Home directory on Windows clients

Similar Messages

• Default profile not working when home directory on Windows server.

  Hi,
  Using 10.6.4.
  I have created a default profile (stored in /System/Library/User Template/English.lproj) and this works fine for new local users.
  If I bind to AD (Using UNC path from Active Directory to derive network home location) and login as an AD user for the first time the default profile is not applied.
  Has anyone experienced this problem?
  Thanks,
  Dom.

  I'm experiencing the same thing, and am wondering if you had any success?

• Portable Home Directory applet in client finder reads "Never Synced"

  We have 10 users with PHD's on Intel iMac's connected to a 10.6.5 Mac Mini Server. All of the accounts have the exact same settings (default sync settings except for exclusion of ~/Music) in Work Group Manager. However two of the accounts always report that the Network Home has not been accessed for several weeks, asking for the user to choose the location of the newest files : Local Home or Network Home. Then after log in the PHD applet in the users finder says "Never Synced". Choosing sync now appears to do nothing. Opening the users PHD preferences in System Preferences shows all options to be correct. Checking the PHD preferences in Work Group Manager also shows everything correct. The kicker seems to be that some kind of sync is happening, at least sporadically (possibly on log out?). This unexpected behavior is unsettling, anyone have any ideas why this is happening and/or how to fix it? I've thought of deleting the local user and then re-creating the PHD account, but I haven't done so yet. Maybe there's a PHD sync preference file I can reset first? Any help is appreciated.

  Hi,
  You've got a stale sync record somewhere. I would check the following:
  1. In WGM, make sure your users sync preferences are setup as you'd like them to be.
  2. Open a terminal and navigate to the problematic user's home folder. Remove the .FileSync and mcx record.
  3. On the client machine. Remove the plist file for the user. From the command line it'll look like this:
  +sudo /var/db/dslocal/nodes/Default/users/offendinguser.plist+
  4. Reboot. Login as the user. If prompted, make sure you check "yes" when asked if you'd like to created a mobile home dir.
  HTH,
  -dave

• Resetting portable home directory settings on client

  Hi,
  I have recently discovered a MBP that is still trying to sync to an old server which no longer exists and has subsequently not synced to the server in quite a while.
  After looking at other posts on here I have tried removing /Library/Managed Preferences from the user's account but it persists in trying to contact the wrong server.
  Could anyone suggest why or what else I might try?
  Thanks in advance for any help!
  Justin

  Thanks for the reply bootup
  Yes, the MBP was bound to a domain so what you are saying is probably correct.
  In the end, we have actually upgraded the user to new Air and have since completely wiped the MBP in question and and given it an SSD upgrade.
  However, I will certainly bare what you have said in mind for the future
  Regards, Justin

• Home directories for Linux clients?

  Hello,
  I want to setup OS X Server to serve as an authentication server for Mac-, Windows- and Linux-clients. I have the services DHCP, DNS, OpenDirectory (as Open Directory Master) and Windows (as PDC) running.
  So far there is no problem to login on the three different platforms via LDAP. In WGM I set the home directory for Mac-clients and activated the virtual homes feature for windows. On both clients I get the network home functional but on the linux client the home does not appear.
  How do I configure the server to realize that? I thought that the linux clients would use the samba share that the windows clients use.
  iMac G5 (iSight) 20"   Mac OS X (10.4.6)  

  When you log in to the linux machine, do you get an error that states that the home directory for the user cannot be found? That error message should give you the path that is set in the LDAP directory as the home directory for that user. This directory needs to be added to the Linux filesystem, and then the Users folder on the OS X Server needs to be NFS mounted (rw) on the Linux machine.
  For ease of transition, I softlink /home to this directory on the Linux machines.

• Automounting '/home' directory under NIS+

  Hi,
  I am wotking on two Unix systems. One is the NIS+ master and the other is the client. I would like to automatically mount the Home directory from the client to the master by using NIS+ name service.
  For that I need to make sure the 'automount' entry in target system's ' /etc/nsswitch.conf ' file is configured to use a name service such as NIS+, but I do not know how to do that. Would you please give me an hint?

