Home Directories can't be deleted in Workgroup Manager

Similar Messages

• Admin Group deleted from Workgroup Manager

  Hello,
  Apple set up our Workgroup manager so we could give users permission on our iTunes U site thru our LDAP server. One of the groups that was created was the administrators group which allowed anyone that was on that list to administer the site. Accidentally, yeah right, we deleted the group and I can not remember exactly what it was called and how to recreated it to be able to manage the site again. We no longer have any kind of admin rights and are freaking out just a bit.

  I'm not sure I understand the problem fully but I'm going to take a stab in the dark at a workaround.
  I'm understanding essentially that you need to get back into your iTunes U site, figure out the credential your group provides, and put that back in as an admin.
  A further assumption I have is that half of that problem is #1 GET IN and the other half is #2 FIGURE OUT CREDENTIAL.
  Attack #1: Find posts about Wolamaloo [sic] (formerly iTunes U access) from Richard Wolf. Use this and your shared secret (if you've lost this you might be in really deep) to log on to your iTunes U site as a generic administrator. Use this temporarily to do administrator tasks and then later to repair the Access list with your credential from #1.
  Attack #2: I'm shakier about this because I'm not sure I understand how Apple would be doing anything with your LDAP infrastructure. Anyway in my case I'd call up the LDAP folks in our office of information technology and beg them to either tell me what we were using before, or barring that give me access to some kind of script or LDAP browser that just let me look at my own LDAP attributes. I'd be on the lookout for something in my isMember, eduCourseMember, eduPersonEntitlment attribute and ours is of the form urn:mace:duke.edu.....iTunesU:administrator. I'm taking some longshots here.

• Lion Server: Can user preferences - created with workgroup manager - beupdated with Profile Manager?

  I've created some users and their preferences using the old workgroup manager. All work. I haven't used the profile manager (lion star functionality) so far. If  I do so, can I use it to update the user preferences already created? Is there any incompatibility between workgroup manager and profile manager?

  Dang, no help with this. Oh well. Guess I just mark it as "answered" and toss it in the "Cold Case" files.

• Getting rid of phantom home directories in WGM

  My users have home directories listed in Workgroup Manager that they are no longer using, but the buttons to edit and remove these entries are grayed out. Even when I try to make a new user with no preset, these entries show up in the list and cannot be modified. I have configured a new share to automount for home directories, and unshared and deleted the old folders, but WGM still insists on listing their paths. Restarting AFP and the server doesn't help.
  How do I convince WGM these folders don't exist?
  Thanks!
  Mitch

  These are automounts you had set up for your user homes, you need to delete the records for them.
  Using the "All Records" (bullseye) tab (enable it in WGM Preferences) delete the outdated entries under 'Mounts".
  - Norbert

• Portable Home Directories in 10.8 Server?

  I have a Mac mini Server running 10.6.8. Now that 10.8 is out, Apple will probably stop supporting 10.6 (as is their policy) and that means either slowly eroding security or moving to 10.8. I have been looking at the documentation and it seems underneath it all is still by an large the same basic unix-stuff like postfix, dovecot, a dns system, etc. Giving the lack of support for GUI-managing the more complex setups, I'll probably be doing it command-line (stuff like multiple virtual mail domains, multiple web domains, etc.). Not fun (and a business opportunity for some enterprising software engineer).
  But what I haven't been able to see in the documentation or anywhere else is Portable Home Directories. In my current setup, I have a 10.6.8 Server and 10.7 clients. On these clients is a single local administrator acocunt and the rest are 'managed mobile accounts'. These are local acocunts. They work when away form the network on which the server is, but when in range of the server, the server may push settings and stuff. And on login/logout and when connected to the LAN and during work, the home directory of the user is constantly synchronized with a copy of the user's home directory on the server. This means my users can take any computer and get their own account and a synchronized copy of their home directory. They can also take a laptop off line for a while and when they return to my LAN (either physically or by VPN), any changes will be synced. This is a sweet setup and it works with 10.7 clients and 10.6.8 server.
  But what I haven't been able to find if this will still work with 10.8 Server. I have looked at teh 10.8 Server documentation and haven't found anything about it. Will it still work somehow and if not, is there a good alternative?

