )
I wasn't sure how you enabled a share for home directories from the command line, maybe its
in the manual, but I was up to my eyeballs in manuals already so I haven't gone back to
revisit this question since my work around was to go to Server.app and verify that what I set
up in the sharing in terminal was being reflected in the gui…sort of my own MVC
(model-view-controller) check.
4.) Directory Utility > Directory Editor or dscl
Make sure what you see in WGM and Server.app are reflected here….to that question let's
take a journey where I did some exploring about that.
Ever really wonder "WHY CAN"T I REMOVE AN OLD HOME DIRECTORY SHARE?!!!"
Ah, then you will - LOVE - this tip…
( Provided my testing or yours, later, doesn't prove that in my ignorance I've broken
Open Directory. Remember, WHITEGLOVES!!!! but here we get a little dirty. I think of
OD as Apple's Registry, but that's not what it is at all. However, you as the user do have
to "****" around in it from time to time. )
I scoured the forums and everyone was saying things like "You have to change your server
role" etc. which seemed a little bit dumb to me (dumb because you're pushing views around
not "controlling"), and well, yea, that share that I couldn't modify or delete was REALLY
bugging me.
Now hmm… Before you do ANYTHING, how do you try to not hurt yourself…in Windows you
can make a Registry Backup….(yea bad analogy) In Server Admin.app you can go to your Open
Directory Service > Archive and Choose a place to Archive your information. (Figure this out by
yourself, this is getting long…sheesh! It's easy. Restoring is just as easy and painless.)
Before we can remove the entry we "SEE" in WGM we should make sure no
one has it selected so as not to "corrupt" the OD db, so in WGM first before going to Directory
Utility set the Home directory to "None". (We need to remember to set this to a correct share
later….Mental Note!!!)
Now Open Directory Utility
Method 1
System Preferences > Users & Groups > Login Options
Click the Lock to make changes…
Authenticate -> click "OK" (do I REALLY have to step-by-step this?)
Network Account Sever: • Local Server - click "Edit" button here.
Open Directory Utility > Directory Editor
( Wow, did Apple hire someone from Microsoft? You'ld think with all their research in to
Human Interface Design that's WAY too many clicks to get to something you need. )
or
Method 2 (It's good to know about this directory, neat-o speed-o app's hidden here.)
Use "Go to Folder" Under Finder > Go > Go to Folder...
⇧⌘G /System/Library/CoreServices/
Click "OK"
and Double click Directory Utility.app
or
Method 3
Terminal
open /System/Library/CoreServices/Directory\ Utility.app/
Now From the Directory Editor Pane you will see a Pop-up menu Labeled "Viewing"
You should glance through this and get to know it. You should use it to see what
information is really being stored about your Users, Groups, Mounts…
We are interested in Mounts, which is where we want to go…and there is the pesky
mount that you will see reflected in WGM.
Authenticate, and delete the bugger.
Quit WGM and restart it. Voila, bad share is GONE!!!!!
a.) First select all my users
b.) Then I clicked on the "+" and added the correct share
( Remember, I only showed you the first one we created, this is another and
for THIS one you HAVE to go into Server.app and verify that it is set to be
available for Home Directories in this case for AFP. )
For the home directory entry you do this...
afp://computer.domain.com/Accounts-afp
%short_name%
/Network/Servers/computer.domain.com/Volumes/Hard\ Drive/Department/Accounts/%short_name%
%short_name% is a wild card for the short name there are other wild cards check out Apple's
Documentation on them. I lost the link sorry \<shrug\>
Interesting dscl commands…(check it out in command line form and compare side by side with
what you see in the GUI Directory Utility)
dscl . list /users
dscl . list /groups
If you want to output information about each user, though, use readall:
dscl . readall /users
dscl . readall /groups
And if you need to programatically parse said information, use -plist to make your life easier:
dscl -plist . readall /users
dscl -plist . readall /groups
This made a little more direct sense to me, language wise…but fyi "." is kind of a wild card I think so the first
commands I think look in ALL directories local, Search, LDAP whatever you have. The command here
corresponds to the Entry from the Pop-up menu "…in node > Blah…" see GUI of Directory Utility to confirm.
dscl /LDAPv3/127.0.0.1 -list /Users
dscl /Local/Default -list /Users
5.) Workgroup Manager
Remember this is a utility that is not long for this world. Apple's Mountain Lion is rumored to fully
replace it, why? Yea, Apple's making a go at MDM (Mobile Device Management) and somehow
desktop computers are being pulled/dragged along for the ride. I have plenty of issues with
Profile Manager, but I'll likely revisit it in a couple of months and see where we stand.
