Convert mobile account into a normal account
Hi,
I finally got it that I get rid of my managed account with the following commands
sudo dscl . -delete /Computers
sudo dscl . -delete /Users/mobileaccountname MCXSettings
sudo dscl . -delete /Users/mobileaccountname MCXFlags
sudo dscl . -delete /Users/mobileaccountname cached_groups
The next challenge is to remove the "mobile".
Any ideas how to do convert a mobile account into a normale account.
Cheers
Christian
hi,
Changing name in pfile only will not work and you need to rename the database. What is the problem you face file recreating the controlfile? There is another utility for this purpose called "sid" See following document
http://www.oracle-base.com/articles/9i/DBNEWID.php
Also try tom kyte
http://asktom.oracle.com/pls/apex/f?p=100:11:0::::P11_QUESTION_ID:318216852435
Salman
Similar Messages
-
Convert a mobile account into a local account
Hello everyone!
I originally had to convert local accounts to mobile accounts, but the mobile accounts are not working for us. Seems to be unstable at times and just not what we're looking for. Now I want to change these mobile accounts back to local accounts. Oooor if there is a way to disable sync services, that would be fine.
I took the user out of the group that had our mobile account preferences, but the user is still backing up to the server.
ThanksThe way we do it is basically the same in either direction with the basic goal of retaining the user's data and settings:
1) delete the user from the local machine, but leaving the home folder as is (the home folder will be changed to +user (deleted)+ )
2) recreate the user account either as a new local account (from system prefs), or a new mobile account (by logging in and creating the account, then logout) as required.
3) as an admin, delete the default home folder that was created when the account was created. I usually do this from the command line : sudo rm -rf /Users/user
4) again from the command line, change the name of the home folder : sudo mv /Users/+user (deleted)+ /Users/user
5) finally change the permissions on the home folder: sudo chown -R /Users/+user user+
Test, it should be good from there.
Miles -
Convert Open Directory mobile accounts to Active Directory mobile accounts
We have 200 or so Macs using OD mobile accounts.
Implementing Active Directory, getting rid of Open Directory.
How do I change the mobile accounts from OD accounts to AD accounts so that it authenticates against the AD Domain Controller and thus change compter login password when it's changed in AD?
I can convert accounts this way:
a. Delete users’ user account in User preferences pane of System Preferences, but choose to not change the home directory.
b. Log into users’ account by choosing the other option, thus creating a mobile account.
c. Log out, log into admin account, delete the newly created home directory, rename the home directory from the deleted users account to match the name of the deleted home directory and do a chown –R on the directory for that user.
Obviously doing above 200x times is tedious and I'd like to avoid this if possible!
Any other ideas? Preferably a script I can deploy to all computers?I am also testing Leopard in my Active Directory domain and here is what I have found so far. The wireless networks in Leopard seem to be a combination of Panther and Tiger. Each 'Location' that you set has its own list of preferred networks. I have one location for when I am locally on the domain network and others for my bench network and all others under 'Automatic'. The one problem with what you are talking about is that if people change locations and forget to change it back before they log in, it will not find the network, however, adding the other networks all in one location is fine as long as the AD network is on top. You also have to wait about 20 - 30 seconds after you reach the login prompt before proceeding or it will log in without being connected and the AD resources will not be available. I am also finding that Panther knew when it was not on the AD network and did not give any errors, however Leopard squawks when I log in on a different network.
Cheers,
Rob -
Best practice converting local laptop accounts to Mobile Accounts with PHD
Hi,
what is the best practice to convert local laptop users (with different UIDs than their network account) to mobile accounts? Especially when the local dir should not be synced in whole (just Documents, Library). Client and server are 10.5, network accounts are on NFS.
I tried creating the mobile account with a minimal network directory (Library etc. ) and then move the original folders into place, but this didn't work out (the sync info was overwritte somewhere ..)
ChristianI think your best bet is to copy the home folder off the laptop to the user share on the server. Then with WGM create the same user and the apply all permissions of the network user to the copied folder.