  Gerben Wierda wrote:
  Or: you create the users anew in the network directory, you replace their home directories with the content of what is on the MacBook (TDM is your friend) and do the chmod. Easier still.
  That way, I suggest the migration in that way; because, you can test everything out before the data gets moved over. There's nothing like something going wrong in the setup/migration, and you have to do it all over again.
  Kirk, you can always put the Home directories/folder on an external. But if you do, you'll probably want to run this command in Terminal:
  sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount AutomountDisksWithoutUserLogin -bool YES
  That sets the system-wide setting to mount external HDs on startup. The default behavior  in OS X, probably around 10.3 onward (but Apple may have flip-flopped on this), is to mount externals on user GUI-login, not on startup like internal HDs. The default behavior is a huge problem with network users, whose home directories reside on the external, since the external on GUI login often mounts "too late" and new "phantom" home directories are created (along with warning messages that the home directory can't be found) and you sometimes get duplicate mount points. In short, the default behavior creates a bit of mess. To spare you some frustration, run that command, which will mount the externals on startup, so the home folders are always available.
  It's also handy if you plan on creating other shares on the external; it prevents some flaky behavior.
  Gerben's "general description" can be applied to Lion and Mountain Lion, although with Mountain Lion you have fewer tools, and you'll often be working in Server.app rather than some of the older tools like Server Admin.
  Again, basically you need to:
  (1) Setup file sharing, where you designate a directory/folder as a share to hold the network home directories. On the default install, Apple makes /Users a share, and you could (similar to what Gerben did) use that to hold not only local accounts' but also the network accounts' home directories. In that setup all users' home directories reside in the same place. All you have to do then is check the box "Make available for home directories over" and leave "AFP". See below; note the very last checkbox; that needs to be checked:
  I preferred to keep the local and network users separate, so I actually use a different share for the network users, and not /Users. If you go that route, pay attention to the permissions, it's somewhat easy to get them wrong. I think I cheated and used Carbon Copy Cloner to clone the /Users directory to another HD, then just renamed the directory. FYI you're actually not seeing this in these screen shots, since I'm using a "fresh install" virtual machine to make the screen shots.
  Also if you don't need it, I'd probably uncheck "Share with Windows clients (SMB).
  2. You need to setup Open Directory, so you can manage Network Users. Since you want portable home directories, then you might consider using Profile Manager (introduced in Lion Server), which is Apple's latest tool for that. You can also download separate Workgroup Manager as well. Not sure which is better, or exactly why there are both. I think the documention indicated for older pre-Lion OSes, Workgroup Manager is still around.
  2a - If you go straight to Profile Manager, and set it up, it will first make you setup Open Directory, then the rest of the setup for Profile Manager itself.
  2b - Or you can always "two-step", first setup Open Directory, then later if you want "Profile Manager".
  3. Once you have OD (step 2), and the share setup for network home directories (step), you use Server.app to create the network users, and assign their home directory to the share not local. Note the entry "Home Folder"; use the pull-down menu to select your share. See below.
  If you forget to set the Home Folder, you can always "edit" the user and change the Home Folder to the share, and not Local Only.
  4. To get portable Home directories, I'm pretty sure you're going to have to setup and activate Profile Manager or use Workgroup Manager. Sorry not much details I can provide there, I've only played with it a bit, and was planning on upgrading my MacBook Pro to Mountain Lion before giving it a go again.

