No Trash on OD Server located Home Directories

Similar Messages

• Migrating Users To Server-based Home Directories

  When you install a new server and you want to migrate users to server-based home directories and they currently have local home directories (with iCal, iTunes, iPhone, etc.), what is the process?
  Will their local data be auto-moved to the server? Will it be deleted? What?
  Message was edited by: Jerry Britton1

  I went through this many years ago. Here's what I did...
  #1: Create the user in Open Directory.
  #2: Log in to the local account on the computer.
  #3: Using "Connect to Server..." mount the network home on the client Mac.
  #4: Copy all data to the same folders on the network home.
  #5: Delete the local account.
  Now when the user logs in with network credentials their network home will have all their stuff. Some preference files may need to be recreated but that's about it.

• Mac OS X Server, Network Home Directories & Time Machine

  hi,
  I am using mac os x server to manage a small workgroup using open directory and network home directories, the server is backed up using time machine. From what I understand, time machine does work on network home directories.
  However, as I am backing up my server using Time Machine, it is already backing up the user directories. Is there any way of getting a client to access the server time machine backup to access the backups of the user directories?
  Of course, it would be easy to restore files by logging onto the server as the user and restoring from there. I am just wondering if there is a more elegant solution available to do this from a client machine.
  any thoughts?
  thx!

  Hi,
  I am trying to do the same exact thing and find that it is best to do this locally (for now). Not only is the network way slower, but it seems to make things worse. For example, things backed up via the client machine are routed from the FTP server/volume mount and different permission wise. When you try to restore them locally, it should work, but the folder had different permissions because they were initially created in root (for me). So, I hope they would come out with something better than what is available now. Thanks!

• Can 10.6 server serve Windows home directories?

  Assuming no AD box, can the Mac server provide mobile logons to hosted home directories from within a LAN to Win XP or 7 users? Don't much care about WAN logins at this stage!
  Many thanks

  Short answer is yes. XP Pro is much easier to set up with roaming profiles. Win 7 Pro is possible with some dumbing down of the security in Windows 7.

• Moving Portable Home Directories from one server to another

  I am in the process of migrating users from an older xserve running 10.3 with open directory to a new xserve running 10.5. So far, everything is looking good with the migration, the only major issue I'm running into in my testing is with Portable Home Directories. Presently, the portable home directory on the computer still points to the old server for existing user accounts after they are moved to the new open directory server. On the 10.3 server, the home directories are all mounted under /Volumes/Home, where on Leopard it appears it wants to create the shares under /Volumes/ServerName/Folder. Granted, at present the original server's Home Folders are on a fiber attached raid and in testing I don't have this available. Any suggestions on a way to test easily without moving the raid? Also, is there an easy way to do a mass change on user machines where if I move my raid over to the new server, I can make sure that users data is being backed up to the proper location?
  Sorry for the lengthy post, just trying to make sure I'm covering all my bases, heh.

  Antonio, thanks for the response. I do have one more question regarding this. On the client side, the mirrors.plist file references the old server FQDN and share name. Because this will be being moved over to the new server, is there an easy method to update the clients mirror plist without breaking the PHD mirror? My big concern here is that either the users will not be able to synchronize phd's or we will have to re-establish all the phd's from the client machines to the server. My thought here is simply using a cname to direct any traffic still trying to hit the old server name to the new server name.

• NFS and  LDAP on different servers: Problems with location of home director

  Dear Apple Experts.
  We are using LDAP server for user authentification
  and NFS server for home directories.
  Both are decictaed servers on differnt machines.
  on the NFS server there are directories
  /home/urpi
  for staff's home directories
  and
  /home/students
  for student's home directories
  both are mounted to the Mac minis in
  /Users directory
  so
  /Users/urpi
  contains home directories for staff
  /Users/students
  contains home directories for students
  Authentification works well andpermission are set as needed
  but OS X shows missing home directories for LDAP authentificated users
  and terminal shows missing home directory
  for me it is
  /home/urpi/fodrek
  I was tried to mount NFS to /home, but it is not allowed
  Would I ask if there is any setting to add directories, where home directories are placed,please?
  I look forward hearing form you.
  Yours faithfully
  Peter Fodrek

  So none of these machines are Snow Leopard servers?
  What exactly do you mean when you say you tried to mount the NFS share to home? Can you copy and paste the command and error?
  It sounds as though you don't actually have the NFS shares mounted. Assuming this is so, you might want to investigate how the automount command works so that your MacMinis mount the NFS shares on boot.
  If your NFS/LDAP server is an OS X 10.6 server, set the shares to be automounted as user/group directories. Make sure your LDAP server is providing correct information on the home directory location. If it is local, I think the home directories need to be in /Users. If your mounts are indeed working but you cannot login, you might consider making links from /Users to /home/urpi or /home/students on an account-by-account basis (could be done with a quick shell script).