Once you have that create your settings for the PHD and then go to the laptop. There you will setup the laptop and bind it to the directory, have that user login (might want to do this on a lan, not airport) and then it will move all the data across to that laptop, and since the network user (same as the local) owns that folder everything should work. If the password is the same then OS X should fix the login and keychain password, so saved forms or email password would show up.
I did this same thing for 20 OS 10.4 client laptops. Took me a while to get all of this in place but will spare you the running around...
hope that helps -
Mobile accounts reset to normal network accounts ?
Hello
I've switched my network users back from mobile accounts to normal network accounts after experimenting for awhile. I have deselected the mobile account preferences for all my machines in WGM and deleted all the local home folders created by synching my network accounts on the local machines in Volume/Users. There's obviously more things I need to do, as:
Some desktop machines allow users to login normally with their network account and mount the network home at login (shortcut in dock via MCX) as before mobile synching. This seems to be only for machines the user did not use when there were mobile account prefs. set .
Other machines create a new local home for the user but also leave a question mark in the dock for their "User's Network Home Folder"; which mounts with full access when clicking the question mark.
Lastly, some machines are not mounting the network home at all, but authorizing the user with their LDAP account and making a new local home instead.
Is this a cache, preferences or corrupt config. issue or something else?
thanks
Xserve G5, G4s, eMacs, iMac G5s, 10.4.5 allDeleting the mobile user account records in System Preferences>Accounts solved it.
http://www.macosxhints.com/article.php?story=20031222232124568 -
Convert a mobile account back to a regular network account?
I need to somehow convert a mobile network account profile on a Mac to a non-mobile account -- ie, a regular network account. The user obviously has multiple settings associated with his existing profile and we'd like to salvage those if at all possible.
Dont just untick the LDAPv3 Plug in, you have to
select Configure and Delete the configuration, save
the changes then quit.
I did that.
Navigate to /Library/Managed
Preferences and remove any preferences there.
Did that too. But whenever I log back in. They are there again.
Next lauch NetInfo Manager in /Applications/Utilities,
click on the lock and authenticate, select Config and
delect mcx_cache.
I did this also. There were actually 2 mcx_cache folders. One in the /config/mcx_cache and another at /mcx_cache. I deleted both of them.
Next select System Preferences >
Accounts and delete the Mobile Account thats there –
it should have Mobile Account beneath it.
This is the part I can't do because I need that account. If I delete the mobile user, I lose that account and I can't do that. Any suggestions here? -
Converting OD user to Mobile account? Is this OK!
Hi all, have one user on a network that I manage who has been using his iMac OD account for about a year (hence a lot of files etc in there) He also has a Macbook and wants this to sync to his OD account, would it be best to convert the account to mobile? If so are there any dangers to this, can he lose his work etc? Need to be 110% before changing it
many thanks
BTW way both desktop & Macbook are on 10.5.5. and bound to their Mac Pro with 10.5.4 ServerPlease See the system requirements for CS5.5 from below link : http://prodesigntools.com/products/adobe-cs5-system-requirements.html
If your products are compatible with 64 bit then you can install it ... -
Convert Calendar Day into Company's Accounting Period
Hi, please help me on this.
I need to convert a date into accounting periods.
e.g company's accounting period starts from 12/29/03 to 1/30/04. Then 12/30/03 would be Day 2 of the accounting period and it would be week 1 of the Acc. period. How can I do it ?
Thanks,select to_char(to_date('12/29/03','MM/DD/RR'),'IW') WEEK1,
to_char(to_date('01/05/04','MM/DD/RR'),'IW') WEEK2,
to_char(to_date('12/29/03','MM/DD/RR'),'D') DAY1,
to_char(to_date('12/30/03','MM/DD/RR'),'D') DAY2
FROM DUAL;
WE WE D D
01 02 2 3
Modify your NLS Parameters to retrieve appropriate results. -
Mobile account doesn't complete initial creation and sync process
I'm trying to setup a mobile account for a network account but it won't complete the sync process on the client MacBook Pro. Both the server and the MacBook Pro are running 10.5.5.