• Portable Home Directories and Login Hooks

  We recently switched from Network Home Directories to Portable Home Directories. We used to use login hooks to do all kinds of nifty things to a user's home folder at login, but now it's complicated. I can't figure out at what point in the login+sync process the login hook executes.
  If the login hook executes before syncing, then I need to modify the network copy of the home folder, i.e. Network/Servers/servername/.../username. If the login hook executes after syncing, then I need to modify the local copy of the home folder, i.e. /Users/username. Unless I'm mistaken, you can't just use the tilde (~) in the script to denote the path the home folder, so you have to list the path explicitly.
  My testing seemed to result in inconsistent behavior. Can anyone give me some guidance?
  (Keywords: Loginhook Logouthook Login Script Logout Script Mobility Mobile PHD)

  Thank you for the advice, Syth, but I'm already aware of the basics of writing and implementing login and logout hooks. I wrote a lot of them when we were using Network Home Directories. The root of my question has to do with Portable Home Directories and login hooks.
  This is a computer lab environment where every user has their own account, network home folder, and "Mobility" preferences set in Workgroup Manager. When a user logs into a lab computer, syncing kicks in and they work from a local copy of their home folder which then syncs to the server at login and logout.
  So the core question is: Do login and logout hooks execute before or after login/logout home syncing occurs?
  For example, if a user with a brand new network account, i.e. who doesn't even have a network home yet, logs into a computer, what's the order of events? I would hope it would be:
  1) server creates network home
  2) computer creates local home, i.e. syncs
  3) login hook executes
  But my testing has been inconsistent. Anyone have any experience or insights to share?

• Migrating home directories to an Xraid

  I have just installed an Xraid to an existing Xserver. I have User Directories on the Xserve and some other folders from a Windows 2003 file server. I have updated my LDAP directory and can't seem to get Workgroup Manager to recognize the home directories I've moved over. The directory on the Xraid is shared and choose-able in the Home section of Workgroup manager. I did go into terminal and do a chown on one of the users, but it still wouldn't see the directory.
  Any help would be great!!
  Chuck

  I'd like some more advice on this as well, as I am about to migrate from user accounts from the G5 Server to an X-RAID. Here are the steps I have in mind. Anything else?
  1. You'll need to unshare the current Home folders directory on the server using the WorkGroup Manager.
  2. Then create the share-point on the RAID. Make it Network mountable.
  3. Change User path to the location in WorkGroup Manager. Shift-select all the users who are going to change path- select the new share under Home and Save it. Check under Home tab to verify.
  4. Migrate accounts using ditto copy.

• You are unable to log in...; Network Home directories; 10.4 & 10.5 Servers

  I have a solution!
  Note: this is a new post because all previous posts dealing with this topic have been archived, MANY without an answer.
  Problem:
  Users with Network Home directories can't log in. After entering their correct username and password, the following error message appears:
  "You are unable to login to the user account 'username' at this time. Logging in to the account failed because an error occurred."
  Problem occurs with v10.5 Leopard client attempting to login to a Network Home directory hosted on a v10.4 Tiger server.
  _Significant Troubleshooting Symptom:_
  Client mac Console log (all Messages) contains the following entry at the time the user attempted to login to their Network Home directory:
  authorizationhost[509] ERROR | -[HomeDirMounter
  mountNetworkHomeWithURL:attributes:dir:Path:username:] |
  PremountHomeDirectoryWith Authentication( url=afp://server.example.com/Homes, homedir=
  /Network/Servers/server.example.com/Volumes/ServerHardDisk/Homes/username,
  name=username )
  returned 2
  _Computing/Network Environment:_
  v10.5 Leopard server doing: DNS; Open Directory with Kerberos for Single Sign-On; AFP for half of all users' Network Home directories.
  v10.4 Tiger server doing: AFP for the other half of the Network Home directories. Also, note that Open Directory is not running on this server, BUT IT IS CONFIGURED (using Server Admin) as "Connected to a Directory System" and has joined the Kerberos realm on the v10.5 Leopard server.
  v10.5 Leopard clients.
  Solution:
  v10.5 User Management manual
  http://manuals.info.apple.com/enUS/User_Managementv10.5.pdf
  says share points for Network Home directories have to have Guest Access ENABLED. See step 5 on page 117 and step 12 on page 118. Note that these are two different settings, but seem consistent with each other.
  I had followed/complied/set Guest Access according to steps 5 (page 117) and 12 (page 118) on BOTH the v10.5 Leopard AND the v10.4 Tiger servers. The solution that allows users to log on normally is:
  Uncheck/disable Guest Access (as set in step 12 page 118) for the v10.4 Leopard server only. Leave "Share this item using AFP" checked. Uncheck "Allow AFP guest access."
  The above worked for me. Your milage may vary. If anyone knows how to report this to Apple for fixing in the server software and/or clarification in User Management manual, please do. If anyone knows that this solution "breaks" other stuff, please post back.