• Home Directories deciding where?

  Hi, new to Leo server. We have a small all woman graphic office, adding a OS X server. How do we determine where to best locate home directories, networked or local on user's computers? Implications of where it's located? ~ Jeanette

  Hi Jeanette
  +Yes, but can you use a local home?+
  Yes, of course. You can use whatever the LDAP server is set to offer without the need for a network home. Alternatively you can have a network home and never log into it. Roaming Profiles are just another aspect of what an LDAP Server can offer. It's not necessary or even a requirement to use them or even have them if you don't want to.
  Do you understand?
  +If so how?+
  Just use the mac clients as you've been using them.
  +It seems to me, you bind and use LDAP which seems to require a network home+
  As already explained you can bind to any LDAP Server without having to have or even use a network home. Doing it this way means you can have all the other benefits you get with Open Directory and associated Services without the need to use or even have a Roaming Profile (or network home).
  +or you use a local home and do not login to the server?+
  You can login to the server by simply connecting to it using command+K. The word "login' in this context is not the same as what you've been used to.
  I've perhaps added to your confusion in some way? In a purely OD environment I prefer to use the word 'join'. In an AD (Active Directory) environment I prefer to use the word 'bind'. That's because you do see the option to 'bind' in the AD plug-in. The LDAP plug-in does not mention binding until much later on in the process. This is what I've used over the years to differentiate the two.
  Does this help?
  Tony

• Sol 10 TX Home Directories LDAP AUTOFS

  I currently have a small network that is comprised of Solaris 10 08/07 machines with Trusted Extensions enable on all machines. The network does have a Trusted Extensions LDAP server that serves the network. The LDAP server is Directory Server 5.2 P4. I have not loaded any patch clusters on any of the systems.
  When I create a user I have to perform a lengthy process to ensure the user can log in at multiple levels simultaneously. After the user is created, the process is as follows:
  On the LDAP/Home Directory Server (My LDAP Server also serves the Home Directories)
  1.     Log into the system as the newly created user
  2.     Ensure the session is Trusted JDS.
  3.     Ensure �Restrict to Single level� is selected.
  4.     Select the Lowest Level Label available to the user. For example if your label encodings file contain the labels FU and BAR, with FU being dominated by BAR you would select FU.
  5.     Continue the login process. A single level desktop would be displayed and the user can open terminal windows, etc..
  6.     Logout of the system. Do not logout until a desktop is displayed.
  7.     Repeat steps 1-6 for all possible labels for the user, selecting 1 at a time.
  8.     Once the user has a desktop at all levels, log in to the system.
  9.     Make sure �Restrict to Single Label� is NOT checked.
  10.     Select the Highest possible label for the user. This will enable the user to select workspaces at all levels.
  11.     The desktop is loaded for the highest label available.
  12.     In the workspace selector, select each workspace and change the label on the workspace to another security label.
  13.     Repeat step 12 until all labels are represented. (The only desktop the will be available is the highest level desktop, the other desktops WILL NOT be loaded)
  14.     Log out and log back in again ensuring that the �Restrict to Single Label� is NOT checked and select the highest possible label for the user. At this point all desktops will appear.
  15.     Repeat the entire process for every client machine that the user will need access to.
  This process only needs to be executed once for each user on each system for all labels. Currently this is a small network, and although time consuming this process is Ok. However, as the network increases and users increase the process will to cumbersome.
  I have read in the TX install guide explains this process for the Home Directory server. But I have to do this on the clients as well. Once the process is complete I can log in as the user and verify that autofs is mounting the home directory properly. I have not tried the script that is in the install guide either. I will need to modify the script to ensure only new users are given home dirs.
  Has anyone else experienced this behavior or found a fix? Again I am running DS 5.2 P4 and no additional patch clusters.

