Problem mounting NFS home directories of NIS users.
Only on one of client (rest on all clients working fine), the Local directories under /home is getting mounted instead of NFS shared home directories of NIS users. Able to manually mount the NFS shared directories but they also get automatically unmount after some ideal time. Want that the NFS shared directories gets automatically mount when the NIS user gets login as it is happening on all other clients.
Scenario:_
NIS user: user1
NFS Shared home directory: /export/home/user1 (which should get mount as /home/user1 when user1 gets login)
Local directory: /home/user1 (which is getting mounted when user1 is getting login)
[CLIENT]/--->ps -ef | grep automount
root 23369 1 0 Mar 19 ? 1:58 /usr/lib/autofs/automountd
[CLIENT]/--->cat /etc/auto_master
/xfn -xfn
/net -hosts -nosuid,nobrowse
/- auto_direct -intr
/- auto_home -intr
[CLIENT]/--->ypcat -k auto.home
/home/user1 NFS_SERVER:/export/home/user1
/home/user2 NFS_SERVER:/export/home/user2
[NFS_SERVER]-->cat /etc/dfs/dfstab
share -F nfs -d "user home dir" /export/home
[NIS_SERVER]--->cat /etc/auto_master
/xfn -xfn
/net -hosts -nosuid,nobrowse
/- auto_direct -intr
/- auto_home -intr
Please let me know if any other information is required.
add this entry as the first non-comment line in /etc/auto_master on the client:
+auto_master
Similar Messages
-
Home directories on NIS clients show "NOBODY" for group and owner
Hi,
I recently changed 10 clients from an old NIS server (running Solaris 7!) to a new one (running Solaris 10).
All my clients log on through NIS and mount their home directories OK, but when you do a ls -l it shows all files as having the owner and group as "nobody".
I am guessing this has to do with the NIS maps, or auto_home or something, but I keep going around in circles.
FROM CLIENT:
$ ls -l
total 14
drwxr-xr-x 2 nobody nobody 4 Sep 11 14:46 Desktop/
drwxr-xr-x 2 nobody nobody 2 Sep 11 14:46 Documents/
-rw-r--r-- 1 nobody nobody 136 Sep 11 13:07 local.cshrc
-rw-r--r-- 1 nobody nobody 157 Sep 11 13:07 local.login
-rw-r--r-- 1 nobody nobody 174 Sep 11 13:07 local.profile
-rw-r--r-- 1 nobody nobody 33 Sep 11 14:51 test
FROM SERVER
nisserver # ypcat auto.home
nisserver # ypcat auto.master
auto.home -nobrowse
-hosts -nosuid,nobrowse
nisserver # ypcat -x
Use "passwd" for map "passwd.byname"
Use "group" for map "group.byname"
Use "project" for map "project.byname"
Use "networks" for map "networks.byaddr"
Use "hosts" for map "hosts.byname"
Use "ipnodes" for map "ipnodes.byname"
Use "protocols" for map "protocols.bynumber"
Use "services" for map "services.byname"
Use "aliases" for map "mail.aliases"
Use "ethers" for map "ethers.byname"Darren,
Yes. The clients are Solaris 10 as well. And the domain is the same on both server and clients.
The files should be owned by real users.
If a user ssh's into the server directly, the permissions display properly. But on the clients it is nobody. Other than the permission displaying wrong, I haven't noticed any permission-related restrictions on the clients.
-Jim
Edited by: cr8rface on Sep 22, 2008 10:30 AM -
NFS4: Problem mounting NFS mount onto a Solaris 10 Client
Hi,
I am having problems mounting NFS mount point from a Linux-Server onto a Solaris 10 Client.