  Other posts that dealt with this same issue and other potential solutions:
  http://discussions.apple.com/thread.jspa?messageID=5700241&#5700241
  http://discussions.apple.com/thread.jspa?messageID=5784186&#5784186
  http://discussions.apple.com/thread.jspa?threadID=1215039&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=9204496&#9204496
  http://discussions.apple.com/thread.jspa?threadID=1522353&start=0&tstart=0
  http://discussions.apple.com/thread.jspa?messageID=10226660&#10226660

• Deleting Home Directories

  I have several servers that I have upgraded over the years from 10.3 to 10.4 and now to 10.5. During that time I have accumulated quite a few home directory paths within Workgroup Manager that I'd like to get rid of but I've had no luck doing so. It seems that if my Open Directory Master isn't communicating with the server that once held the old home directories, then I can't delete them. Is there a way to force clear the paths so I only have my current/correct directories listed? Any help would be appreciated. Thank you.

  I did some poking around in Workgroup Manager and figured this out. Steps are below.
  -Go to Workgroup Manager Preferences and check the box to activate "Show "All Records" tab and inspector".
  -A new tab will appear next to the Computer Groups tab. It looks like a bulls-eye.
  -Click that tab and then select Mounts from the drop down menu.
  -All of the directories that your OD Master thinks are mounted will show up.
  -Click on the one you want to delete and hit your Delete key. Check your home directory tab and it should be gone.

• Home directories- deleting

  Hi,
  I'm new to Mac's and Mac administration (about 2 days to be exact). I run a mainly windows network and am integrating Mac's into my organization. With the help of the wonderful Apple professionals, I have my server up, running and functioning.
  I am now trying to setup my users home directories through the Server Admin app. Since I'm unfamiliar with the way Mac's function, I initially had issues creating folders in the appropriate places. I now have a couple folders that need to be deleted because they are incorrectly placed. I can't, however, seem to delete them. I'm assuming it's because I don't know how. I can't seem to drag them out of the Server Admin app and into the trash. I also can't drag and drop them into the appropriate location or highlight them > Edit > delete (delete is grayed out).
  Any suggestion on what I'm doing wrong would be greatly appreciated.

  Hi,
  You can't delete a folder from File Share on Server Admin. You can try to delete the folder from Finder, so you need to remote or user share server's screen.
  Go to the folder and you can delete it, but before you do that make sure that your folder is not share with any user or group.
  From the file share, you should have 3 default share point
  - Groups
  - Public
  - Users
  Just use Users share point if you want to create a home directory for your user, choose "enable automount" and choose for home directory.
  then go to Workgroup Manager, you can point your user home folder to this share point.
  Hope this will help.