  Are the zones on different machines (1 for LDAP and 1 for the machine the user logs into)?
  General:
  You may want to check and see if the zones of each machine is listed under the CIPSO rules and not set as admin low ---- tninfo command for this check.
  If on the same machine you have 2 options 1) go through the network interface for each zone and use CIPSO rules [regular networking] 2) be subject to the rules of multi-level access, in which you should use multi-level aware process to access the files [keep in mind the dominance issue, and that you should really know what you are doing if you create a multi-level aware process].

• Firefox 3.6 not compatible with home directories stored on AFP file server

  I just wanted to let everyone know that I have discovered, at least in my situation, that Firefox 3.6 does not work with user home directories stored on AFP file servers.
  My network consists of PPC 10.411 clients and a Mac OS X 10.62 server. User home directories are stored on the server, the user is logged into a "Golden Triangle" LDAP domain, where the Mac clients bind to a OSX Server and the OSX Server is a member of the Active Directory domain.
  Worked perfectly fine on Firefox 3.57, now in 3.6 it will either not launch, will freeze with the beachball or will only show the Firefox window and not the main web browser.
  This has happened before with a 3.0x update from a few months ago. I have posted a bug in the Bugzilla database and have outlined the bug on my personal MacPCSMB blog.
  http://www.macpcsmb.com
  https://bugzilla.mozilla.org/show_bug.cgi?id=542306
  Thanks
  Michael Yockey
  IT Administrator
  Yockey, Yockey and Schliem PC

  There is an update on the FireFox hosted AFP issue that I have uncovered:
  When users are rolled back with Firefox 3.57 (by installing FF 3.57 over 43.6) the following issue occurs:
  You launch Firefox and you get an error that states "XML scripting is not working; Firefox cannot open the window".
  This basically means that the plug-ins for Firefox 3.6 are still in the user's Firefox profile directory. These new plug-ins are not compatible with Firefox 3.57. You will have to manually go into the user's home directory and remove their profile folder and extract a specific file. The issue is that the user will have to be able to have access to their bookmarks. If you delete the profile folder their bookmarks are gone, though that is simpler to do.
  It looks like Mozilla significantly changed the profile folder setup in FF 3.6, so a profile rollback or deletion is necessary.
  If you DO NOT have a good backup:
  To solve this issue do the following. This guide assumes you have the users home directory stored on an AFP server and you have open directory logins:
  1. The Firefox profile is located here according to Mozilla: http://support.mozilla.com/en-US/kb/Profiles . The Mac OS X Directory is located at /~username/library/application support/Firefox.
  2. Find and COPY the places.sqlite file. This is the Firefox bookmarks and history database. This file is very important to back up.
  3. Now take the user's Firefox profile and TRASH it.
  4. Now either have the user launch Firefox with their Open Directory login, or change their password and login yourself. Open Firefox and then after it full loads quit the program. Copy the places.sqlite file back into the Firefox profile folder. You will have to do this manually for every user unless if you make an AppleScript to take care of this.
  5. The program will now work again.
  The second option is to go into Retrospect or Time Machine (or whatever backup solution you use) and restore the user's profile direct to a point in time before Firefox was updated to 3.6 and then subsequently reverted back to 3.57. How to use backup software is way beyond the scope of this blog posting.
  Thanks
  Mike Yockey
  www.MacPCSMB.com

• Portable Home Directories - Default save location

  We are using portable home directories, that is multiple users in Open Directory that have their home set to afp:\\server\Users\ and are configured with mobile accounts and home sync.
  The default save location is always the afp:\\server\Users\username location (Desktop or Documents, or whatever is needed depending on the app). The problem is the user saves to the Desktop, but it's not really their local desktop, the file doesn't show up until the next home sync. How can we change the default save location without breaking their home sync?