When I login to client it prompts me to create a Mobile account and proceeds with the sync to create the account, but when the sync is complete it just logs in with the default account setup. None of the user files or settings (desktop image, preferences, etc) appear. The sync process says "Checking..." for all the files that supposedly get copied to the client, but it looks like it doesn't complete.
Is there a way of knowing what the problem is? Is there an issue with the user's home directory, some file that prevents the sync and mobile home creation from completing?
Thanks.I solved this myself. The user ended up have a folder on his desktop that contained a backup home folder from an old powerbook that he was trying to save. It was a complete home folder, Documents, Library, etc and I thought it might be interfering with the sync of the normal home folder. So I created a folder called Bad Stuff in the home folder and copied the old powerbook home folder into it. Then opened up the Sync Settings and excluded the Bad Stuff folder from the sync. And it worked, the sync when fine and is resyncing fine.
Hope that helps with other people with a similar problem. -
Mobile Account - How to Map Share Point Locally on Server?
Hello,
Using mobile accounts on a mac mini server, this is a small home network. Primary reason for server was to use mobile accounts allow the various computers and laptops to be accessed by all family and guests with data linked to login.
All work fine except, when I login into the server as my mobile account it is unable to sync, or find any files because the Share Points do not map locally. Warning message says use locally. This causes problems with itunes, mobile account syncs etc.
Is there a way to map the Share Points using the network path, locally on the server in the mobile accounts?
Thanks
PeterYou need to convert the project to sharepoint 2013, you have to change the target office version 15.0 and target framework versions to 4.0 or 4.5. For more details go throught the below posts
http://www.codeproject.com/Articles/522220/Converting-Multiple-SharePoint-2010-Projects-to-Sh
http://social.msdn.microsoft.com/Forums/en-US/c15f274c-1dfe-47cc-b753-883307fc354f/migrate-sharepoint-2010-visual-webpart-to-sharepoint-2013-using-visual-studio-2012
http://sharepoint.stackexchange.com/questions/58377/upgrade-a-vs-2012-sharepoint-2010-project-to-sharepoint-2013
Raghavendra Shanbhag | Blog: www.SharePointColumn.com
Please click "Propose As Answer " if a post solves your problem or "Vote As Helpful" if a post has been useful to you.
Disclaimer: This posting is provided "AS IS" with no warranties. -
Lion Server Setup (Network Login/Mobile Account and more...)
Hardware:
Mac mini Intel Core i7, 2 GHz, 8 GB memory (Server) x 1
iMac 21.5" 2.8GHz Intel Core i7, 12 GB memory (Workstation) x 6
Operating System:
Mac OS X Server Lion 10.7.4 (11E53)
Mac OS X Lion 10.7.4 (11E53)
Relevant Software:
Server.app Version 10.7.4 (1.4.3)
Workgroup Manager Version 10.7 (400.3)
Server Admin Version 10.7 (355)
So my head's swimming with "I dunno's" and I've been perusing probably all the wrong threads trying not to sound like a noob and find the literature that will finally lead me to a solution. This is my first rodeo so make no assumptions about my experience (maybe).
Short Version
I can't login network users. I get an error "You are unable to log in to the user account "<%short_name%>" at this time. Logging in using >console tells me this No home directory: <path to home directory> i.e. /Network/Servers/department.domain.com/Department/Accounts/bbunny
If anyone can point me where to read, I will do so.
Perhaps a longer discussion on how to verify that the proper permissions exist on the share/home directory in question and what those would be.
More detail...
I want to setup a Mac Mini server to have network login accounts stored on the 2nd data volume in a directory we shall call Accounts*. Here all the "network users/logins" have their home directories, so that when they login at the workstation the idea is the workstation will sync their account and allow them to login, if the server is not available, the hope is I can configure it to allow them to login if they've logged in before and the files will sync when they are able. That being the ideal, I get the impression that for best practices, Apple is discouraging the use of mobile accounts that use Home Sync perhaps because it's reliability has been iffy, please advise. A windows user might think of this as "roaming profiles" but, if I understand it, its a little more than that.
