ARD 3.2, network home directories and two admin workstations = problems

Similar Messages

• Trouble with network home directors and keychain

  Hello all,
  I have recently started to dabble into Managed Accounts using 10.4.11 server, however I am running into sporadic issues. First of all, Keychain access to users is extremely flaky. All of my users' files are being imported from existing local accounts, so I'm betting that my import procedure has something to do with my problems. Fortunately all of my local accounts have long ago had their uid's changed to mirror the users workgroup UID, so I haven't had to bother with changing permissions on any files. My import process goes like this.
  First, I create the users home folder in the Workgroup Manager. Then, I log into the users computer via ARD, take control, connect to the users Home Folder, and copy all of the contents of the users local folder into the Network Home. Once this is done, I apply the correct permissions to the users home folder to ensure that no files may have been overlooked during the import process, and then I log out of the users account, log into the administrator account, and completely delete the users local account. I then add the computer to the Servers managed computer list, add the user as the sole authorized user (other then Administrators of course), restart the computer, and then log in as the workgroup user.
  Once this is done, I usually have several issues with the Keychain in authorizing the workgroup user to use the existing keychains. Even after logging back in to the local Administrator account and completely deleting all existing users' keychains, the user has the same issues. To my untrained eyes, some programs have a hard time accessing the proper keychain, or remembering that the keychain has been altered.
  The second problem that has only recently cropped up is that some users are loosing the ability to use their keyboard in certain applications. This happened to me maybe once or twice in the last couple of days, but starting today, and in the last 2 hours, has had this happen no less then 10 times. The only program that I have seen this happen to is Microsoft Excel 2004, and it is also the only program that I have had it happen to me on.
  This is only happening on users who are using Leopard 10.5.4.
  Any help is appreciated. Also, is the macos-x mailing list dead? I haven't seen any posts to it in almost a week...
  Thanks,
  James

  Hi
  I’m sorry that the guide is unreliable for you, although it does seem strange that it is. Perhaps there is something fundamentally wrong with the configuration of the AD Server?
  Apple have made binding clients to Active Directory relatively simple and easy since 10.4. You had to work a little harder in 10.3. All I can add is successful integration depends almost entirely on how well the AD Server is set up. It might be worth your while to look more closely at that for a solution?
  Speaking for myself I have never really had a problem and as far as I can tell all of the installations I have been involved with that required AD-OD integration are still working as desired. Some of them going back 2 years, that’s pretty reliable don’t you think?
  Tony

• Final Cut Pro with Network Home Directories

  Hi,
  I have been tasked with setting up a Mac network primarily for use with FCP. The main requirement is that the user profiles are roaming as users will move from desk to desk, it is a college.
  I have an Xserve with OS X server and Open Directory configured. I have configured the network home directories and have successfully logged in with different users.
  My questions is regarding Final Cut. What is the best way to configure Final Cut to reduce the amount of network traffic?
  I have redirected the users cache folder to the local Mac and configured the scratch disc to a local hard drive. Are there any of tips that someone with a similar setup can recommend?
  Thanks

  Most schools end up using ext HDs. Each student has their own firewire HD with All the fcp capture, scratch etc docs on it.
  Thats the only way to meet the demands of video production and retain portability

• FontExplorer + Network Home Directories = font amnesia

  I'm a humble (tho ambitious) graphic design instructor trying to get network home directories working in my 30-seat design lab. At the beginning of January I migrated all workstations to a freshly built 10.4.4 universal image and updated (actually re-installed) my server and took it to 10.4.4.
  In my testing of network home directories everything is working perfectly accept our font manager. (Even Word is playing nice thanks to a tip I found here!)
  We started with FontAgent (cause we own 30 licenses), but quickly found that to be not very well adapted to a network home environment. (I did get the official work-around shell scripts from Insider Software, and those looked to be an easily broken kluge that only solve half the problem.)
  So again following Gerrit's tips from here, I tried the latest version of FontExplorer which is supposed to support network home directories-- and it runs! (Unlike FontAgent.)
  ...but it has an incurable case of amnesia. In other words, as users move around from machine to machine, session to session, and day to day it always forgets all their fonts-- even though the actual font files always remain accessible in the same place.
  Upon investigation, I can see that FontExplorer is actually doing something very similar to the FontAgent shell scripts. That is, whenever FontExplorer is launched in a NHD environment it creates a new "FontDatabase.db" file in a directory on the local drive:
  Users/Shared/Linotype/FontExplorer X/{UserShortName}_{UserNumericID}/
  and creates a symbolic back to the file's customary location in the user's networked Library:
  /Application Support/Linotype/FontExplorer X/
  The amnesia part comes in because I haven't found a way to get FontExplorer to start with-- or keep-- an already configured "FontDatabase.db" file. It constantly seems to be resetting itself with each login.
  Does anyone have wisodm or suggestions on how to make FontExplorer remember its fonts?
  Does anyone have any tips for getting any font manger to be totally functional in a network home environment?
  PowerBook G4   Mac OS X (10.4.4)  