In the following
=My server IP ..*.120
=Client IP ..*.100
Commands run on Client:
==================
# mount -o vers=3 -F nfs 172.25.30.120:/scratch/pvfs2 /scratch/pvfs2
nfs mount: 172.25.30.120: : RPC: Rpcbind failure - RPC: Unable to receive
nfs mount: retrying: /scratch/pvfs2
nfs mount: 172.25.30.120: : RPC: Rpcbind failure - RPC: Unable to receive
nfs mount: 172.25.30.120: : RPC: Rpcbind failure - RPC: Unable to receive
# mount -o vers=4 -F nfs 172.25.30.120:/scratch/pvfs2 /scratch/pvfs2
nfs mount: 172.25.30.120:/scratch/pvfs2: No such file or directory
# rpcinfo -p
program vers proto port service
100000 4 tcp 111 rpcbind
100000 3 tcp 111 rpcbind
100000 2 tcp 111 rpcbind
100000 4 udp 111 rpcbind
100000 3 udp 111 rpcbind
100000 2 udp 111 rpcbind
1073741824 1 tcp 36084
100024 1 udp 42835 status
100024 1 tcp 36086 status
100133 1 udp 42835
100133 1 tcp 36086
100001 2 udp 42836 rstatd
100001 3 udp 42836 rstatd
100001 4 udp 42836 rstatd
100002 2 tcp 36087 rusersd
100002 3 tcp 36087 rusersd
100002 2 udp 42838 rusersd
100002 3 udp 42838 rusersd
100011 1 udp 42840 rquotad
100021 1 udp 4045 nlockmgr
100021 2 udp 4045 nlockmgr
100021 3 udp 4045 nlockmgr
100021 4 udp 4045 nlockmgr
100021 1 tcp 4045 nlockmgr
100021 2 tcp 4045 nlockmgr
100021 3 tcp 4045 nlockmgr
100021 4 tcp 4045 nlockmgr
# showmount -e 172.25.30.120 (Server)
showmount: 172.25.30.120: RPC: Rpcbind failure - RPC: Unable to receive
Commands OnServer:
================
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 tcp 49927 nlockmgr
100021 3 tcp 49927 nlockmgr
100021 4 tcp 49927 nlockmgr
100021 1 udp 32772 nlockmgr
100021 3 udp 32772 nlockmgr
100021 4 udp 32772 nlockmgr
100011 1 udp 796 rquotad
100011 2 udp 796 rquotad
100011 1 tcp 799 rquotad
100011 2 tcp 799 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 809 mountd
100005 1 tcp 812 mountd
100005 2 udp 809 mountd
100005 2 tcp 812 mountd
100005 3 udp 809 mountd
100005 3 tcp 812 mountd
100024 1 udp 854 status
100024 1 tcp 857 status
# showmount -e 172.25.30.120
Export list for 172.25.30.120:
/scratch/nfs 172.25.30.100,172.25.24.0/4
/scratch/pvfs2 172.25.30.100,172.25.24.0/4
Thank you, ~alI also tried to run Snoop on the client and wireshark on Server and following is what I see:
One Server: Upon issuing mount command on client:
# tshark -i eth1
Running as user "root" and group "root". This could be dangerous.
Capturing on eth1
0.000000 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
0.205570 172.25.30.100 -> 172.25.30.120 Portmap V2 GETPORT Call MOUNT(100005) V:3 UDP
0.205586 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
0.207863 172.25.30.100 -> 172.25.30.120 Portmap V2 GETPORT Call MOUNT(100005) V:3 UDP
0.207869 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
2.005314 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
4.011005 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
5.206109 Dell_70:ad:29 -> SunMicro_70:ff:17 ARP Who has 172.25.30.100? Tell 172.25.30.120
5.206277 SunMicro_70:ff:17 -> Dell_70:ad:29 ARP 172.25.30.100 is at 00:14:4f:70:ff:17
5.216157 172.25.30.100 -> 172.25.30.120 Portmap V2 GETPORT Call MOUNT(100005) V:3 UDP
5.216170 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
On Clinet Upon issuing mount command on client:
# snoop -d bge1
Using device /dev/bge1 (promiscuous mode)
? -> * ETHER Type=9000 (Loopback), size = 60 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
atlas-pvfs2 -> pvfs2-io-0-3 PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
pvfs2-io-0-3 -> atlas-pvfs2 ICMP Destination unreachable (UDP port 111 unreachable)
atlas-pvfs2 -> pvfs2-io-0-3 PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
pvfs2-io-0-3 -> atlas-pvfs2 ICMP Destination unreachable (UDP port 111 unreachable)
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> * ETHER Type=9000 (Loopback), size = 60 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
pvfs2-io-0-3 -> * ARP C Who is 172.25.30.100, atlas-pvfs2 ?
