Help with Portable Home Directories and AD

Is it possible to implement "Portable Home Directories" without an Open Directory server, using just binding to an Active Directory Domain. (no "Golden Triangle")?
We are just starting to integrate Macs into our company (finally!) and I'm looking for the best way to allow Macbook Pro users to have their files sync'ed with their NW home folder and still available locally when they are offline.
I'm able to bind to AD successfully but can't find any documentation on how to make the sync happen.
Thanks

If you are putting Macs in a LARGE business environment then bookmark the site www.MacWindows.com. They do nothing then connect lone macs into Windows Domains. Pay attention to the links on side panel of the slash page to get to the section you want to read the reader reports.

Similar Messages

  • Portable Home Directories and Login Hooks

    We recently switched from Network Home Directories to Portable Home Directories. We used to use login hooks to do all kinds of nifty things to a user's home folder at login, but now it's complicated. I can't figure out at what point in the login+sync process the login hook executes.
    If the login hook executes before syncing, then I need to modify the network copy of the home folder, i.e. Network/Servers/servername/.../username. If the login hook executes after syncing, then I need to modify the local copy of the home folder, i.e. /Users/username. Unless I'm mistaken, you can't just use the tilde (~) in the script to denote the path the home folder, so you have to list the path explicitly.
    My testing seemed to result in inconsistent behavior. Can anyone give me some guidance?
    (Keywords: Loginhook Logouthook Login Script Logout Script Mobility Mobile PHD)

    Thank you for the advice, Syth, but I'm already aware of the basics of writing and implementing login and logout hooks. I wrote a lot of them when we were using Network Home Directories. The root of my question has to do with Portable Home Directories and login hooks.
    This is a computer lab environment where every user has their own account, network home folder, and "Mobility" preferences set in Workgroup Manager. When a user logs into a lab computer, syncing kicks in and they work from a local copy of their home folder which then syncs to the server at login and logout.
    So the core question is: Do login and logout hooks execute before or after login/logout home syncing occurs?
    For example, if a user with a brand new network account, i.e. who doesn't even have a network home yet, logs into a computer, what's the order of events? I would hope it would be:
    1) server creates network home
    2) computer creates local home, i.e. syncs
    3) login hook executes
    But my testing has been inconsistent. Anyone have any experience or insights to share?

  • Home Sharing, Network accounts with Portable Home Directories, iTunes 10

    I am using OS X Server an on that server is my account. I am also using a MBA with that same account using portable home directories (PHD). The MBA home directory does not contain my iTunes music, that is somewhere in /Users/Shared, because I do not want the added burden of encryption (the home dir is FileVault protected on the MBA, but not on the server)
    Thusfar, I worked on the MBA with iTunes and used rsync to sync with the server. There are reasons I want to stop that route (which are not important for the question)
    I have just upgraded to iTunes 10 before trying the following:
    1. Enable home sharing on the server
    2. Look for shared libraries on the MBA
    And found out that my account on the server needs to be logged in permanently and iTunes running to use Home Sharing that way. That stops the ordinary syncing of PHD so that is not a solution. Besides, I do not want to have an account logged in all the time.
    So, given the scenario that I want full two-way syncing of my iTunes library between my computers and that I prefer not to have an account logged in on the server, is there a solution?

    I ended up creating a dedicated local account for iTunes serving on my mini server.

  • Portable Home Directories and iphoto - problems

    Hi
    We have recently set up the 'mobility' funtion for our staff via our 10.4 server - thuse creating Portable Home Directories. This all seems to be working fine and documents sync perfectly. What is not behaving is iphoto - we keep getting synchronization conflicts based around iphoto files - not the images themselves but files such as:
    Library6.iphoto
    iphoto.ipspot
    Dir.data
    Albumdata.xml
    .lpoptions (not sure if this one relates to iphoto but is recurring on numerous acccounts)
    Anyone have any clues on this. Iphoto does not seem to be syncing the images at all........and I can't resolve the conflict.
    Chris

    iPhoto works fine with my users so I can't offer much assistance there, but .lpoptions is where the default printer is stored, and that's typically not something you'd want to synchronize. I personally exclude it.

  • Portable Home Directories and Entourage

    I going to be implementing Portable Home Directories into our office, but I am trying to figure out what I want to be syncing.
    The office uses Entourage and having 60+ users. From what I can if I exclude the microsoft user data folder I don't get the account to show up in Entourage when I switch to another computer.
    I really don't want to be syncing Microsoft User Data folder for each user onto the server. Considering we have a mail cap of 2gig some users are larger due to historical reasons and rank. We also use public folders heavily and some public folders can be about 10gig.
    So my question is, is there away to get around this. Can I get the account information to sync for Entourage, but not the email. I see how it works with apple mail were it syncs the mail folder, but excludes the folders that contain the email.
    I have a feeling the answer to my question no, but just checking if any one else has found a work around.