Note, I do not want to login to the server and actively work on that network share, I want the account to be local and sync'd as needed. But I want the user to be able to sit at any of the 6 other workstations and see the same documents, emails etc. Obviously if the server is down, it won't be possible to authenticate, but I think it should have cached credentials that should allow the user to login if the server is down and still go about their work.
This is the small picture...there is a larger picture that involves, parallel virtual machines of Windows Server 2008 R2 on server and and Windows 7 on the client, ical, ichat and perhaps wiki's.
I apologize for the roughness of this question, in the interest of brevity, I have plenty of problems that led me here that I can expound upon if asked.
Also a silly question someone might know the answer too, Why does the login payload settings that I have pushed to a workstation device, sometimes vanish inconsistently upon logout?Ok, Some Good news and clearer understanding to disseminate in this post I hope it helps
"the Universe" so I am posting it here in my "ever-the-noob" blog on apple forums.
Problem
What do you do when you get an error when logging into a mobile account setup?
One symptom would be the error message below...
"You are unable to log in to the user account "<%short_name%>" at this time.
Logging in using >console You get the message…
"No home directory: <path to home directory>"
or
"You are unable to log in to the user account "<%short_name%>" at this time.
Logging in using >console tells me this No home directory: <path to home directory>
Solution
Do the check list…
Short Version
Sever Admin.app > Access (Key Component)
Check Permissions on directories for your file shares.
(The reason stuff doesn't work especially when you're rebuilding/recovering a server)
File sharing setup (Turned ON, Home sharing Enabled)
Directory Utility > Directory Editor or dscl
( Do not underestimate the importance of this part!!!!
Use white-gloves when you're handling it though!!! )
Workgroup Manager
(You're poopy "main" interface that really is a "window", not a "door", but maybe Apple likes to do things "Dukes of Hazard" style?)
Long Version
Check Sever Admin.app > Access
Make sure that your user has the "Proper" access. For me I created a test user from Server.app and saw what access he had as a way to "check myself for a properly created users" and because I think one is kind of on his/her own using WGM and duplicated the same access. (I was a little neater, though and did it with a group, not individual users, that would have been a mess!)
Server Admin.app > Access
Click the "+" sign, sort by UID and Add the imported users to the following Services…
( You can use a group, but understand when Server.app creates users they get added
individually to each of these groups. )
Address Book
AFP
iCal
iChat
Mail
Profile Manager
SMB
VPN
Check Permissions on directories for your file shares.
(That's an understatement) I could go in depth about all the crap I had to read about, I still
know I am missing a chunk of tech brain when it comes to the particulars. Basically, I boil
it down to this…
Permissions require thinking about things first with regards to POSIX permissions... good
ole ls, chmod, chgrp, chown to the rescue with ugo permissions or the old 755, 600 etc
stuff.
Apple's file-sharing access uses this as a starting point to see what the user is allowed to
access.
I also needed to use chflags once to unhide a file that I mucked around with using xattr.
I still haven't figured out why folders can lose their triangles, but I didn't find out if you cp or
move them from terminal, the triangles come back in the moved or copied directory. For a
minute I thought it was because cp alone doesn't preserve flag attributes, but mv actually
works by doing a cp that preserves the flags, unless it's a bug. I dunno.
This helped me get my file visible again...
chflags hidden path_to_file
chflags nohidden path_to_file
Read up on those manuals, if you're not a terminal type go to apples website
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/
or download...
http://www.bruji.com/bwana/ I thought that was cool.
or if you prefer to read the manual in pdf try…
man -t sharing | pstopdf -i -o ./Desktop/Sharing\ Manual.pdf
man -t chown | pstopdf -i -o ./Desktop/CHOWN\ Manual.pdf
man -t chmod | pstopdf -i -o ./Desktop/CHMOD\ Manual.pdf
man -t chgrp | pstopdf -i -o ./Desktop/CHGRP\ Manual.pdf
My basic guideline was avoid using ACLs if at all possible, if you try to use them, things
can get crazy complicated, take notes and plan, baby. If you read above, opening up
permissions wide is wrong though. You would restrict permissions tightly to begin with and
then place ACE (Access Control Entries) to specifically target the rights you want to enable.