atlas-pvfs2 -> pvfs2-io-0-3 ARP R 172.25.30.100, atlas-pvfs2 is 0:14:4f:70:ff:17
atlas-pvfs2 -> pvfs2-io-0-3 PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
pvfs2-io-0-3 -> atlas-pvfs2 ICMP Destination unreachable (UDP port 111 unreachable)
Also I see the following on Client:
# rpcinfo -p pvfs2-io-0-3
rpcinfo: can't contact portmapper: RPC: Rpcbind failure - RPC: Failed (unspecified error)
When I try the above rpcinfo command on Client and Server Snoop And wireshark(ethereal) outputs are as follows:
Client # snoop -d bge1
Using device /dev/bge1 (promiscuous mode)
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
atlas-pvfs2 -> pvfs2-io-0-3 TCP D=111 S=872 Syn Seq=2065245538 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
pvfs2-io-0-3 -> atlas-pvfs2 ICMP Destination unreachable (TCP port 111 unreachable)
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=2004 (Unknown), size = 48 bytes
? -> (multicast) ETHER Type=0003 (LLC/802.3), size = 90 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> * ETHER Type=9000 (Loopback), size = 60 bytes
pvfs2-io-0-3 -> * ARP C Who is 172.25.30.100, atlas-pvfs2 ?
atlas-pvfs2 -> pvfs2-io-0-3 ARP R 172.25.30.100, atlas-pvfs2 is 0:14:4f:70:ff:17
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
atlas-pvfs2 -> pvfs2-io-0-3 TCP D=111 S=874 Syn Seq=2068043912 Len=0 Win=49640 Options=<mss 1460,nop,wscale 0,nop,nop,sackOK>
pvfs2-io-0-3 -> atlas-pvfs2 ICMP Destination unreachable (TCP port 111 unreachable)
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> (multicast) ETHER Type=0000 (LLC/802.3), size = 52 bytes
? -> * ETHER Type=9000 (Loopback), size = 60 bytes
Server # tshark -i eth1
Running as user "root" and group "root". This could be dangerous.
Capturing on eth1
0.000000 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
0.313739 Cisco_3d:68:10 -> CDP/VTP/DTP/PAgP/UDLD CDP Device ID: MILEVA Port ID: GigabitEthernet1/0/16
2.006422 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
3.483733 172.25.30.100 -> 172.25.30.120 TCP 865 > sunrpc [SYN] Seq=0 Win=49640 Len=0 MSS=1460 WS=0
3.483752 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
4.009741 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
6.014524 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
6.551356 Cisco_3d:68:10 -> Cisco_3d:68:10 LOOP Reply
8.019386 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
8.484344 Dell_70:ad:29 -> SunMicro_70:ff:17 ARP Who has 172.25.30.100? Tell 172.25.30.120
8.484569 SunMicro_70:ff:17 -> Dell_70:ad:29 ARP 172.25.30.100 is at 00:14:4f:70:ff:17
10.024411 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
12.030956 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
12.901333 Cisco_3d:68:10 -> CDP/VTP/DTP/PAgP/UDLD DTP Dynamic Trunking Protocol
12.901421 Cisco_3d:68:10 -> CDP/VTP/DTP/PAgP/UDLD DTP Dynamic Trunking Protocol
^[[A 14.034193 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
15.691119 172.25.30.100 -> 172.25.30.120 TCP 866 > sunrpc [SYN] Seq=0 Win=49640 Len=0 MSS=1460 WS=0
15.691138 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
16.038944 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
16.550760 Cisco_3d:68:10 -> Cisco_3d:68:10 LOOP Reply
18.043886 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
20.050243 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
21.487689 172.25.30.100 -> 172.25.30.120 TCP 867 > sunrpc [SYN] Seq=0 Win=49640 Len=0 MSS=1460 WS=0
21.487700 172.25.30.120 -> 172.25.30.100 ICMP Destination unreachable (Port unreachable)
22.053784 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
24.058680 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
26.063406 Cisco_3d:68:10 -> Spanning-tree-(for-bridges)_00 STP Conf. Root = 32770/00:0a:b8:3d:68:00 Cost = 0 Port = 0x8010
26.558307 Cisco_3d:68:10 -> Cisco_3d:68:10 LOOP Reply
~thank you for any help you can provide!!! -
Has anyone successfully used NFS home directories for network logins?