  You can find a file called nsswitch.nis which is configured to use all the services via nis you can open it and edit nsswitch.conf as per its syntax . otherwise the syntax is
  automount nisplus files .Make sure you have a file called auto_master with a entry +auto_home to function it correctly.
  Hemant
  http://www.adminschoice.com

• Using iChat Server with Windows clients in an integrated Active Directory/Open Directory environment

  A co-worker (Super Brent) and I were working on using iChat as an internal IM server after having used Openfire for a couple days. The reason for switching was basically that we had a Mac Mini Server that was available so we decided to take this on.
  First problem: Knowing whether or not Kerberos was needed for AD/OD integration. We spent a ton of time on this, not knowing a huge amount about AD and with our server administrator on courses, we just kept poking at it and removed Kerberos.
  For the AD/OD integration, we first bound the Mac Mini to our Active Directory server. We shut off LDAPv3 support as we only wanted to use the AD functionality. Additionally, we ensured that the search policy in Directory Utility only used Active Directory. Then we created an Open Directory master in the Open Directory service. We enabled a self-signed certificate and trusted it locally. After creating the iChat service, ensure that you use the self-signed SSL Certificate and set authentication to Standard. (no kerberos).
  Second problem: Once this was complete, we started to test clients out. We were unable to successfully login using our AD credentials using Spark IM and Pandium IM. After trying nearly 100 different variations of server configs, we decided to try a new client. I installed Miranda IM on my Windows XP machine and tried a few different setups. It turned out that the magic potion was to make sure that the "resource" field was set to "Home" and use SSL for encryption. This resource setting was the deal breaker for the other IM clients as many of them such as Spark and Pandium do not have this as a login option.
  We ended up using Pidgin IM as the Windows client of choice as it did have the resource variable and it's interface was the best suited for our environment and users.
  I hope this helps someone out there as we spent days looking all over the internet trying to figure this out.
  Cheers,
  Frenchy and Super Brent

  Hi,
  iChat Server is not something that I know a great deal about.
  I tend to point people to the OS  X Server Communities and to look out for posts by Tim Harris.
  Thanks for taking the time to post this.
  9:58 PM      Friday; February 10, 2012
  Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
    iMac 2.5Ghz 5i 2011 (Lion 10.7.3)
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb (Snow Leopard 10.6.8)
   Mac OS X (10.6.8),
  "Limit the Logs to the Bits above Binary Images."  No, Seriously

• 10.5 clients won't login/mount home directory

  Hello all,
  I am having some issues with 10.5.8 clients logging in network users.  At our school, we have a "magic triangle" setup -- Mac and PC clients, an Active Directory for user authentication (a Win 2k3 server DC I believe), and an Open Directory server (running 10.7.5 OS X Server) for Workgroup Managment and software updates.  Along with this, there is a Linux NAS box that acts as the file server hosting the user's home directories.
  I have a few test student accounts that I have set up exactly the same way that normal student accounts are added to AD.  Users have complained that these 10.5.8 clients will not let any students log on, as I have verified with my test student accounts.  When logging in, an error comes up that says "Logging into the account failed because an error occurred".  In secure.log I get a "smb_mount: syserror = Broken pipe" line along with
  ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:username:] | PremountHomeDirectoryWithAuthentication( url=smb://fileserver.domain.org/username, homedir=/Network/Servers/fileserver.domain.org/username, name=username ) returned 32
  When I turn off "Create Mobile Account at Login", the user can log in just fine, which obviously leads me to believe that there is an issue with mounting the samba share for the user's home directory during the HomeSync.
  I know the client can resolve the file server's hostname by nslookup, so I don't think DNS is the issue.  But I'm all out of ideas after looking everywhere online, and am hoping someone can assist me with this.  I'm just a computer technician and not a network sys admin by any means, but I know a good enough amount to try to troubleshoot this.  Even my network manager is stumped, and his answer is to upgrade the client to 10.6, resolving that the issue is with 10.5. I want to try to solve this issue rather than having to re-image all the 10.5 machines.
  Obviously school is out for the weekend, so I won't be back for a couple days to work on the issue if anyone does respond in the next couple days.
  Thanks in advance!
  -Brandon

  Hi Brandon, certainly no expert at this, but let me trow this out at you...
  Found a work-around. This command adds a delay, in this case 45 seconds, before displaying the Login Window.
  defaults write /Library/Preferences/com.apple.loginwindow StartupDelay -int 45
  If the Login Window UI detects that the network servers are available when it starts, it will skip the delay, also if network servers become available before the delay expires, the Login Window UI cancels the delay and displays.
  Kent