Anyway, treat this baby like the bottom rung, because, well it is built like you start your
foundation here, but it's just a viewer with controlling "tweaks". Use the other areas to get a solid
grasp of what is actually going on. Server.app is where you should create accounts you can
feel are safe. When you create accounts in WGM, you are responsible for making sure they
have the appropriate EVERYTHING.
This list is by no means complete, but these are the areas this noob is or was prepared to talk about.
Good night for now. Enjoy climbing my wall of text, and yea sorry about that. :O Run for you lives!!!!
- Signed Shadowwraith -
AD mobile account and Netinfo stuff up
Hi everyone, Not sure if this is the right place for this but I have made a stuffup and I'm not sure how to fix it.
I have my iBook in ad AD domain, and evrything was working flawlessly that is until I noticed strange errors in console indicating my UID was too large and stating this is not causing your problem Funny thingis I never knew I had a problem. What's the old adage about not fixing it if it's not broke?? Anyway being fearful of stuffing things up I have let it lie for a couple of months this way. After looking around on our Win Servers I couldn't find where or what the UID was mapping to, so decide to take the plunge and edit my account in Netinfo. So I made two duplicates of my account and chage my UID from a six digit figure to a 3 digit figure. Now when I login, I get the default desktop and Dock settings, even though my Home folder is mapped correctly. Help?Yes, I know how to click buttons in the gui, that does not fix the issue. The issue is that the Active Directory schema at my company includes extended attributes from the RFC 2307 schema. Apple's AD plugin does not know how to handle this extended schema especially when using mobile accounts.
Apple's AD plugin reads these unix attributes from AD and thinks it knows what to do but ends up causing more problems then if there were no unix attributes at all.
Since this post, I have opened a ticket with Apple. They were able to recreate the problem in their lab with their AD server. The only work around is to create a custom ActiveDirectory.plist file that forces the Mac to ignore what AD is telling it.
This solution works unless the ActiveDirectory.plist file is deleted or corrupted. This problem will only become worse once Microsoft includes all of the RFC 2307 schema in their next service pack of Win 2003 server. -
Mail mysteriously duplicated all account and folder info
Booted machine this a.m. and mail application has duplicated account and folders and .mac has virtually nothing remaining. Any server issues?
What is the safest way to delete the duplicated acounts and folders without risking losing everything since the .mac account is now for the most part empty.
iMac 800 Mac OS X (10.4.7)Could you please elaborate? I'm having a hard time understanding (and believing) what you're saying.
How many accounts do you have and what type are they (POP, IMAP, .Mac)?
In the Finder, go to ~/Library/Mail/. With that folder open, do Edit > Select All (⌘A), then Edit > Copy (⌘C), and paste it in your reply to this post, to let me see the names of the files and folders present at the root level of the Mail folder.
Before actually posting that information, you may edit it so that the file/folder names do not reveal any details you wish to keep private, e.g. you may replace any real username with "username" if you wish; similarly, you may disguise any domain names you don't want to be revealed. Try to be consistent in how you disguise those details, though, as we may need to refer to them in subsequent posts. -
Not sure if this is correct forum for this, apologies if it isn't.
I have some of my users set up as mobile accounts.
These same users are using parallels for WinXP sessions.
The issue I have is that when I download an attachment or file under MacOSX, I save it to my "Home" directory, because I am using a moblie account that is saved on the local hard drive.
In my parallels Window my networked "Home" directory is exactly that, on the server.
Therefore I do not get to see the saved file from earlier until a sync has occurred or a manual sync has been performed.
Is there a way (and I have asked parallels, they haven't replied) of making the Parallels windows to reference the home directory on the local hard drive, so that I do not have to wait for the sync to occur."Not sure if this is correct forum for this, apologies if it isn't."
Try the Parallels forums:
http://forums.parallels.com -
Basic set-up: multiple mail accounts and folder structures
I have two entirely separate mail accounts: my personal one and my work one. As far as I can see, Mail forces me to have the entire contents of both Inboxes rolled into one. Is this really true? Or am I missing something? Is there a workaround?
With IMAP servers which list all folders (Sent, Filed, Trash etc) as subfolders of INBOX, Mail still insists on having its own folders with those names at the same level as INBOX, which is very confusing. Again, is there a way of having Mail reflect only what is on the server, not adding folders of its own?
(It seems to this OSX-beginner like a programme which could be very clever with the right setup, but that is rather hard to control for someone used to "normal" mail clients...)
Nicmrchi wrote:
Mail also lists other folders with similar names at the same level as INBOX, which appear to have a mysterious relationship with the real folders on the server. Some are the same as, some not. Are they "local" folders?