This used to work in 10.6.8 Server but I am having a hard time setting it up in Yosemite. I need to enable fast user switching with multiple logins to our server which appears to be impossible using AFP.
I'd appreciate any tips on how to accomplish this. All clients and server are running clean Yosemite installs.Apple stopped officially supporting NFS based home directories when Lion and Server.app was released. I have not done extensive testing but I certainly find two sessions using fast user switching and AFP works with Mavericks clients.
As far as I can see if a Snow Leopard server was connected to a Mavericks or Yosemite OD server it would still be possible for the Snow Leopard server to register an NFS home directory share in to Open Directory. This suggests that it might be possible to do the same even with a Mavericks or Yosemite server but that one would have to do all the work by hand in the command line. The logic for this conclusion is that Mavericks and Yosemite still include NFS even if they do not provide a GUI means to configure it and OD itself would appear to still be able to store records relating to NFS locations.
I have used NFS home directories in the past and found it solved a number of issues including -
Completely getting round Adobe's long time issues with network home directories
The same for some other third-party applications
Allowed 20+ users all on the same server to be logged in to their individual home directories in a Mac Terminal Server setup
This was all back in the days of using Snow Leopard Server.
I get the impression Apple secretly added the ability to use Fast User Switching for network logins with Lion or later to compensate for removing NFS support. This may have been at the behest of the developers of the two Mac Terminal Server products. -
Mounting NFS home directory error, please help!
Hello everyone,
We are working on setting up a network of Macs to a Linux server. The server is running NFS / NIS to authenticate, all the users have their home directories on the server and do not have any local accounts on any of the computers.
We have a problem getting the home dirs automounted on the local computers. The users need their home folder set correctly to import settings and so on, and the home folders are stored on the server.
We can connect to the NFS servers, we can get the computers to log in with NIS accounts, we can manually access their restricted info once we manually mount the NFS drive.
However, we cannot get the home folders to mount in the home directory, automounted. We have one working macintosh computer running Apple Os X 1.5, but we cannot get it to work on Snow Leopard ( 1.6 ).
Did anything change in permissions or in the way Mac OS X handles NFS shares or automounting in the update to 1.6, Snow Leopard? Does anyone have any experience handling NFS/NIS mounting in Apple Mac OS X 1.6?
/ Z.Hello everyone!
Even if I posted this recently, we had been working on it for two days. However, we just defeated this beast and managed to solve it!
It turned out to be simple, as it often is:
We changed /etc/auto_home to manually provide the IP of the NFS server with a wildcard (*) for users, & for username, then commented out the normal +auto_home.
The server was already set up to allow the computers to access everything.
The problem was, in short, that mac OS X has a dedicated slot for mounting in /home and thus you can't mount anything else there unless you replace the normal /etc/auto_home -
It appears that using AFP home directories in ML server means that Fast User Swtiching cannot work anymore.
And it sounds like the solution is to dump AFP and use NFS. Anyone have information on how to set that up?The NFS mounts are being shared off of a NetApp. We didn't have any issues with this in the past, only with Leopard.
-
NFS Home Directories not acquiring permissions
Hi there. We have recently upgraded our labs to 10.5.4 from 10.4.11. We mount user home directories via NFS and have for some time without an issue. Now, though, I can create the mount using either fstab or Directory Services and it works, however when a new user logs in who does not have a home directory, the profile gets copied to the NFS server but does not acquire the correct permissions. THe home directory is owned by root and not the logged in user. Have any of you seen this? Are there any solutions or something that I might have done wrong? Any help would be appreciated and if this is the wrong section, point me to where I can post and I'll repost there.