• Problem with home directories NOT in Users and Workgroup manager

  I am setting up a Leopard server (10.5.3) with the users directories in /h1. This is mounted as /Volumes/h1.
  It is exported under AFP as /h1.
  When I try to get Workgroup manager to create a home directory, I can enter the home directory as:
  afp://quattro.innocon.com/h1
  path is 'user'
  Full path is:
  /Network/Servers/quattro.innocon.com/Volumes/h1
  However, when I try to log in as this this user, it says that the directory /Network/Servers/quattro.innocon.com/h1/username does not exist.
  I cannot seem to figure out why the 'Volumes' part of the full path is being lost.
  Any ideas on how to get this right?

  have you checked to see if /Network/Servers/quattro.innocon.com exists?
  I'm having ALOT of issues with automount not picking up on the mount-maps set by Open Directory.. If anyone has any solutions on this it would be great.

• Workgroup Manager doesn't create home directories for OD accounts

  I'm having an issue where home directories aren't created for OD accounts. My setup is as follows, the home directories are stored on the OD Master (the only Apple/OD/AD server on the network), and the home directory paths are filled as afp://192.168.1.254/Customers, fakeuser, /Users/Customers/fakeuser
  This same pathing scheme works fine for local accounts, however for OD, clicking Create Home Directory and saving the account does nothing (no errors, nor folders created). If I ftp into said account, I wind up being directed to /Users (definitely not the expected behaviour)
  I am deploying a web based upload system that I want to authenticate against OD users so as to share home folders and permissions with the ftp server, once I have this figured out I will be migrating a bunch of accounts to OD from local.

  In addition to potential DNS issues, it sounds like you may be using the wrong procedure to define the users' home directories. You should never have to specify the paths manually; instead, define the share point ("Customers" in your case) to be automounted, and then it should automatically show up in the list of available home folder locations, with all the necessary paths predefined. Here's the full procedure:
  1. Run Server Admin, and select: the server name in the sidebar -> File Sharing in the toolbar -> Volumes & Browse under that -> navigate to the /Customers folder in the column view.
  2. Make sure the folder is being shared (with it selected, you should see an "Unshare" button near the top right of the window); if not share it with the Share Button (then Save the change).
  3. Select the Share Point tab under the file browser (NOT the one above it), and select the Enable Automount checkbox. A dialog will open asking for the automount details; make sure the Directory is set to /LADPv3/127.0.0.1, Protocol to AFP, and Use for is User home folders and group folders. OK the dialog, and be sure to click Save to make the change take effect.
  4. Run Workgroup Manager, and select Accounts in the toolbar -> Users (single person icon) tab under that -> some user account(s) you want to configure under that -> Home tab on the right.
  5. Select (None) from the location list and click Save (this wipes out any current setting, so we can rebuild it correctly).
  6. The Customers share point should be in the list of available locations (due to being configured for automount); select it, then click Create Home Now, and finally Save.

• Workgroup Manager won't create home directories; no error message

  This is quite frustrating. For the past 3 years or so I have used the same procedure to add new users to my LDAP directory:
  1) In Workgroup Manager, click the New User button
  2) Assign name and password under the basic tab
  3) Assign group memberships under the Groups tab
  4) Under the Home tab, select the right place (nfs://my.server.org/Volumes/Users), click Create Home Now
  5) Click Save
  Suddenly, when I try to do this yesterday, workgroup manager won't create home directories anymore. I could probably do it manually, but I'm not sure how to get all the right skeleton setup in there. But my main question is, why doesn't this work anymore? Why can't I at least get an error message instead of being silently ignored?
  I share admin duties with other people, so it's possible someone installed an update recently; all I can really say is that I'm running Leopard Server 10.5.8 right now, and can find out whatever else is relevant.
  Any ideas?
  Thanks!
  ~Ben

  Thanks for the pointer to createhomedir - that did indeed do the trick. (How on earth do people find these little nuggets).
  I hesitate to mark this as solved however - it's a functioning workaround, but does nothing to explain why on earth the GUI suddenly stopped functioning.
  But in the (likely) event that that question never gets answered, thanks again for letting me get on with working!

• Why can't files be locked in AFP home directories?