  Excellent tips, and thank you - they're very helpful for all involved!
  I see that you're using NFS (and its behavior makes sense), but this might make your life a little easier if you were to use AFP for home directories again:
  1. If you have an automounted network Library (/Network/Library), that would be perfect for housing a "starter set" of Font Explorer preferences and your initial, preconfigured database file, in this way.
  Create a folder in your automounted network Library and name it something like FEInitialData. Set the permissions such that your users can only read (root:admin 775 would be good). Now your clients all see the FEInitialData folder in /Network/Library/FEInitialData.
  Locate these files from an appropriately configured local user account: com.linotype.FontExplorer.plist and the ~/Library/Application Support/Linotype/FontExplorer X folder (that contains the FontDatabase.db file).
  Place a copy of the com.linotype.FontExplorer.plist file in the FEInitialData folder in your network Library. (To clients, this appears as /Network/Library/FEInitialData/com.linotype.FontExplorer.plist.)
  Use Disk Utility to create a new disk image from the local ~/Library/Application Support/Linotype folder. Make sure that the image is a read/write image, and name it something like FESupport.dmg. Then place that resulting disk image in the network Library, so that to clients, this appears as /Network/Library/FEInitialData/FESupport.dmg.
  2. Utilize an AppleScript app as a login item to perform the following listed actions at login time. You'll have to either distribute the login app to each computer (e.g. in their respective Applications folders), or place it in the automounted Library (or automounted Applications, etc.) like /Network/Library/LoginScript.app. You'll also have to define the script as a login item for your users. You can do that at the group level in Workgroup Manager once you have the LoginScript.app in the same relative place on each client.
  Be sure also to remove FontExplorer X itself as a login item, since it needs to be quit while we're preparing files for it!
  Listed Actions to be done by LoginScript.app:
  1. If no ~/Library/Preferences/com.linotype.FontExplorer.plist file exists, copy it from /Network/Library/FEInitialData.
  2. If no ~/FESupport.dmg file exists, copy it from /Network/Library/FEInitialData.
  3. Mount the FESupport.dmg file to a local filesystem path, so that its contents appear to reside in a local folder. (For this script, I'll use /tmp.)
  4. Ensure that a ~/Library/Application Support/Linotype folder exists and contains a symbolic link named "Font Explorer X" which points to the mounted disk image's contents.
  5. Launch Font Explorer. (Upon initial launch, the metadata caches should be recreated.)
  -----LoginScript.app---
  (*See if the preference file and FESupport disk image are in the right places. If not, copy them there.*)
  try
  do shell script "ls ~/Library/Preferences | grep 'com.linotype'"
  on error
  --The com.linotype.FontExplorer.plist file is missing.
  do shell script "cp /Network/Library/FEInitialData/com.linotype.FontExplorer.plist ~/Library/Preferences/com.linotype.FontExplorer.plist"
  end try
  try
  do shell script "ls ~ | grep 'FESupport.dmg'"
  on error
  --The disk image is missing.
  do shell script "cp /Network/Library/FEInitialData/FESupport.dmg ~/FESupport.dmg"
  end try
  (*Create the mount point for the FESupport.dmg file*)
  try
  --Delete the mount point in case we're not the first login and to ensure that we have an empty folder owned by this user.
  do shell script "rm -rf /tmp/FEMountPoint"
  end try
  try
  --Create the mount point
  try
  do shell script "mkdir /tmp/FEMountPoint"
  end try
  (*Ensure that we have a symbolic link to the mount point*)
  try
  --Remove any existing links just to be safe.
  do shell script "rm -rf \"~/Library/Application Support/Linotype\""
  end try
  try
  --Create new symbolic links.
  do shell script "mkdir \"~/Library/Application Support/Linotype\""
  do shell script "ln -s \"/tmp/FEMountPoint/FontExplorer X\" \"~/Library/Application Support/Linotype/FontExplorer X\""
  (*Mount the ~/FESupport.dmg file to /tmp/FEMountPoint*)
  do shell script "hdiutil attach ~/FESupport.dmg -mountpoint /tmp/FEMountPoint"
  (*Open FontExplorer*)
  do shell script "open \"/Applications/Linotype FontExplorer X.app\""
  ---End Script---
  I might have messed up some of the syntax, so consider this a working example. Hope it helps!
  And, yes, if you need consulting, you can find my contact info at consultants.apple.com/consultant by searching for AuburnMac.
  --Gerrit