• Portable Home Directory WITH a Windows Server/AD and WITHOUT OSX Server/OD

  Hi All,
  I'm pushing the envelope here a bit, but here's the situation:
  - Windows 2003 AD Servers
  - Windows 2003 Home Directory File Server
  - MacOS X 10.5.2 client (on an Intel iMac)
  Everything works fine (once you add the AD server's IP/domain name into /etc/hosts and remove the dashes from the name of the client you're trying to join anyway). I can login, logout, run all the Apps I need. Get fine throughput from the server.
  The problem comes when I try to turn on Portable Home Directories (Mobile Accounts) for users of the client. I believe the client is trying to use "Server Side File Tracking for Mobile Home Sync", and so is trying to SSH into the Windows machine. This, perhaps unsurprisingly, is not working.
  Is there any way to turn this off without using Open Directory (even there it seems to be part of Server Admin General Prefs and not Managed Preferences)?

  Portable Homes work just fine with non-Apple servers. It just that you will not get the performance improvements of 10.5 server's "Server Side File Tracking for Mobile Home Sync".
  If Portable Homes are not working for you file a bug with Apple.

• AD mobile account stores Mac user profile in Windows home directory

  My Windows Server 2003 AD accounts have roaming profiles and user home directories stored in different locations on Windows Server 2003 servers. How do I prevent my MacOS tiger clients from copying the local user profiles for AD mobile accounts to the respective remote home directories?
  This unwanted behavior is quite similar to using Windows 9x clients in similar AD environment.

  I do need to automount the network home directory but do not desire to have it sync with the local home directoy. I disabled the "create mobile account at login" option and enabled "force local home directory on startup disk" and "use unc path from active directory ..." and these appear to have resolved the problem. Unfortunately the network home directory no longer automounts, nor do network accounts show up at the logon prompt (strangely enough, they can be configured to autologin.)

• Leopard Client Tiger server mobile home directory not working... hmmm

  Mobile home directory is not working for my leopard clients with my tiger server.
  I can log in via the Apple server account that is set for mobile.
  On my tiger clients it prompts me to confirm my mobile account on log in and everything works fine if i unplug the network cable.
  on my leopard clients no prompt at log in. so i go to account under system prefs and see that the account says mobile..and i click on make mobile account in the account pane in system prefs says will reboot and make account.. prompts for password for mobile account i put it in and then it says there was an error in making mobile account and then it takes me back to the main log in window.
  every client i have on leopard does this...
  am i missing something?
  thanks in advance,
  Jesse

  Tiger server can control mobile account syncing and other features present on Tiger clients.
  See this post for some more info on setting Leopard mobile account preferences on Tiger servers:
  http://discussions.apple.com/thread.jspa?messageID=6829482&#6829482

• Home directory is not created and cannot log from client computer

  I am trying to set up MacOsX server. I already have another server which is my DNS server. I am trying to create an Open Directory Master server.
  Server was updated to 10.4.8 MacOsX from the beginning of existence.
  I created couple of users in Open directory domain for testing purposes.
  So, the first problem is, that when I am trying to create a user home directory server does not create it and does not give any errors about that. I tried in bash createhomedir utility, it did not work either, again, no error messages.
  Another problem:
  I set up Open Directory master with LDAP. It was set up correctly, no error messages. At least I did not see any.
  The I tried to connect to the server from my client iMac computer which has 10.4.8 MacOsX as well. So I set up LDAP there in Directory services, it was able to find my server and bind to it. Then when I am trying to login with username and password in Open Directory on the server, it does nor recognize it. No error messages in logs as well.
  However, if I am trying to use ssh from client machine to connect to Server using the names which are in Open Directory on the server it allows me to do so. But of course it says no home directory defined.
  Than you very much for responce!

  An Open Directory Master requires DNS running somewhere. You could have a scenario involving 4 servers where: DNS is provided by Server A, Server B is a Web & Mail Server, Server C providing FTP Services and Server D providing LDAP services with managed preferences and automounting Home Directories (ODM). In this scenario DNS is provide by Server A and any other server requiring DNS using Server A’s DNS. You could expand this scenario if you wanted and have replica (fallover) servers for Servers A, B C or D, or if you are the frugal sort just one replica server replicating the 4 primary servers. You can do all of this pretty much in 10.4 GUI with some additional configuration using Terminal
    Mac OS X (10.4.8)  
    Mac OS X (10.4.8)  
    Mac OS X (10.4.8)  