  Hello!
  Our setup: Lion Server on Mac Pro with 30 Lion clients.
  Several applications, notable Eclipse and R Studio, are crashing on start and complaining about not being able to lock files in their working directories. This only happens on network accounts whose home directories are on the server, not local accounts on the clients.
  These apps worked fine under Snow Leopard.
  I have three questions:
  1. I assume this is a more low-level type of locking than the "Locked" checkbox in Get Info: am I right?
  2. Could apps running on clients (logged into network accounts) get locks in Snow Leopard?
  3. If so, what's changed in Lion, and how can I re-enable locking?
  Thanks
  Louise
  Example error from R Studio:
  12 Jun 2012 18:24:23 [rsession-fintannagle] ERROR system error 45 (Operation not supported) [lock-file=/Network/Servers/xgrid.complex.ucl.ac.uk/Volumes/Users/fintannagle/. rstudio-desktop/sdb/s-333EABAB/lock_file]; OCCURRED AT: core::Error core::FileLock::acquire(const core::FilePath&) /Users/rstudio/rstudio/src/cpp/core/FileLock.cpp:117; LOGGED FROM: bool session::source_database::supervisor::<unnamed>::reclaimOrphanedSession(const std::vector<core::FilePath, std::allocator<core::FilePath> >&, core::FilePath*) /Users/rstudio/rstudio/src/cpp/session/SessionSourceDatabaseSupervisor.cpp:249
  12 Jun 2012 18:24:23 [rsession-fintannagle] ERROR system error 45 (Operation not supported) [lock-file=/Network/Servers/xgrid.complex.ucl.ac.uk/Volumes/Users/fintannagle/. rstudio-desktop/sdb/s-505698E8/lock_file]; OCCURRED AT: static bool core::FileLock::isLocked(const core::FilePath&) /Users/rstudio/rstudio/src/cpp/core/FileLock.cpp:61; LOGGED FROM: static bool core::FileLock::isLocked(const core::FilePath&) /Users/rstudio/rstudio/src/cpp/core/FileLock.cpp:63
  12 Jun 2012 18:24:23 [rsession-fintannagle] ERROR system error 45 (Operation not supported) [lock-file=/Network/Servers/xgrid.complex.ucl.ac.uk/Volumes/Users/fintannagle/. rstudio-desktop/sdb/s-505698E8/lock_file]; OCCURRED AT: core::Error core::FileLock::acquire(const core::FilePath&) /Users/rstudio/rstudio/src/cpp/core/FileLock.cpp:117; LOGGED FROM: bool session::source_database::supervisor::<unnamed>::reclaimOrphanedSession(const std::vector<core::FilePath, std::allocator<core::FilePath> >&, core::FilePath*) /Users/rstudio/rstudio/src/cpp/session/SessionSourceDatabaseSupervisor.cpp:249

  User presets and templates will only be placed within the catalog folder after the 'Store presets with catalog' is activated. Existing user presets and templates will remain in their original location. I appreciate that this is a tad confusing, but it's the way Lr works. To get all of your existing presets and templates into the catalog folder it's probably quicker and easier to just copy the entire 'Lightroom Settings' folder from the default location to the Lightroom catalog folder.

• HT4623 After my last and latest update on I phone 5, I can no longer delete app running in background by double clicking the home button. When I do double click the home button  to swipe off the apps running....nothing at all happens, hence the apps must

  After my last and latest upgrade to Iphone 5, i can no longer delete open app by tapping the home button twice, and then swiping off the screen.  In effect these apps are open and using data. This has only just occured since the upgrade to ios 7.1.1  After many attempts to press home button twice....nothing happens, and so app are open. Please advise? any answers?

  Hey there 111brownyn
  Go to Settings>General>Accessability>Assistive touch(in the bottom)
  and switch the toggle on. You'll find now a smaal square around your screen.
  Touch it aand perform the double click gesture with the virtual home button on the screen.
  I think your Home button has been damaged.
  Do let me know if it worked