• IPhoto '11 and network home directories

  Hi,
  We are using iPhoto '11 and network home directories which live on a SMB file server. When a user attempts to run iPhoto they get the following error: "Warning. The library could not be opened because the file system of the library's volume is unsupported."
  iPhoto '09 works fine in our environment, and if the library is relocated to the Macintosh HD > Users > Shared directory it can be loaded. This appears to be a new bug in iPhoto '11. Am i correct?

  iPhoto was never designed for a network environment. It's low end user application. If you want an image management application this is designed from networks and multi users you'll need a DAM (digital asset management) application like Media Expression.
  You can learn about EM and other DAM apps at The DAM Forum where those applications are discussed and evaluated by professional photographers.
  You can request adding a new feature to iPhoto via http://www.apple.com/feedback/iphoto.html.
  OT

• You are unable to log in...; Network Home directories; 10.4 & 10.5 Servers

  I have a solution!
  Note: this is a new post because all previous posts dealing with this topic have been archived, MANY without an answer.
  Problem:
  Users with Network Home directories can't log in. After entering their correct username and password, the following error message appears:
  "You are unable to login to the user account 'username' at this time. Logging in to the account failed because an error occurred."
  Problem occurs with v10.5 Leopard client attempting to login to a Network Home directory hosted on a v10.4 Tiger server.
  _Significant Troubleshooting Symptom:_
  Client mac Console log (all Messages) contains the following entry at the time the user attempted to login to their Network Home directory:
  authorizationhost[509] ERROR | -[HomeDirMounter
  mountNetworkHomeWithURL:attributes:dir:Path:username:] |
  PremountHomeDirectoryWith Authentication( url=afp://server.example.com/Homes, homedir=
  /Network/Servers/server.example.com/Volumes/ServerHardDisk/Homes/username,
  name=username )
  returned 2
  _Computing/Network Environment:_
  v10.5 Leopard server doing: DNS; Open Directory with Kerberos for Single Sign-On; AFP for half of all users' Network Home directories.
  v10.4 Tiger server doing: AFP for the other half of the Network Home directories. Also, note that Open Directory is not running on this server, BUT IT IS CONFIGURED (using Server Admin) as "Connected to a Directory System" and has joined the Kerberos realm on the v10.5 Leopard server.
  v10.5 Leopard clients.
  Solution:
  v10.5 User Management manual
  http://manuals.info.apple.com/enUS/User_Managementv10.5.pdf
  says share points for Network Home directories have to have Guest Access ENABLED. See step 5 on page 117 and step 12 on page 118. Note that these are two different settings, but seem consistent with each other.
  I had followed/complied/set Guest Access according to steps 5 (page 117) and 12 (page 118) on BOTH the v10.5 Leopard AND the v10.4 Tiger servers. The solution that allows users to log on normally is:
  Uncheck/disable Guest Access (as set in step 12 page 118) for the v10.4 Leopard server only. Leave "Share this item using AFP" checked. Uncheck "Allow AFP guest access."
  The above worked for me. Your milage may vary. If anyone knows how to report this to Apple for fixing in the server software and/or clarification in User Management manual, please do. If anyone knows that this solution "breaks" other stuff, please post back.