Here's one that's obviously a novice attempt to do this, but since the novice is the only one
speaking…. here it is, Universe… >:P
sudo chmod -R +ai "admin allow read,write,delete,file_inherit,directory_inherit,search,list" Department/
That allowed my admin to do all the things a normal user could do so far… It fixed things for
my admin, which made me happy. I really hate having to authenticate or sudo just to see
the contents of a nested directory. I could explain it, and even give a few notes on why its
probably overkill, but I will attempt to look less stupid till "poked".
There's another command line utility I STILL haven't read, which may bear mentioning
because…well I haven't read it. umask (see wikipedia or unix.com)…I worked past my
problems without going into it so far, but obviously it's there, and it serves a purpose.
I also found this article helpful…and educational. :O
http://www.bresink.de/osx/300321023/Docs-en/pgs/ACL.html
( Its enlightening to hear the air whistling between a developer/coder's ears, still it's
apparent he has a clear idea what's going on.
Ever wonder why when you use get info to check or assign permissions it kind of
flakes out and doesn't take? Read this article! )
Second, if you can't obtain the "specific" permissions you need with POSIX, chmod also
can set the 2nd category of permissions, which windows users may be familiar with
Access Control Lists (ACLs) and here you get some really fine granularity...messy stuff.
All in all, if I felt I could guide you through these murky waters, I would, but I think I'll let
the professionals weigh in on that one and cut my wall-of-text to ribbons.
To heuristically check I would connect from a client as one or two of my users and see what
folders I could mount as a share, armored with an understanding of what ls -le@O * showed
me in Terminal.
3.) File sharing setup (Turned ON, Home sharing Enabled)
Here is an example of using command line sharing utility where each share is properly
labeled (that took a bit for me to figure out) still this share only enables the AFP share as
you can see from my flags.
sudo sharing -a /Volumes/Hard\ Drive/Department/Database -A Database-afp -F Database-ftp -S Database-smb -n Database -s 100 -g 000 -i 10
Then you do a sudo sharing -l and get back what you just did…
List of Share Points
name: Database
path: /Volumes/Hard Drive/Department/Database
afp: {
name: Database-afp
shared: 1
guest access: 0
inherit perms: 1
ftp: {
name: Database-ftp
shared: 0
guest access: 0
smb: {
name: Database-smb
shared: 0
guest access: 0
If you mess up the sharing command, you may not be paying attention (I wasn't) but there
are a lot of defaults that Apple will just assume you meant to do anyway and it won't read
any of your flags, you have to get it right or the flags will be defaulted.
( Basically I could tell I was bombing it for one, I explicitly only wanted afp working, but
the default was afp and smb. So each time I ran sudo sharing -l after I shot my sharing
command…back would come smb shared: 1 and I knew that wasn't right. Also my
custom names were defaulting to the name of the directory not the name I had
specified. )
I like to know what protocol my share is over so when it doesn't work, I know which protocol's
are connecting. It's not full-proof, but it's a bookmark. I wish the network browser would
identify the protocol that its available listed shares are using, because small visual queues
like that help when you're trying to see what works. Maybe that's something I should
investigate via the command line?
As a note about reading forums, I discovered using command line that "\" is kind of like a
way of going to next line neatly with long commands…."\ " is a way to insert a space. As you
can see above where I have a volume with a space in it.
Removing shares was a little trickier though, sharing -r Share\ With-space didn't work….I
had to enclose it in quotes and do "Share With-space" instead. So nooby beware!