Thanks
JasonThe NFS mounts are being shared off of a NetApp. We didn't have any issues with this in the past, only with Leopard.
-
Network Home Directories for all users
Hi,
I hope someone can shed some light on a possible issue.
I work for a primary school in the UK.
I have Tiger server 10.4.10 running as an Open Directory Master. I have a 1TB XRAID attached to this server where the Home Directories are hosted. I have been told that they are now slow at logging in (I am currently unwell at home so have not confirmed this yet).
It used to be a magic triangle setup but found there were problems with the managed prefs for the clients not being obtained on startup and network logins not working.
The DNS and DHCP comes from the AD still.
The OD has been set up to have the same kerberos realm as that of the AD (is this wrong) as the users are in both AD and OD with same username and password.
The users Home dirs for the OD are hosted as i say on the XRAID which has a striped array of 1TB so the HDD speed shouldn't be a problem.
The server is now connected to a 1Gb switch as are the clients.
I have added more ram to the Xserve (now running on 5GB RAM). I have read that an afp server needs a lot of ram to work effectively. Is this enough?
I have not set up link aggregation yet.
The total amount of users logging in at one time will be no more than 40 users at once as there are only 40 mac machines in the school.
I hope you can help as i would like to have something to go back to school with to tackle this if it does turn out to be true.
Any more info needed just ask.
TIAHi. Let me restate so I understand it right. You are using an XServe to host network home folders and also using Active Directory for authentication? I work at a primary school also and we have an XServe that has the users home folder on it, but we also connect to an AD server for authentication. We had some speed issue with logging in but as soon as we set up a time server to ensure that both the XServe and AD server had the same time the trouble was fixed. Hope this helps.
-
Home Directory on External Disk has stopped being mounted as Home Director
Title says it all....
Set up external RAID mirror to be used as Home Directory for User "David". The Home Directory used to mount as Home drive but doesn't anymore. When I turn on I need to first login with root user then:
1. Open Disk Manager and Unmount disk (/Volumes/David on RAID mirror as a safety precaution for step 2)
2. Open Terminal:
cd /Volumes
rm -rf David (this deletes /Volumes/David which is created on startup disk)
3. Re-mount RAID mirror
4. Log out and Login as David
If I do not take this action when I want to login a freshly created /Volumes/David is created on the startup drive.
Advice on resolving pleaseI have already checked the RAID volume and it looks healthy.
I have had a look in the system.log and the following appears to be relevant to the problem however I would not know how to make a full diagnosis and resolve:
Dec 22 00:34:56 kutching SystemStarter[44]: The following StartupItems failed to start properly:
Dec 22 00:34:56 kutching SystemStarter[44]: /Library/StartupItems/tap
Dec 22 00:34:56 kutching SystemStarter[44]: - execution of Startup script failed
Dec 22 00:34:56 kutching SystemStarter[44]: /Library/StartupItems/tun
Dec 22 00:34:56 kutching SystemStarter[44]: - execution of Startup script failed
Dec 22 00:34:56 kutching system_profiler[205]: CFPreferences: user home directory at file://localhost/Volumes/David/ is unavailable. User domains will be volatile.
Going to try what is suggested here:
http://www.tonymacx86.com/viewtopic.php?f=7&t=7175&start=0
to correct home perms.
Any other suggestions ? -
I kind have this working by typing smb://cp-file-home/home$ into the connect to server winto but the problem i am having is that after it logs in the home directory has nothing in it other then my admin and user folders and i can not seem to modify those folders. They should each contain a few folders and it seems that i do not have rights to read or write despite the fact that the get info windows says i can do both. Anyone seen this before?
So basically you plan to affect mobile home directories which resides on each laptop, with a copy synchronised on an afp server, with the authentication done by AD.
So you magic triangle need first to be correctly set, meaning that your server is first bound to the AD then promoted as a Open Directory without kerberos realm - as it is the AD one which need to be used. Then bound your clients to OD first, AD second, in this order.