  Other posts that dealt with this same issue and other potential solutions:
  http://discussions.apple.com/thread.jspa?messageID=5700241&#5700241
  http://discussions.apple.com/thread.jspa?messageID=5784186&#5784186
  http://discussions.apple.com/thread.jspa?threadID=1215039&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=9204496&#9204496
  http://discussions.apple.com/thread.jspa?threadID=1522353&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=10226660&#10226660

• Folder Redirection not working on SMB Network Home Directories

  I've setup network home directories on a 10.7.3 server. NHDs are available via SMB currently. I'm trying to setup folder redirection via MCXRedirector for both the ~/Library/Cache folder and ~/Downloads and redirect them to the local client. Client is 10.7.3 joined to OD. I'm using Login Redirection and the option to delete the existing folder and create a symlink. I used these instructions to create the redirectors: http://www.afp548.com/article.php?story=MCXRedirector
  When NHDs are available via SMB, the folders are created on the local client, but the symlinks aren't created in the NHD. I can switch the NHDs to be available via AFP, and then it works fine. I can switch back to SMB and the symlink stays in place and appears to work with no issue.
  Am I missing something here? I can't find any documentation that says I can't use MCXRedirector with SMB shares, and I see a number of posts where it appears that people are using it successfully... so I'm not sure what is wrong? Any help or suggestions is appreciated.

  Hi James,
  For folder redirection issues, we can go to Windows Logs\Application in Event Viewer to check if some related error events were logged.  Besides, we can also run cmd command
  gpresult/v or gpresult/z to collect group policy result to check if something goes wrong.
  Regarding how to configure folder redirection, in my opinion, the following article provides a good guide.
  Configuring Folder Redirection
  http://technet.microsoft.com/library/cc786749.aspx
  Best regards,
  Frank Shen

• Users on network home directories hang after sleep

  Hi,
  I have the following problem: I have a 10.5 server with network home directories. I can login from Snow Leopard (10.6.1) however whenever the machine goes to sleep and comes back from sleep, the user hangs then if you wait a bit then it will come with the message that the share has been disconnected and it asks you to manually unmount. It will stay there forever. When you click disconnect, the system will unmount and remount the home directory but in the mean time, Mail will have reported disk i/o errors in the logs and throw errors (ranging from type in your password to 'rebuild index').
  Going through the log files (and verbosity high) it seems that when going to sleep, the system doesn't unmount the network home directory. After it wakes up from sleep it attempts to unmount the home directory share which off course fails because it's in use and then it locks up, after you click disconnect, it says "spins reported" in the logs and goes on with remounting the shares.
  The issue doesn't happen if the user is local. If anybody has an idea as to how this works or if they have it working, please let me know. I have tried just about anything. AFP shares, NFS shares, I have tried with or without the intr, nolocks, locallocks mount options - they all have the same issue. I have even tried another Mac Mini with a fresh install of Snow Leopard.

  I found a possible cause and solution.
  This has been on 10.6.1 with Mac Mini's. Then we got a new Mac Pro with 10.6 out of the (Apple) factory which I updated to 10.6.1, same issue. What I didn't think about is that by default I install a heap of software (including XCode, Adobe CS4 and Office 2008) with customized packages and workgroup manager preferences.
  So I was mucking around with Cocktail (the tool to clean up caches etc.) and I noticed Snow Leopard hung every time after cleaning & recreating some caches. Now that I had a reliable way to hang Snow Leopard I investigated what could cause it.
  I noticed during a PackageMaker session that Adobe CS4 installs a Version Cue startup script in /etc/machinit_peruser.d. I deleted it, rebooted, used Cocktail again and it went all the way through without hanging. Rebooted again, according to the logs it pre-linked & cached the kernel and several kernel extensions and that was it, no more hangs, no more issues logging in after sleep or screensaver.
  So possible causes:
  - VersionCue installs itself as a kernel module or something (the location says "mach" which is the kernel after all) which is not compatible with Snow Leopard.
  - The caches and kernel extensions were 'dirty' out of the box but VersionCue (or something else that interacts with it) blocked my or Snow Leopard's automated attempts to clean them.
  - VersionCue reinitializes (it sits on the network after all) after a sleep or screen saver timeout in a way that gives issues with Snow Leopard