• Access denied error while trying to add a home directory to a windows local user account

  I have seen the following as a suggestion to create home directory for a user - account17. So I have tried the following script to create a home directory :   
       $sec_password = ConvertTo-SecureString 'Password' -AsPlainText -Force;
      $credential = New-Object System.Management.Automation.PSCredential -ArgumentList 'MachineName\account17', $sec_password;
      Start-Process cmd  -Credential $credential -ErrorAction SilentlyContinue;  
      $user = Get-WmiObject -Namespace root/cimv2 -Class win32_useraccount -Filter "LocalAccount=True AND Name='account17'";
      $userprofile = Get-WmiObject -Namespace root/cimv2 -Class win32_userprofile -Filter "SID='$($user.sid)' ";
      $userprofile.localpath;
  I am getting the following error :' This command cannot be executed due to the error: Access is denied.'
  What are the permissions required to create home directory through powershell?

  pretty much the same permissions required to create the home directory by any other means.
  by the way which command is it that is generating that error? does "start-process cmd" successfully create a windows profile on the machine? Perhaps you just need to ensure that the profile is fully created before the rest of your script continues.
  Al Dunbar -- remember to 'mark or propose as answer' or 'vote as helpful' as appropriate.

• Solaris 10 NIS Client user account home directory

  Hi all,
  I am newbie of NIS in solaris and i am setting up NIS(central authentication of user) ,So related to this i have setup and server and client but
  i am getting problem while accessing user account in client side.
  in client side i can login user which i have created in server but it is not able to find its home dir .even though i added user with the -m option on server and home dir of user is created in server side .
  *(No directory! Logging in with home=/)*which i have created in NIS server.
  also i am not able to create any directories or files in the client system it says.
  bash-3.00$ mkdir a
  mkdir: Failed to make directory "a"; Permission deniedBoth the server and client have same domainname and NIS service is also running properly.
  on the server side this is the entry of the /etc/auto_home
  # Copyright 2003 Sun Microsystems, Inc. All rights reserved.
  # Use is subject to license terms.
  # ident "@(#)auto_home 1.6 03/04/28 SMI"
  # Home directory map for automounter
  +auto_home
  * SS09:/export/home/&here SS09 is the NIS server name and i can see it both server and client side .
  bash-3.00$ ypwhich
  SS09
  bash-3.00$
  bash-3.00$
  bash-3.00$ svcs nis/client
  STATE          STIME    FMRI
  online         11:53:05 svc:/network/nis/client:defaultSo please help me regarding this ...
  Thanks
  anuj
  Edited by: anuindia on Apr 16, 2009 11:02 PM
  Edited by: anuindia on Apr 16, 2009 11:03 PM

  Look over on http://docs.sun.com for the NIS guide for your version of Solaris.
  alan

• Windows client error joining with Samba 4.2 Active Directory server

  I have a basic samba 4.2 ADC setup on CentOS 7 and I get a RPC server not available whenever I attempt to join a windows client to the domain. The smb.conf is default on created during provisioning. All indicated pre-testing seems to work as expected. The windows client finds the domain and recognizes a valid user or not but the last step of joining the domain ends with the error "Unable to join the Domain RPC server not available. Does anyone have any ideas?
  Thanks Paul 
  This topic first appeared in the Spiceworks Community

  I have a scenario for you in active directory when two passwords may be valid:
  Old passwords can also work on domain controllers that have not received replication yet from either the domain controller the password was changed on, or the PDC emulator in the domain.
  Let's take a scenario where we have a 3 site, 3 domain controller (DC) active directory: Site1 with DC1, site2 with DC2 and site3 with DC3.
  The ACS application resides in Site3 and is configured to use DC3 for authentication. We have a user "user1" with a password of "123".
  User1 decides to call the helpdesk and changes his password to "456".
  The helpdesk uses DC1 to make password changes because they are located in site1. For a period of time (based on replication, which defaults to 3 hours between sites) the 123 password and the 456 password will be
  valid.
  If the user1 user tries the "123" password it will work until DC3 receives the changed password from normal replication. If user1 tries to use 456, DC3 will flag this as a wrong password, and then check the PDC
  emulator of the domain to see if it has received a newer password. The PDC emulator will validate the login, and then trigger an immediate replication with DC3.
  Regards,
  ~JG
  Do rate helpful posts