  Hi,
  Do you mean you want to change the default location when you click Save and then
  Browse? If so, we can do this via group policy.
  First, you need to install Office 2010 Administrative Template files (ADM, ADMX/ADML). See:
  http://www.microsoft.com/en-us/download/details.aspx?id=18968
  Follow this article to add the ADMX files:
  http://technet.microsoft.com/en-us/library/cc179081(v=office.14).aspx#Load_O14_templates
  After that, open your Group Policy Object Editor and navigate to: (Word for example)
  User Configuration\Policies\Administrative Templates\Microsoft Word 2010\Word Options\Advanced\File Locations, double click on
  Default File Location, select Enable and defines the default path to save documents under "Options" section.
  Restart Word to check the result.
  Hope this helps.
  Thanks,
  Steve Fan
  TechNet Community Support

• I need Home directories on local machines, not on server

  I'm setting up 10.5 server and OD. I have 10 mac workstations (all 10.4), each with established users and home directories. I have set up new users on the server, in the directory domain the exact same as they are set up on the local workstations (same long name, short name, and password. Obviously they have different UIDs and GIDs). I have user home folder paths set to None, accept the diradmin folder, which is set to /Users.
  When I log in as a OD user other than diradmin from a workstation, I see my home folder as "99". I'm not sure why this is, but it appears to create this home folder locally. I don't like this.
  When I log in as diradmin from a workstation, it creates a folder home folder called "diradmin" on the local mac. This is better.
  Ideally, what I'd like is the home folder always be located on the workstation, even if logging in from a different machine, so preferences, email, tunes, etc. are there. I DON'T want home directories on the server due to bandwidth limitation of our network. I want home directories to say as-is ((on local machines) and just change how users log onto their workstations (using LDAP instead of NetInfo).
  Questions:
  1. Can I have the same long/short name and password on the workstation, and in the shared directory? If not, will just changing the long name be enough to differentiate, or does the short name also need to change?
  2. Is it possible to have my home folders set up as described (living on the local workstation and shared in logging in from a different mac)? If so, how? I've read the apple docs and nothing seems to clearly describe how to do this.
  Thanks much.

  I had the same question and had some very helpful responses in this thread.
  http://discussions.apple.com/thread.jspa?threadID=1334079&tstart=0

• Portable Home Directories in 10.8 Server?

  I have a Mac mini Server running 10.6.8. Now that 10.8 is out, Apple will probably stop supporting 10.6 (as is their policy) and that means either slowly eroding security or moving to 10.8. I have been looking at the documentation and it seems underneath it all is still by an large the same basic unix-stuff like postfix, dovecot, a dns system, etc. Giving the lack of support for GUI-managing the more complex setups, I'll probably be doing it command-line (stuff like multiple virtual mail domains, multiple web domains, etc.). Not fun (and a business opportunity for some enterprising software engineer).
  But what I haven't been able to see in the documentation or anywhere else is Portable Home Directories. In my current setup, I have a 10.6.8 Server and 10.7 clients. On these clients is a single local administrator acocunt and the rest are 'managed mobile accounts'. These are local acocunts. They work when away form the network on which the server is, but when in range of the server, the server may push settings and stuff. And on login/logout and when connected to the LAN and during work, the home directory of the user is constantly synchronized with a copy of the user's home directory on the server. This means my users can take any computer and get their own account and a synchronized copy of their home directory. They can also take a laptop off line for a while and when they return to my LAN (either physically or by VPN), any changes will be synced. This is a sweet setup and it works with 10.7 clients and 10.6.8 server.
  But what I haven't been able to find if this will still work with 10.8 Server. I have looked at teh 10.8 Server documentation and haven't found anything about it. Will it still work somehow and if not, is there a good alternative?