• Network Home Directories for all users

  Hi,
  I hope someone can shed some light on a possible issue.
  I work for a primary school in the UK.
  I have Tiger server 10.4.10 running as an Open Directory Master. I have a 1TB XRAID attached to this server where the Home Directories are hosted. I have been told that they are now slow at logging in (I am currently unwell at home so have not confirmed this yet).
  It used to be a magic triangle setup but found there were problems with the managed prefs for the clients not being obtained on startup and network logins not working.
  The DNS and DHCP comes from the AD still.
  The OD has been set up to have the same kerberos realm as that of the AD (is this wrong) as the users are in both AD and OD with same username and password.
  The users Home dirs for the OD are hosted as i say on the XRAID which has a striped array of 1TB so the HDD speed shouldn't be a problem.
  The server is now connected to a 1Gb switch as are the clients.
  I have added more ram to the Xserve (now running on 5GB RAM). I have read that an afp server needs a lot of ram to work effectively. Is this enough?
  I have not set up link aggregation yet.
  The total amount of users logging in at one time will be no more than 40 users at once as there are only 40 mac machines in the school.
  I hope you can help as i would like to have something to go back to school with to tackle this if it does turn out to be true.
  Any more info needed just ask.
  TIA

  Hi. Let me restate so I understand it right. You are using an XServe to host network home folders and also using Active Directory for authentication? I work at a primary school also and we have an XServe that has the users home folder on it, but we also connect to an AD server for authentication. We had some speed issue with logging in but as soon as we set up a time server to ensure that both the XServe and AD server had the same time the trouble was fixed. Hope this helps.

• Stumped on AFP network home directories.

  Heyo,
  Been RTFMs on File Services, User Management and Open Directory. Also looked in www.AFP548.com but didn't find anything helpful.
  We have a mixed environment and windows users aren't having any problem with network domain logins or using smb shares. Mac clients can mount the network shares with afp but network homes are a no go.
  Made the changes needed for the firewall and tried it with the firewall off just to be sure.
  The /Home share is automounted (not using the default /Users).
  Guest access is on in Sharing and AFP.
  Network Mount for /Home is set to Enable network mounting, AFP and User Home Directories.
  SMB Windows Homes are in the same directory and run without problems.
  Directory Access on the Client saw the server and looks ok.
  Only ref. I can find for the login attempt is under Open Directory Password Service Server Log:
  Apr 23 2006 16:42:31 RSAVALIDATE: success.
  Apr 23 2006 16:42:31 USER: {0x00000000000000000000000000000001, netadmin} is the current user.
  Apr 23 2006 16:42:31 AUTH2: {0x00000000000000000000000000000001, netadmin} CRAM-MD5 authentication succeeded.
  Apr 23 2006 16:42:31 QUIT: {0x00000000000000000000000000000001, netadmin} disconnected.
  and OD LDAP log:
  Apr 23 16:42:31 ci slapd[81]: bind: invalid dn (netadmin)\n
  Nothing in the AFP log.
  Any thoughts on what I should try or something obscure I may have missed when setting up MacOS client network home directories with AFP?
  Thanks
  Mitch
  Server: 10.4.6
  Workstations: 10.4.6

  Getting closer.
  Kerberos wasn't running and the ODM wouldn't Kerberize.
  This thread sorted out the issue:
  http://discussions.apple.com/thread.jspa?messageID=2186542&#2186542
  Kerberos is running now but still canna login for mac clients.
  hostname and sso_util info -g both resolve properly.
  but when i run:" slapconfig -kerberize diradmin REALM_NAME "
  all looks good until the command (with the proper substituions)
  "sso_util configure -r REALM_NAME -f /LDAPv3/127.0.0.1 -a diradmin -p diradmin_password -v 1 all"
  automatically runs and I get a list of:
  SendInteractiveCommand: failed to get pattern.
  SendInteractiveCommand: failed to get pattern.
  SendInteractiveCommand: failed to get pattern.
  and "sso_util command fialed with status 2"
  the sso_util command by itself spits out
  Contacting the directory server
  Creating the service list
  Creating the service principals
  kadmin: Incorrect password while initalizing kadmin interface
  SendInteractiveCommand: failed to get pattern.
  kadmin: Incorrect password while initalizing kadmin interface
  SendInteractiveCommand: failed to get pattern.
  kadmin: Incorrect password while initalizing kadmin interface
  SendInteractiveCommand: failed to get pattern.
  etc...
  even though the login/pass are good
  any thoughts on what i should check or where i should go next?
  Thanks
  Mitch
  iMac G5   Mac OS X (10.4.6)  
  iMac G5   Mac OS X (10.4.6)  