    Since Entourage is a DB it would sync the whole 2GB or 10GB every time. This is why Apple pushes there product as thy use a flat file system where only the files that changed would be sync'd. Entourage is a db and since there is no program out there that can open the db up and just sync or backup what has changed you will sync the whole profile /db.

  • Does a 10.7 client work with a 10.6.8 server with portable home directories??

    Subject says it all. I need to move to 10.7 on the clients because I need XCode. But 10.7 Server seems dumbed-down, brittle and bug-ridden, so I'd rather stay at 10.6.8 server for the time being. I know already from some off site users of my server that mail works fine between 10.7 clients and 10.6.8 server. But what about mobile accounts and portable home directories? That is a very important feature for me.

    It seems to work. Slow and I have seen it hang at logout once (had to force shutdown the machine), maybe because I had two clients open at the same time.

  • Mail breaks with Portable Home directories

    Anyone using portable home directories in Lion yet?
    Just set up a test account on a Lion Server/Lion Client.  Syncing seems to be working fine but everytime I switch computers, Mail freaks out and returns:
    "Your mail index has been damaged.  To repair it, quit Mail"  After 'reloading' my mailboxes, it works fine...until I switch computers again.  Mail is standard IMAP to a gmail account.
    Anybody else seeing this? 

    Solved this one on my own.  It seems that Apple has neglected to update the Portable Home Directories syncing exclusion rules for the locations of the new Mail files, they still show the old Snow Leopard Locations.
    In Worgroup Manager in mobility settings for the clients, under "Preference Sync" change the two Mail related items in the "Skip items..." section to the following:
    Partial Path: ~/Library/Mail/V2/MailData/AvailableFeeds
    Partial Path: ~/Library/Mail/V2/MailData/Envelope Index
    (note the change from Full Path to Partial Path)
    It really would be good if Apple did a little more QA before releasing their products. 

  • Very slow login/logout with Portable Home Directories

    I've set up Portable Home Directories for our department so that people can work from different computers if need be (also, I think our network is too slow to use network home directories). However, the login times are excruciating - some users report average 45 minute login times. None of these users are moving huge files or anything, and even if I just log someone out (completing the sync) and then log back in, the login will be very slow.
    If I disconnect the computers from the network, obviously it logs in quickly because it can't connect to the server, but I don't want to do that (or disable login/logout sync altogether). I tried removing things from the login/logout sync rules, but often the sync takes time just on 'Finishing' or 'Stopping', so I don't think that it's any particular files that take a lot of time.
    On a possibly related note, for some reason our computers all take perhaps 30 seconds to get an IP address when starting up, waking up from sleep, etc. Is there any reason why the computer would need to be doing this repeatedly? Especially on logout, this wouldn't seem relevant, but I've seen that mentioned in other threads.
    Thanks in advance for any advice,
    Greg

    Apple Discussions has a special forum just for Portable Home Directories, you might want to search and/or post your question there:
    http://discussions.apple.com/forum.jspa?forumID=1249

  • Sym linked home folders with portable home directories

    Hi
    I have a Mac Pro with an SSD boot disk and an internal RAID0 for data. For obvious reasons I want to use the RAID for the majority of users' files and leave the SSD as an OS and application disk.
    I've experimented with moving the entire set of home directories off onto the RAID, but this (bizarrly) seems to cause problems with VPN connecticity for remote users. I've now I followed Matt Gemmel's excellent guide here:
    http://mattgemmell.com/2011/06/21/using-os-x-with-an-ssd-plus-hdd-setup/
    This worked very well for local users and felt faster than the previous method, probably due to ~/Library remaining on the SSD.
    However, when I came to implement PHDs via the mobility option in Workgroup Manager, I found that instead of syncing the sym link targets, client machines only sync the sym links themselves, which is entirely useless.
    Does anyone know of a fix/workaround so that mobile home sync will find the sym link targets correctly?
    Thanks
    Ben

    I ended up creating a dedicated local account for iTunes serving on my mini server.