Try first with a regular account to be shure that your kerberos ticked is granted - "regular" means that you don't care about the home directory which is by default in the /users/ of the local (client) machine. Then once you shure that AD allow you to access and create an account, (in terminal type klist to see the ticked AD-issued) you'll play with the various option of the home dir.
Regards,
Antoine. -
Migration Assistant does not see Home Directories from AD Users
We use AD as authentication domain but home directories are stored local at the client computer. Hence they are backed up via Time Machine. AD Users can use Time Machine like any local user. But now one machine crashed and we wanted to restore the full computer via Migration Assistent. Unfortunally AD Users home directories are not restored to the computer although the home directories are on the backup set. Is there a way to restore the whole Computer from the Backup Set inclusive all Users directories (including these from the AD Users, which had been stored locally)?
So, finally after fourten hours of unattended "migration," I let it continue overnight and in the morning found that the time remaining had not moved a minute. I canceled MA and found that not one iota of data had transferred.
As far as I'm concerned, Migration Assistant ranks lower on the Apple success list than Open Doc, Newton, Pink and Taligent.
Now I have to manually install software I want to use on the MBA, apply licenses, and all the other stuff I would expect from Windows.
NOT happy. -
Migrating local user accounts/home directories to network user accounts
Hi,
I am planning on moving the user accounts from several Mac OS X client machines to a new Mac OS X Server machine (Quad core Xeon MacPro). I am very familiar with OS X client in a support environment, but do not have extensive experience with Server.
I read over the instructions in this article
http://docs.info.apple.com/article.html?path=ServerAdmin/10.4/en/c6um3.html
and it appears to be fairly straight forward, although I do have some questions regarding the existing data (home folders) and how to set the clients to log in to the network account.
Previously, in the event that I have needed to move a person's home directory to a new computer or recover from a corrupt OS (and Archive&install was not an option), in OS X client I would:
1) Back up the home directory.
2) Erase/reinstall OS X client.
3) Log in as Root.
4) Go into "Accounts" pref pane and create user with same short name as original/backed-up home directory.
5) Replace the newly created home directory with the backed-up home directory.
6) Go into Terminal and chown/chgrp the home directory to username/staff, respectively.
This would result in a perfectly migrated user account. All settings and files working just as they did on the previous system/install of OS X.
First Question: Could I employee a similar method to retain the content and settings from the local user accounts on the server as I migrate them to network users? Moving the user accounts to the server as described, then running terminal to set proper ownership...
Second Question: What do I do on each client system to tell it to recognize the networked home directory for each user? Do I just change the user's home folder path in Netinfo Manager to the automount location?
Thanks in advance for any help you can offer,
-David
MacPro 2.66 Quad Core (MA356LL/A) Mac OS X Server 10.4.8A network account is really existing only on the server but if you use "portable homefolders" (Tiger client and server) you could "migrate" the local account to a "server" one by:
Login locally as another user with administrative rights.
Change the name of the old account folder in /Users.
Remove the "old" account locally (woun't remove the "old" folder as you changed the name) only Netinfo data.
Login using the serveraccount login/password thus creating a homefolder on the server.
Logout and back in, enable portable homefolder.
Logout and then in as a local admin and remove the new user folder.
Change the name on the old userfolder to what the new one had.
I'm not a 100% sure Netinfo has the server account UID now (added by logging in and creating the portable account?) but if it does:
(http://forums.macosxhints.com/archive/index.php/t-12077.html)
"Finding and changing UIDs across the filesystem is a one-liner command:
sudo find / -user UID -exec chown userName {} \;
(replace UID with the old UID number and userName with the new user name to associate file ownership.)"
(A portable account must have got some "kind" of UID?)
Let the machine "sync" with the server account.
If you want an "on network only" account I don't know what you need to remove locally afterwards.
HTH -
Problem with home directories NOT in Users and Workgroup manager
I am setting up a Leopard server (10.5.3) with the users directories in /h1. This is mounted as /Volumes/h1.
It is exported under AFP as /h1.