• Need Help setting up "Network Home Directories" or Something Similar

  Alright so, I am sure the answer to my question exists but I have no idea what i am looking for as far as syntax is concerned. I have taken over as tech at a full mac School and have not touched a mac before in my life. I will try my best to give a detailed description without an entire life story.
  My school has 10.4 on laptops which we run a script on to bind to a directory allowing them to access accounts created on our server. That part works fine. The problem we are having is syncing or saving any files/changes to these networked accounts. The accounts seem to have home directories created, i went through workgroup manager and set up login/out and background syncs, and nothing seems to work(Copy/save). This year it would have been nice to have the syncing feature since all student/teacher laptops would go back and forth from home and work. However next year will change a bit since we will keep all student laptops here and the teachers will still take them home. We also have desktops of course which do not move and will be accessed by the students.
  I need to find a way for students to log into the server to access their account and have it automatically pop up displaying their own files/folder on any machine they access since they wont always be at the same machine. considering there will be upwards of 100 students accessing each machine, local syncing for this would not be a good idea. My best guess would be setting up network home directories so they can log into and work directly from the server and have nothing but the original OS installed on their local machine.
  As far as the teachers go, Since they have one laptop the entire year and take them home the syncing method would be the best. That way they can come here, turn on their laptop, automatically sync as they log in, and save everything when they log out (or every so many minutes since some of them close it and just run home). I tried doing this with a student account but could not get it to work. My other problem with this is that the teacher laptops are 10.5 and I have no clue how to bind them to the directory since I was not the one who created the original script which is something i would like to reverse engineer to my standards since it has some nice little things in it I just wish to tweak.
  A short recap of what i need:
  1) Network based accounts with network home directories, nothing locally saved
  2) Network Based accounts with Portable Home Directories, Syncing between local and server files
  3) Bind 10.5 machines to server
  4) Program to read and edit a script.
  I somewhat know the terminology for PHDs and MHDs and have read a bit about those but still cannot get them to work, but I am extremely frustrated with my lack of terminology for NHDs (If that is what they would even be called) and have had a hard time finding any information on how to set them up. The only thing i found was stating that if the server goes down, so do the accounts. Which isnt a problem since we have multiple servers as well as last ditch local accounts for students to just access the computers.
  As far as i know, our servers are running LDAPv3 w/ OD, maybe even not with OD, I really don't know. If anyone can give me any help with this it would be much appreciated. If you need any additional information let me know and I will try my best to get it to you. I may even be willing to wipe everything and start fresh if it is required since these havent been used much in over 2 years, only for drive mounting storage.

  I received some information on another forum, however I am still stuck.
  So i rebound a laptop to the server via Directory Access, created a new account using Workgroup Manager, set the Home Point in WGM for the Account to a specified folder on the server's raid and no luck.
  The account authenticates with the server, but it saves everything locally and ignores the NHD. Anyone with any ideas?

• Unable to use network home directories on a 2nd volume

  Hi,
  I am having a problem hosting network home directories on 10.4.4 server. Through the help of AFP 548's instructions I have had them working fine when the users folder is at /users however I would like the data stored on another hard drive for easy backups, etc. But when I set this up I just get the unable to connect due to an error message on the client machines.
  I have tried setting up another folder on the boot volume and that works fine so I think the settings I am inputting are correct but as soon as I select a folder off the boot drive I run into problems again.
  Any ideas?

  Any ideas?
  Yes, but it might also be helpful to know specifically what error message your users are getting when they try to log in.
  If you've correctly set up your share point and network mount record as criss describes but you're still having problems, it may be due to the length of the path to the user's home folder. For more information on that point, see KnowledgeBase article number 107695.
  One question: can your users find their home directories when they log in to the server using Go > Connect to Server in the Finder?
  David Walton

• Mac OS X Server, Network Home Directories & Time Machine

  hi,
  I am using mac os x server to manage a small workgroup using open directory and network home directories, the server is backed up using time machine. From what I understand, time machine does work on network home directories.
  However, as I am backing up my server using Time Machine, it is already backing up the user directories. Is there any way of getting a client to access the server time machine backup to access the backups of the user directories?
  Of course, it would be easy to restore files by logging onto the server as the user and restoring from there. I am just wondering if there is a more elegant solution available to do this from a client machine.
  any thoughts?
  thx!