Yes, they're local folders (located in /Users/youruseraccount/Library/Mail/IMAP-account@domain), they're synced and display the contents of the folders on the server, so when you move some message from one folder to the other, the folders on the server will reflect this change.
Also, to select if you want to keep local copies of the messages or not, you can go to the Advanced properties of the IMAP account in Mail.
Can I get rid of them and just use Mail to display only what is actually on the server, in the structure it is on the server?
Nic
No, you can't get rid of them. Usually you can minimize them under a sort of earth globe icon. -
What we think is the following:
Create a GTC resource, with flat file reconciliation and spml provisioning.
Edit the provisioning process to get it work disconnected, based on http://docs.oracle.com/cd/E27559_01/admin.1112/e27149/disconn_resources.htm#CHDDGGHD, we need to modify all SPML sending process tasks to be manual.
Create a disconnected resource from this resource in a sandbox.
In this case we do not need to develop custom codes, we only need to modify the provisioning process to be manual.
Any other solutions or best ways to do it?Hi Gergely
The best way is to use OIM bulk load utility.
Using the Bulk Load Utility - 11g Release 2 (11.1.2) --> Loading Account Data
This is very easy and smooth.
Thanks & Regards
Shashidhar -
I opened my account in November of 2011, and then purchased a new phone via upgrade in November of 2012 with my upgrade. I have not purchased a new phone since, but my upgrade date is showing as April of 2014! I am not happy about this AT ALL!!!
Actually, I'm surprised it's showing your upgrade date is as early as April 2014. If you upgraded in November 2012 by signing a new two-year contract (i.e., you received a subsidized phone), your upgrade date would be 20 months later, or July 2014. Verizon no longer offers annual upgrades.
-
User accounts and shared data on external drive
I installed Lion Server on a Mac Mini that has a smaller hard drive. Aprox 150GB. The intent is to have user files and accounts reside on a larger 4TB raid drive (2/2) which is installed on a G4 running 10.5.8. Lion Server would access the G4 via a network connection.
Is that possible?
When I look at an account in the users window of Lion Server it says Home Folder : Local only (pull down menu)I installed Lion Server on a Mac Mini that has a smaller hard drive. Aprox 150GB. The intent is to have user files and accounts reside on a larger 4TB raid drive (2/2) which is installed on a G4 running 10.5.8. Lion Server would access the G4 via a network connection.
Is that possible?
When I look at an account in the users window of Lion Server it says Home Folder : Local only (pull down menu) -
Vendor Accounting and Purchase data
Hi all
I would like to know, if is it possible to understand from some exit or badi, if a user is saving purchasing data or accounting data in tcode xk02.
Thanks and regardsHi Gabriele, in method CHECK_ALL_DATA you have available data have changed and you can compare them with those in Tables.
In method CHECK_DATA_CHANGED you know if changes made.
Regards. -
The sort key in the master data G/l account and master data customer
Sort Key
Hi All,
in the master data (control data) of the G/l account XXXXXX (it's a reconciliation account) I've filled in the sort key the value ZZ1 (XBLNR).
Instead, in the master data of a certain customer which has its Reconciliation Account equal to xxxxxx, I've filled in the sort key ZZ2 (BELNR).
Posting a document, I need that the Assignment number is equal to XBLNR.
How could I obtain this?
Thanks a lot
G.Hi,
You are assign short key with Customer master in ZZ1 (Account Management Tab Bottam).
I think it is helpful to you.
Regards,
Spradip
Maybe you are looking for
-
Filters 'OR' function not passing the values to the sql
Hi, I am facing an issue with the 'OR' function on the filters that are used in the reports. The report needs to fetch all the records on the three tables as the user enters the value in the dashboard prompts. eg: [ update_dt_A1 is prompted and use
-
I have just bought a black Apple TV and it works fine when connecting my iPad to a modern TV. However on an older Philips TV, there is no sound coming through. Do I need to use an audio cable from the optical digital audio port in addition to the H
-
IMovie Importing Photos Improperly -- Mixing Thumbnail/Footage
I have iMovie 9 -- a bit old, I know, but that's what the church has for me to work with. I am trying to create a slideshow using images pulled from a Keynote presentation, but every time I import specific images -- a little over half of what I have
-
My iMac OSX keep shutting down
My iMac OSX keep shutting down randomly. It goes to a black screen to a blue screen and then shuts off. I have to unplug and replug it in to get it going again. It's happening everyday... has anyone had this problem and if so what did you do to fix i
-
How to pass username/password through WebService proxy client to E-BS.
Hi We are using ADF Webservice proxy client to integrate E-Business suite with ADF. It asks for username/password to access details from E-BS. In the generated webservice XSD file, a method is available with 2 parameters. 1) SOAP header( Contains Use