When I try to get Workgroup manager to create a home directory, I can enter the home directory as:
afp://quattro.innocon.com/h1
path is 'user'
Full path is:
/Network/Servers/quattro.innocon.com/Volumes/h1
However, when I try to log in as this this user, it says that the directory /Network/Servers/quattro.innocon.com/h1/username does not exist.
I cannot seem to figure out why the 'Volumes' part of the full path is being lost.
Any ideas on how to get this right?have you checked to see if /Network/Servers/quattro.innocon.com exists?
I'm having ALOT of issues with automount not picking up on the mount-maps set by Open Directory.. If anyone has any solutions on this it would be great. -
Reshare mounted NFS Home Directory
Hi there,
I have a XServe with Leopard Server 10.5.8 installed.
Open Directory works fine, I mean users are known through the network and they can log on every computer with ssh, their home directory is well automounted by clients. Their home dirs are stored locally on the server.
I would try something new in order to win space:
1. create user dirs locally on the clients
2. export them on the network
3. mount them through NFS or AFP on the server and reshare it on the network as user dir.
item 1. is done : the local user get the uid and gid of the network user, permissions are OK on his home dir.
item 2. is OK : via NFS
item 3. seems OK because I mkdir /AFP-Users where I mount via NFS remote user dir (e.g. bob). Then I export /AFP-Users as automatic Users Home Dirs in addition to /Volumes/External/User where native OD accounts are.
I have specified in OD that Home dir of bob is nfs://server/AFP-Users/bob.
It works fine if I make a su - bob on the server : files are here and bob is able to write.
bob is able to ssh on every computer on the network, no error msg on login but no files! And no permissions to write.
If someone has an idea...
Thanks,
joeHello,
in the meantime, I have looked for Internet for my solution, nobody speaks about this precise problem.
I tried to simply mount AFP directory from a client to another, but unable to have permissions on the Terminal because the owner of the mounted AFP is local admin instead of the OD user...
I would very appreciate if anyone has an beginning of an idea.
Thanks,
joe -
[SOLVED] DBUS boot problems - Mounting system devices as a normal user
I have the [testing] and [community-testing] repositories enabled. A few days ago, probably due to an update, I started having trouble mounting devices and the shutdown/reboot options don't show up anymore on the LXDE exit menu.
I use gvfs for mounting devices as a normal user with PCManFM or Thunar. The error message is "Authentication is required".
After some testing, I found out that by restarting dbus, I could start mounting devices again:
/etc/rc.d/dbus restart
So my guess is that there's some problem with dbus startup. I have it in DAEMONS of rc.conf, as well as .xinitrc, the daemon seems to start correctly on boot, and it worked previously, so I have no idea of what could be wrong.
My ~/.xinitrc:
if [ -d /etc/X11/xinit/xinitrc.d ]; then
for f in /etc/X11/xinit/xinitrc.d/*; do
[ -x "$f" ] && . "$f"
done
unset f
fi
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then
eval 'dbus-launch --sh-syntax --exit-with-session'
fi
numlockx && exec ck-launch-session dbus-launch startlxde
My /etc/rc.conf:
# /etc/rc.conf - Main Configuration for Arch Linux
# LOCALIZATION
# LOCALE: available languages can be listed with the 'locale -a' command
# DAEMON_LOCALE: If set to 'yes', use $LOCALE as the locale during daemon
# startup and during the boot process. If set to 'no', the C locale is used.
# HARDWARECLOCK: set to "", "UTC" or "localtime", any other value will result
# in the hardware clock being left untouched (useful for virtualization)
# Note: Using "localtime" is discouraged, using "" makes hwclock fall back
# to the value in /var/lib/hwclock/adjfile
# TIMEZONE: timezones are found in /usr/share/zoneinfo
# Note: if unset, the value in /etc/localtime is used unchanged
# KEYMAP: keymaps are found in /usr/share/kbd/keymaps
# CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
# CONSOLEMAP: found in /usr/share/kbd/consoletrans
# USECOLOR: use ANSI color sequences in startup messages
LOCALE="ca_AD.UTF-8"
DAEMON_LOCALE="no"
HARDWARECLOCK="UTC"
TIMEZONE="Europe/Andorra"
KEYMAP="es"
CONSOLEFONT=
CONSOLEMAP=
USECOLOR="yes"