  • Trouble with network home directors and keychain

    Hello all,
    I have recently started to dabble into Managed Accounts using 10.4.11 server, however I am running into sporadic issues. First of all, Keychain access to users is extremely flaky. All of my users' files are being imported from existing local accounts, so I'm betting that my import procedure has something to do with my problems. Fortunately all of my local accounts have long ago had their uid's changed to mirror the users workgroup UID, so I haven't had to bother with changing permissions on any files. My import process goes like this.
    First, I create the users home folder in the Workgroup Manager. Then, I log into the users computer via ARD, take control, connect to the users Home Folder, and copy all of the contents of the users local folder into the Network Home. Once this is done, I apply the correct permissions to the users home folder to ensure that no files may have been overlooked during the import process, and then I log out of the users account, log into the administrator account, and completely delete the users local account. I then add the computer to the Servers managed computer list, add the user as the sole authorized user (other then Administrators of course), restart the computer, and then log in as the workgroup user.
    Once this is done, I usually have several issues with the Keychain in authorizing the workgroup user to use the existing keychains. Even after logging back in to the local Administrator account and completely deleting all existing users' keychains, the user has the same issues. To my untrained eyes, some programs have a hard time accessing the proper keychain, or remembering that the keychain has been altered.
    The second problem that has only recently cropped up is that some users are loosing the ability to use their keyboard in certain applications. This happened to me maybe once or twice in the last couple of days, but starting today, and in the last 2 hours, has had this happen no less then 10 times. The only program that I have seen this happen to is Microsoft Excel 2004, and it is also the only program that I have had it happen to me on.
    This is only happening on users who are using Leopard 10.5.4.
    Any help is appreciated. Also, is the macos-x mailing list dead? I haven't seen any posts to it in almost a week...
    Thanks,
    James

    Hi
    I’m sorry that the guide is unreliable for you, although it does seem strange that it is. Perhaps there is something fundamentally wrong with the configuration of the AD Server?
    Apple have made binding clients to Active Directory relatively simple and easy since 10.4. You had to work a little harder in 10.3. All I can add is successful integration depends almost entirely on how well the AD Server is set up. It might be worth your while to look more closely at that for a solution?
    Speaking for myself I have never really had a problem and as far as I can tell all of the installations I have been involved with that required AD-OD integration are still working as desired. Some of them going back 2 years, that’s pretty reliable don’t you think?
    Tony

  • Login issues with portable home directories

    We are using 10.4.8 of the OS X server and version 10.4.7 on the
    workstations. Students are unable to login to their PHD. After
    entering their username and password, they will get the following
    message:
    "You are unable to log in to the user account "username" at this time.
    Logging in to the accounted failed because an error occurred. The home
    folder for the user account is located on an AFP or SMB server. Contact
    your system administrator for help."
    Knowledge base suggest turning off the fast user switching which I did.
    I restarted the machine and received the same message. I have tried
    logging in different users on these machines and they are receiving the
    same message. I reimaged the machine and that does not appear to help
    fix the problem. I can log in to local accounts just fine.
    Any ideas?
    ibooks, macbooks, imacs, servers   Mac OS X (10.4.8)   Operating from 10.3.9 - 10.4.8

    We ran into this issue too because we forgot to enable the Network Mount for the users. Go to Sharing --> Share Point --> setup the Network Mount as Home Directory Mount.

  • Portable Home Directories and OS 10.6.3

    It appears background syncing of users home folders was not working correctly/automatically in OS 10.6.2 client and OS 10.6.2 server.
    I recently upgraded to OS 10.6.3 client and it appears background syncing of home folders is now working to OS 10.6.2 server. Unfortunately, users are now getting home sync errors galore...
    Message: "An error occurred reading or writing the file. Please try again later" or "There is a home sync conflict." The latter error is not unusual, but the user selected "keep latest" and the same error returned three times.
    Has anyone else been experience this issue.

    We have hade the same issue popping up on a number of machines. All the errors concern open files. All running 10.6.3 client. Running 10.5.8 on the server though. Have been running the same set up for months without these errors popping up prior.
    The log shows 10-15 of these
    10/04/13 20:26:36.766 EXCEPTION: Resource temporarily unavailable
    10/04/13 20:26:36.766 <ERROR> network: MODIFY "Library/Application Support/Firefox/Profiles/default.7o9/.parentlock" {(Priority=1, EXECUTING)} (-[SStoreFileOperator_FS _openFile] (StoreFileOperator-FS.m:1350): open('/Users/networkaccounts/username/Library/Application Support/Firefox/Profiles/default.7o9/.parentlock', oflag=0x14, ...)--> Error Domain=NSPOSIXErrorDomain Code=35 UserInfo=0x1185c4df0 "Resource temporarily unavailable")
    But then the last entry is more interesting
    10/04/13 20:27:34.446 EXCEPTION: data writeToFile:'/Volumes/home/username/.FileSync/PHD-R-sHtPZTmmqR6-username.FileSy ncHistory' options:0 error:&error (Cocoa error 512)

  • Disabling portable home directories? (network wide)

    We're fed up with portable home directories and the constant sync errors they throw up.
    Can I just turn off PHD to make it function as it did before?
    How best to go about this?