( *nix users are now rolling their eyes at this tip. )
I wasn't sure how you enabled a share for home directories from the command line, maybe its
in the manual, but I was up to my eyeballs in manuals already so I haven't gone back to
revisit this question since my work around was to go to Server.app and verify that what I set
up in the sharing in terminal was being reflected in the gui…sort of my own MVC
(model-view-controller) check.
4.) Directory Utility > Directory Editor or dscl
Make sure what you see in WGM and Server.app are reflected here….to that question let's
take a journey where I did some exploring about that.
Ever really wonder "WHY CAN"T I REMOVE AN OLD HOME DIRECTORY SHARE?!!!"
Ah, then you will - LOVE - this tip…
( Provided my testing or yours, later, doesn't prove that in my ignorance I've broken
Open Directory. Remember, WHITEGLOVES!!!! but here we get a little dirty. I think of
OD as Apple's Registry, but that's not what it is at all. However, you as the user do have
to "****" around in it from time to time. )
I scoured the forums and everyone was saying things like "You have to change your server
role" etc. which seemed a little bit dumb to me (dumb because you're pushing views around
not "controlling"), and well, yea, that share that I couldn't modify or delete was REALLY
bugging me.
Now hmm… Before you do ANYTHING, how do you try to not hurt yourself…in Windows you
can make a Registry Backup….(yea bad analogy) In Server Admin.app you can go to your Open
Directory Service > Archive and Choose a place to Archive your information. (Figure this out by
yourself, this is getting long…sheesh! It's easy. Restoring is just as easy and painless.)
Before we can remove the entry we "SEE" in WGM we should make sure no
one has it selected so as not to "corrupt" the OD db, so in WGM first before going to Directory
Utility set the Home directory to "None". (We need to remember to set this to a correct share
later….Mental Note!!!)
Now Open Directory Utility
Method 1
System Preferences > Users & Groups > Login Options
Click the Lock to make changes…
Authenticate -> click "OK" (do I REALLY have to step-by-step this?)
Network Account Sever: • Local Server - click "Edit" button here.
Open Directory Utility > Directory Editor
( Wow, did Apple hire someone from Microsoft? You'ld think with all their research in to
Human Interface Design that's WAY too many clicks to get to something you need. )
or
Method 2 (It's good to know about this directory, neat-o speed-o app's hidden here.)
Use "Go to Folder" Under Finder > Go > Go to Folder...
⇧⌘G /System/Library/CoreServices/
Click "OK"
and Double click Directory Utility.app
or
Method 3
Terminal
open /System/Library/CoreServices/Directory\ Utility.app/
Now From the Directory Editor Pane you will see a Pop-up menu Labeled "Viewing"
You should glance through this and get to know it. You should use it to see what
information is really being stored about your Users, Groups, Mounts…
We are interested in Mounts, which is where we want to go…and there is the pesky
mount that you will see reflected in WGM.
Authenticate, and delete the bugger.
Quit WGM and restart it. Voila, bad share is GONE!!!!!
a.) First select all my users
b.) Then I clicked on the "+" and added the correct share
( Remember, I only showed you the first one we created, this is another and
for THIS one you HAVE to go into Server.app and verify that it is set to be
available for Home Directories in this case for AFP. )
For the home directory entry you do this...
afp://computer.domain.com/Accounts-afp
%short_name%
/Network/Servers/computer.domain.com/Volumes/Hard\ Drive/Department/Accounts/%short_name%
%short_name% is a wild card for the short name there are other wild cards check out Apple's
Documentation on them. I lost the link sorry \<shrug\>
Interesting dscl commands…(check it out in command line form and compare side by side with
what you see in the GUI Directory Utility)
dscl . list /users
dscl . list /groups
If you want to output information about each user, though, use readall:
dscl . readall /users
dscl . readall /groups
And if you need to programatically parse said information, use -plist to make your life easier:
dscl -plist . readall /users
dscl -plist . readall /groups
This made a little more direct sense to me, language wise…but fyi "." is kind of a wild card I think so the first
commands I think look in ALL directories local, Search, LDAP whatever you have. The command here
corresponds to the Entry from the Pop-up menu "…in node > Blah…" see GUI of Directory Utility to confirm.