  Gerben Wierda wrote:
  Or: you create the users anew in the network directory, you replace their home directories with the content of what is on the MacBook (TDM is your friend) and do the chmod. Easier still.
  That way, I suggest the migration in that way; because, you can test everything out before the data gets moved over. There's nothing like something going wrong in the setup/migration, and you have to do it all over again.
  Kirk, you can always put the Home directories/folder on an external. But if you do, you'll probably want to run this command in Terminal:
  sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount AutomountDisksWithoutUserLogin -bool YES
  That sets the system-wide setting to mount external HDs on startup. The default behavior  in OS X, probably around 10.3 onward (but Apple may have flip-flopped on this), is to mount externals on user GUI-login, not on startup like internal HDs. The default behavior is a huge problem with network users, whose home directories reside on the external, since the external on GUI login often mounts "too late" and new "phantom" home directories are created (along with warning messages that the home directory can't be found) and you sometimes get duplicate mount points. In short, the default behavior creates a bit of mess. To spare you some frustration, run that command, which will mount the externals on startup, so the home folders are always available.
  It's also handy if you plan on creating other shares on the external; it prevents some flaky behavior.
  Gerben's "general description" can be applied to Lion and Mountain Lion, although with Mountain Lion you have fewer tools, and you'll often be working in Server.app rather than some of the older tools like Server Admin.
  Again, basically you need to:
  (1) Setup file sharing, where you designate a directory/folder as a share to hold the network home directories. On the default install, Apple makes /Users a share, and you could (similar to what Gerben did) use that to hold not only local accounts' but also the network accounts' home directories. In that setup all users' home directories reside in the same place. All you have to do then is check the box "Make available for home directories over" and leave "AFP". See below; note the very last checkbox; that needs to be checked:
  I preferred to keep the local and network users separate, so I actually use a different share for the network users, and not /Users. If you go that route, pay attention to the permissions, it's somewhat easy to get them wrong. I think I cheated and used Carbon Copy Cloner to clone the /Users directory to another HD, then just renamed the directory. FYI you're actually not seeing this in these screen shots, since I'm using a "fresh install" virtual machine to make the screen shots.
  Also if you don't need it, I'd probably uncheck "Share with Windows clients (SMB).
  2. You need to setup Open Directory, so you can manage Network Users. Since you want portable home directories, then you might consider using Profile Manager (introduced in Lion Server), which is Apple's latest tool for that. You can also download separate Workgroup Manager as well. Not sure which is better, or exactly why there are both. I think the documention indicated for older pre-Lion OSes, Workgroup Manager is still around.
  2a - If you go straight to Profile Manager, and set it up, it will first make you setup Open Directory, then the rest of the setup for Profile Manager itself.
  2b - Or you can always "two-step", first setup Open Directory, then later if you want "Profile Manager".
  3. Once you have OD (step 2), and the share setup for network home directories (step), you use Server.app to create the network users, and assign their home directory to the share not local. Note the entry "Home Folder"; use the pull-down menu to select your share. See below.
  If you forget to set the Home Folder, you can always "edit" the user and change the Home Folder to the share, and not Local Only.
  4. To get portable Home directories, I'm pretty sure you're going to have to setup and activate Profile Manager or use Workgroup Manager. Sorry not much details I can provide there, I've only played with it a bit, and was planning on upgrading my MacBook Pro to Mountain Lion before giving it a go again.

• Does a 10.7 client work with a 10.6.8 server with portable home directories??

  Subject says it all. I need to move to 10.7 on the clients because I need XCode. But 10.7 Server seems dumbed-down, brittle and bug-ridden, so I'd rather stay at 10.6.8 server for the time being. I know already from some off site users of my server that mail works fine between 10.7 clients and 10.6.8 server. But what about mobile accounts and portable home directories? That is a very important feature for me.

  It seems to work. Slow and I have seen it hang at logout once (had to force shutdown the machine), maybe because I had two clients open at the same time.

• Setting Custom location for Portable Home Directories

  I'm using the Portable Home Directories to create a separate home on certain desktop machines for users to use on that machine only. These are not synced either way to the server.
  Problem is I want it to create the homes on a different internal hard disk. Rather than in the users folder on the boot drive.
  Is this possible, and if so how?
  Cheers,
  Mark

  I've found this page which seems to do exactly what I want. Though I don't understand what a loginhook is and where I would put this text.
  The site is http://blogs.cofa.unsw.edu.au/blog/nigelkersten/osxserver/2006/02/09/
  Cheers

• Airport Disk as home directories for server

  Is it possible to use an airport disk / time capsule as NAS host for home directories?
  I've seen no mention of being able to bind the disk to OD/Kerberos (network accounts).  Seems that would be necessary for hosting home directories.
  Or, would it simply be a matter of creating airport disk users (and passwords) which match those in OD?
  Anybody doing this?
  Thanks!

  When you log in to the linux machine, do you get an error that states that the home directory for the user cannot be found? That error message should give you the path that is set in the LDAP directory as the home directory for that user. This directory needs to be added to the Linux filesystem, and then the Users folder on the OS X Server needs to be NFS mounted (rw) on the Linux machine.
  For ease of transition, I softlink /home to this directory on the Linux machines.