    If you just want to up and shut down the entire portable home directory, and some of your users use it and some don't, the best way would be to select all the users in the directory at the same time and go to the preferences area.  Hit the Mobile button, and turn off everything that has to do with portable home directories.
    I have a bunch of users that also find they get sync errors. 
    95 times out of 100 the problems are solveable if the user just reads the sync problem.
    With a friendly attitude, point out that they just have to read the error.  Perhaps explain what it means...  If you do this once, your users will usually figure it out the next time it happens.
    Also, remember that sync errors don't have to solved right away.  You can fix it later.
    HTH
    -Graham

  • Portable Home Directories, FileSyncAgent, and Case-sensitive drives

    I have a 10.5.3 Server machine that is serving (via NFS) home directories to a mixed group of Leopard (10.5.3) and Linux clients. The drive containing user home directories is formatted to be case-sensitive. I also use Portable Home Directories and mobile accounts on all the Leopard clients. Many of the client machines have case-insensitive drives.
    FileSyncAgent is dying on the client machines with a lot of "Reverification failed" messasges in ~/Library/Logs/FileSyncAgent.log. The files being verified often have mixed case file names, while the error messages show lower case file names.
    Anyone else seeing FileSyncAgent dying on every home sync?

    Hi Guys, So far I have found what seems to be a fix for this issue. I was also having the issue happen to me around some iphoto file but that seems to be coincidental. I will detail what I did below but please first backup the mobile account on the local machine as you will need to recreate it.
    Backup the local mobile home folder
    Log into a admin account and delete the mobile account under the Accounts Pane in System Prefs
    Log into the users Network account on the notebook
    Delete all the following items
    ~/Library/Application Support/SyncServices
    ~/Library/Mirrors
    ~/Library/Preferences/ByHost/com.apple.syncservices.*
    ~/Library/Preferences/com.apple.filesync.plist
    ~/Library/Preferences/com.apple.homesync.plist
    ~/Library/Preferences/com.apple.LaunchServices.plist
    ~/Library/Preferences/com.apple.syndication.plist
    ~/Library/Preferences/Syndication
    Logout of the Network account and then back in
    Recreate the Mobile Account
    From this point on I have not seen any issues with the FileSyncAgent crashing. Omit any of the files listed above that do not exist. I generally have the notebooks sync on login and logout and I forced a sync while logged in to make sure everything was okay and so far so good. Hope this helps.

  • Moving Portable Home Directories from one server to another

    I am in the process of migrating users from an older xserve running 10.3 with open directory to a new xserve running 10.5. So far, everything is looking good with the migration, the only major issue I'm running into in my testing is with Portable Home Directories. Presently, the portable home directory on the computer still points to the old server for existing user accounts after they are moved to the new open directory server. On the 10.3 server, the home directories are all mounted under /Volumes/Home, where on Leopard it appears it wants to create the shares under /Volumes/ServerName/Folder. Granted, at present the original server's Home Folders are on a fiber attached raid and in testing I don't have this available. Any suggestions on a way to test easily without moving the raid? Also, is there an easy way to do a mass change on user machines where if I move my raid over to the new server, I can make sure that users data is being backed up to the proper location?
    Sorry for the lengthy post, just trying to make sure I'm covering all my bases, heh.

    Antonio, thanks for the response. I do have one more question regarding this. On the client side, the mirrors.plist file references the old server FQDN and share name. Because this will be being moved over to the new server, is there an easy method to update the clients mirror plist without breaking the PHD mirror? My big concern here is that either the users will not be able to synchronize phd's or we will have to re-establish all the phd's from the client machines to the server. My thought here is simply using a cname to direct any traffic still trying to hit the old server name to the new server name.

Maybe you are looking for

  • Tabstrip on selection screen

    Hi All, I have created selection screen with 3 tab strips. i have 2 radios button in each tab strip. My problem is, when i have selected first radio button from 2nd tab strip and execute, then it is executing first tab strip radio button first and wh

  • HT204406 download from itunes match

    I am having trouble in some locations listening to music on itunes match.  Is there a way to doownload the music to the iphone so I don't lose it when out of coverage areas?

  • Circular Joins

    How to overcome the problem of "Multiple Path exist between 2 dimension" "Circular Joins are not supported" Ex: A--> B, C and B--> C

  • Sqlldr help needed

    I need to load some data into a table from a file. Later The file may undergo some changes and these changes will have to be reflected in the table. There is a pk column in the table (name) . The file is of the structure name_1, my_data_1 name_2, my_

  • Non-GUI based ADDM

    I was reading through Performance guide and all the examples have GUI based examples. I don't have access to X-windows or windows in production environment so is there any documentation that explains ADDM but without having to go through GUI. I am lo