dscl /LDAPv3/127.0.0.1 -list /Users
dscl /Local/Default -list /Users
5.) Workgroup Manager
Remember this is a utility that is not long for this world. Apple's Mountain Lion is rumored to fully
replace it, why? Yea, Apple's making a go at MDM (Mobile Device Management) and somehow
desktop computers are being pulled/dragged along for the ride. I have plenty of issues with
Profile Manager, but I'll likely revisit it in a couple of months and see where we stand.
Anyway, treat this baby like the bottom rung, because, well it is built like you start your
foundation here, but it's just a viewer with controlling "tweaks". Use the other areas to get a solid
grasp of what is actually going on. Server.app is where you should create accounts you can
feel are safe. When you create accounts in WGM, you are responsible for making sure they
have the appropriate EVERYTHING.
This list is by no means complete, but these are the areas this noob is or was prepared to talk about.
Good night for now. Enjoy climbing my wall of text, and yea sorry about that. :O Run for you lives!!!!
- Signed Shadowwraith -
OSX Server Mobile Account Greyed out after initial setup?
I just setup a new install of Mountain Lion on an iMac and installed Server.app to set it up as a server. I activated Open Directory and configured it for a few users (with NFS mounted home directories from a Linux NFS server). I then logged into the iMac with one of these users and it asked me if I wanted to make them a mobile user. I did as this will activate the Portable Home Directory function. It asked me what I would like to sync and then setup the user as normal. Now the issue I have is with any subsequent login of that user if I go to the Users & Groups sys pref panel the Mobile Account "Configure" button is greyed out. Syncing can still work from the menu bar pull down but I can no longer change any of my sync preferences. I've gone through the settings in default read com.apple.homeSync but nothing in there seems to affect that button being greyed out. To eliminate the NFS server as a possible cause I setup a local network user with local storage on the server and it acts the same way after setting up as a mobile account. Any ideas on what causes this?
I solved this myself. The user ended up have a folder on his desktop that contained a backup home folder from an old powerbook that he was trying to save. It was a complete home folder, Documents, Library, etc and I thought it might be interfering with the sync of the normal home folder. So I created a folder called Bad Stuff in the home folder and copied the old powerbook home folder into it. Then opened up the Sync Settings and excluded the Bad Stuff folder from the sync. And it worked, the sync when fine and is resyncing fine.
Hope that helps with other people with a similar problem. -
Changing a local account to a mobile account
Hello everyone.
I have a local account on this computer and I want to test some sync settings. How can I make this local account a mobile account? I already have a mobile account that will create a new local account on new computers, but I want the local account on the computer I normally use to become my mobile account.
ThanksI too was wondering how to do this...
According to the Client Management white paper, (top of p68), "at first login the entire contents of the user's network home directory plus the contents of any local home directory with that user's name are merged"....
the document lives here
http://images.apple.com/education/docs/it/Apple-ClientManagementWhitePaper.pdf
It doesn't go into any more detail....
Can you try a fake account with some random data to see it it works (i.e. you don't want to nuke your local account if it doesn't work as described in this white paper)
there are some more pdfs from apple here:
http://www.apple.com/education/it-professionals/resources/
hopefully this points you in the right direction.... -
Mobile account disabled unable to re-enable
First some background. We have an Open Directory Master setup on Snow Leopard Server 10.6.2. I have a default password policy of 5 attempts and the user account is locked out. I am in the process of binding Snow Leopard clients to Open Directory. All of my users are on laptops so I was setting them up with mobile accounts. First I would bind the machine to Open Directory, then I would have the user login with their network user account. Next using System Preferences I would convert the currently logged in network user account to a mobile account. I assumed I needed to do this so the user would be able to login to their machine while the server was unavailable.