  Hi,
  I am trying to do the same exact thing and find that it is best to do this locally (for now). Not only is the network way slower, but it seems to make things worse. For example, things backed up via the client machine are routed from the FTP server/volume mount and different permission wise. When you try to restore them locally, it should work, but the folder had different permissions because they were initially created in root (for me). So, I hope they would come out with something better than what is available now. Thanks!

• 10.5.6 Login Items Error with Network Home Directories

  I'm splitting this post off from a previous discussion which can be found here:
  http://discussions.apple.com/thread.jspa?threadID=1835976&tstart=0
  With 10.5.6 our Login Items are not working on client machines that use Network Home Directories. Everything works fine under 10.5.5.
  When the 10.5.6 client logs in, login items with a path directed to the Home/Documents folder cannot be found, and the following error appears in Console:
  "Unable to resolve startup item: status = -35, theURL == NULL = 1"
  I have no problem manually navigating to the Home/Documents folder and opening the login items. Removing and re-adding the login items does not fix the problem. Revert to 10.5.5 and the login items are fine.
  Below is a suspicious error that I see repeated multiple times in Console (viewing "All Messages") on the 10.5.6 clients but not on the 10.5.5 clients:
  Sender:
  loginwindow 34
  Message:
  FolderManager: Failed looking up user domain root; url='file://localhost/Network/Servers/myserver_name.com/Users/my_username/' path =/Network/Servers/myserver_name.com/Users/my_username/ err=-35 uid=0 euid=10790
  I'm sure I could find a work-around by moving the location of my login items or maybe even changing to launchd. However, this error seems to indicate something going on with the 10.5.6 install that might be more serious. I've done some typical troubleshooting: DFA, Repairing Permissions, Clearing Caches, trashing loginwindow and MCX preferences, deleting the /Library/Managed Preferences folder, rechecking DNS on the server (forward and reverse lookup OK).
  Any help is appreciated!
  Thanks!

  just to tell you, same thing here - it's nothing special about your setup. it's not a big issue for us as the kernel panic at logout on 10.5.6 is the real killer (no it's NOT JUST FONTS) so our workround is that we're not rolling it out! (staying 10.5.5).
  but on my own test 10.5.6 mac i get exactly the same issue with login items that are in the network home. local apps (font management app, ichat etc in /Applications) OK, but stuff on the mounted home server - nope and a line in the syslog for each item:
  Jan 28 09:25:54 hc04800-bssaht loginwindow[32028]: Unable to resolve startup item: status = -36, theURL == NULL = 1

• Portable Home Directories and Login Hooks

  We recently switched from Network Home Directories to Portable Home Directories. We used to use login hooks to do all kinds of nifty things to a user's home folder at login, but now it's complicated. I can't figure out at what point in the login+sync process the login hook executes.
  If the login hook executes before syncing, then I need to modify the network copy of the home folder, i.e. Network/Servers/servername/.../username. If the login hook executes after syncing, then I need to modify the local copy of the home folder, i.e. /Users/username. Unless I'm mistaken, you can't just use the tilde (~) in the script to denote the path the home folder, so you have to list the path explicitly.
  My testing seemed to result in inconsistent behavior. Can anyone give me some guidance?
  (Keywords: Loginhook Logouthook Login Script Logout Script Mobility Mobile PHD)

  Thank you for the advice, Syth, but I'm already aware of the basics of writing and implementing login and logout hooks. I wrote a lot of them when we were using Network Home Directories. The root of my question has to do with Portable Home Directories and login hooks.
  This is a computer lab environment where every user has their own account, network home folder, and "Mobility" preferences set in Workgroup Manager. When a user logs into a lab computer, syncing kicks in and they work from a local copy of their home folder which then syncs to the server at login and logout.
  So the core question is: Do login and logout hooks execute before or after login/logout home syncing occurs?
  For example, if a user with a brand new network account, i.e. who doesn't even have a network home yet, logs into a computer, what's the order of events? I would hope it would be:
  1) server creates network home
  2) computer creates local home, i.e. syncs
  3) login hook executes
  But my testing has been inconsistent. Anyone have any experience or insights to share?