# HARDWARE
# MODULES: Modules to load at boot-up. Blacklisting is no longer supported.
# Replace every !module by an entry as on the following line in a file in
# /etc/modprobe.d:
# blacklist module
# See "man modprobe.conf" for details.
MODULES=()
# Udev settle timeout (default to 30)
UDEV_TIMEOUT=30
# Scan for FakeRAID (dmraid) Volumes at startup
USEDMRAID="no"
# Scan for BTRFS volumes at startup
USEBTRFS="no"
# Scan for LVM volume groups at startup, required if you use LVM
USELVM="no"
# NETWORKING
# HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
HOSTNAME="localhost"
# Use 'ip addr' or 'ls /sys/class/net/' to see all available interfaces.
# Wired network setup
# - interface: name of device (required)
# - address: IP address (leave blank for DHCP)
# - netmask: subnet mask (ignored for DHCP) (optional, defaults to 255.255.255.0)
# - broadcast: broadcast address (ignored for DHCP) (optional)
# - gateway: default route (ignored for DHCP)
# Static IP example
# interface=eth0
# address=192.168.0.2
# netmask=255.255.255.0
# broadcast=192.168.0.255
# gateway=192.168.0.1
# DHCP example
# interface=eth0
# address=
# netmask=
# gateway=
interface=eth0
address=
netmask=
broadcast=
gateway=
# Setting this to "yes" will skip network shutdown.
# This is required if your root device is on NFS.
NETWORK_PERSIST="no"
# Enable these netcfg profiles at boot-up. These are useful if you happen to
# need more advanced network features than the simple network service
# supports, such as multiple network configurations (ie, laptop users)
# - set to 'menu' to present a menu during boot-up (dialog package required)
# - prefix an entry with a ! to disable it
# Network profiles are found in /etc/network.d
# This requires the netcfg package
#NETWORKS=(main)
# DAEMONS
# Daemons to start at boot-up (in this order)
# - prefix a daemon with a ! to disable it
# - prefix a daemon with a @ to start it up in the background
# If you are sure nothing else touches your hardware clock (such as ntpd or
# a dual-boot), you might want to enable 'hwclock'. Note that this will only
# make a difference if the hwclock program has been calibrated correctly.
# If you use a network filesystem you should enable 'netfs'.
DAEMONS=(hwclock syslog-ng network crond alsa dbus cupsd)
Thanks!
Last edited by gamezelda (2011-11-08 19:28:04)I solved it.
The Wiki page for Mounting for normal users with PCManFM tells to create a "/etc/polkit-1/localauthority/50-local.d/55-myconf.pkla" file specifying the privileges to grant to the user. The problem is that it does not include the privilege needed to mount internal drives (which was what I was trying to mount). To fix it, I added:
;org.freedesktop.udisks.filesystem-mount-system-internal
To the "Action=..." line.
(Though I have no idea why it worked before it broke, or why restarting dbus after initializing my WM fixed it.)
As for the power issues, I've concluded that it was working, but restarting dbus after initializing my WM broke it (my bad for not checking it before restaring dbus). So it all works now.
Maybe you are looking for
-
I am trying to load LR on my new macbook pro. It asks for the serial number. I enter the digits, but it says, quote, " This is an upgrade serial number. The serial number from your previous version of Lightroom is also required."
-
Does anyone know how to get Suitcase Fusion 5 working in Creative Cloud 2014?
-
How to import albums from iPhoto 4..?n
Have put a lot of work to group my photos in my previous iPhoto. Now, got the '08 (7.0) Version and imported the Library. All the pictures seem to be in, even more, pictures, I believed to be erased.. But don't have a clue, how to import the albums,
-
Just had help installing cc 2014. get this dialog box when i open the app. One or more files in the adobe folder necessary for running photoshop are missing. Help
-
is it possible to access a bean in servlet ? if yes ... please solve my problem i am trying to access a form data from html page.. simple form <form method="post" action="Beanservlet" > <input type="text" name=username > </form>BeanServlet.java impo