My issue is that the using a second machine the user locked out their account. I re-enabled the account in WGM, but the user cannot get into their laptop. I use WGM to view the local directory and it show the local cached account as disabled. Unfortunately there is no way using the GUI to re-enable the cached local account. Also using dscl I see that AuthenticationAuthority has ;DisabledUser; as the first value before LocalCachedUser.
It seems I don't fully understand how mobile accounts work. I assumed that a cached version of the account would be created on the client machine for use when the Directory Server was unavailable. I thought that when the Directory Server was available that it would take precedence over the cached copy. Is this not how it works?
Also my attempts do edit the user account using dscl to remove the ;DisabledUser; value were not successful. Is there an easy way to re-enable this account?Mr Beardsley wrote:
I think what happens, at least in our office is that after the 24 hour period for Kerberos people will have to enter their password again for things like iCal, iChat, etc. If they mistype their password, and save it in keychain, I think it can rapid fire try to authenticate many times without any visual feedback and lock out the account. Reactivating in workgroup manager handles the account in OD, but unfortunately the local copy of mobile user account doesn't see or honor that the account has been reactivated on the server.
I was doing the same thing as you deleting the mobile user account on the system, but that was getting to be a pain as I would have to remake the mobile user account and the user would lose their picture every time. After I discovered the pwpolicy command I have tested it several times and deleting the user account is no longer necessary. Just re-enable the account in OD, then run the command I put above to re-enable on the client.
What I would love to see happen is that the client machine check with OD to see if the account is enabled/disabled then update itself to be in the some condition. Until then it's running a command on the client to get the account working again.
Mr. B,
I think you're right about all of this. I'm experiencing this too with only one mobile user. This user is in a different office all week. Then on Fridays he's here at our HQ. His laptop is set to sync every 3 hours. For some reason it is at this syncing stage that his account becomes disabled. I think the HomeSync function may be requesting a password that the user is entering incorrectly because they get confused as to what password to enter. I'm not sure if they are entering incorrectly once, 3 times, 10 times or what. They are frustrated and so am I.
However, the pwpolicy command you provided DOES re-enable their local mobile account and it is available after restarting. So thanks for that!
We have several different passwords that for any given user (SLS network account, file-server, email, plus their keychain password).
Anyone have a tried & tested "user-friendly solution" to keeping these all in sync after our 2-month password expiration? -
How to disable mobile account functionality?
For quite some time now I have had a mobile account because I used to use a home server in conjunction with my laptop. Now, however, I no longer do but there seems to be no way to switch my user account back to a normal account. Even when I try to edit the settings for the mobile account to try and just simply not sync anymore all the options are greyed out.
I'm tired of having to cancel the sync every time I log in and out of the machine. Isn't there some way to turn this back into a normal account?
Currently running os 10.8.3a friend send me this. I'm trying it with limited success.
http://discussions.apple.com/thread.jspa?threadID=1790881&tstart=-1
Maybe you are looking for
-
Hi, I have an e-mail account no longer valid, I need to move my contacts to a new e-mail account and delete the old one. How, help?? Phone is a 3GS
-
Language Translation in Xcelsius based on Infoview language settings
Hi, Could you please tell me how to do language translation in Crystal Xcelsius. I built the dashboard using WebI Report in English version. The client wants to view the Dashboard in French. Also, the client donu2019t want to have 2versions of the da
-
How do I adjust the pressure for my drawing tablet?
Illustrator stopped recognizing my pen for my tablet - I cannot adjust the thickness and thinness by pressing hard or soft on my pen.
-
User exit in Equipment Address management
Hi, I am looking for a user exit in 4.6C within Equipment maintenance but none of the enhancements that I have looked at seem to have the address information available. I have looked at Enhancements IEQM0001 to 3 and ITOB0001 - 6. We have a requireme
-
Airport express...pages not loading
ok, so i pucrahcsed a new air port express station for travelling overseas. i am currently in brazil for a month and trying to utilize the station. where i am staying they have dsl, but it comes to the house via telephone cord..not coaxial...so they