Skip navigation

Portable Home Directories in 10.8 Server?

25235 Views 36 Replies Latest reply: Jan 10, 2014 7:04 PM by PleaseandThankYou RSS
1 2 3 Previous Next
Gerben Wierda Level 1 Level 1 (125 points)
Currently Being Moderated
Jul 29, 2012 1:48 PM

I have a Mac mini Server running 10.6.8. Now that 10.8 is out, Apple will probably stop supporting 10.6 (as is their policy) and that means either slowly eroding security or moving to 10.8. I have been looking at the documentation and it seems underneath it all is still by an large the same basic unix-stuff like postfix, dovecot, a dns system, etc. Giving the lack of support for GUI-managing the more complex setups, I'll probably be doing it command-line (stuff like multiple virtual mail domains, multiple web domains, etc.). Not fun (and a business opportunity for some enterprising software engineer).

 

But what I haven't been able to see in the documentation or anywhere else is Portable Home Directories. In my current setup, I have a 10.6.8 Server and 10.7 clients. On these clients is a single local administrator acocunt and the rest are 'managed mobile accounts'. These are local acocunts. They work when away form the network on which the server is, but when in range of the server, the server may push settings and stuff. And on login/logout and when connected to the LAN and during work, the home directory of the user is constantly synchronized with a copy of the user's home directory on the server. This means my users can take any computer and get their own account and a synchronized copy of their home directory. They can also take a laptop off line for a while and when they return to my LAN (either physically or by VPN), any changes will be synced. This is a sweet setup and it works with 10.7 clients and 10.6.8 server.

 

But what I haven't been able to find if this will still work with 10.8 Server. I have looked at teh 10.8 Server documentation and haven't found anything about it. Will it still work somehow and if not, is there a good alternative?

2010 iMac 27" i7, 2009 MBA SSD, 2010 mini server, NeXTdimension Cube
  • DenisF Level 2 Level 2 (150 points)
    Currently Being Moderated
    Jul 29, 2012 2:28 PM (in response to Gerben Wierda)

    Yes, I have done it.

    You don't need to use terminal.

    I think it works as before.

    Probably it can be configured by profile manager but I have not been so far. What I have done is:

     

    Create local network users on the server.

    Go to the client. You need an administrator password.

    In the preference users and groups go to the Option and enable network account server.

    Each user can change its account to mobile user and configure what has to be synchronised and when.

  • cdolan92 Calculating status...
    Currently Being Moderated
    Jul 29, 2012 6:31 PM (in response to Gerben Wierda)

    Not sure,

     

    I've had a ton of trouble with Lion Server in a variety of issues, but normally you'd have to get to the regular Lion Client, then ML client, then ML server.

     

    You probably need to export the settings and information from your 10.6.8 Open Directry, etc, and then import them into ML. Hoepfully it is easier for you than that though

  • Kirk Carver Level 1 Level 1 (5 points)
    Currently Being Moderated
    Aug 5, 2012 4:17 PM (in response to cdolan92)

    Gerben

    It sounds like you have a basic handle on how to manage portable home directories.  I'm just getting started in this area, and was wondering if I could get you thoughts on how it works prior to 10.8.  Take a look at my post here:

    https://discussions.apple.com/thread/4180668

     

    If you have a chance to provide your input, I'd appreciate it.

     

    Kirk

  • Stefan R Calculating status...
    Currently Being Moderated
    Aug 6, 2012 3:01 AM (in response to Gerben Wierda)

    Mobile home directories work but wait... don't pgrade yet. There are a lot of issues with 10.8 upgrade.

     

    Wait for 10.8.1 !

     

    They have speeded up Workgroup manager it seems, but it is the same as the old one.

    Server.app is much better and has most of the settings that you use to have in the Server Admin.app. So now you need only Server.app :-)

     

    I am using remote accounts both synchronized and non-synchronized and it works just like before.

  • Kirk Carver Level 1 Level 1 (5 points)
    Currently Being Moderated
    Aug 6, 2012 7:04 PM (in response to Stefan R)

    Stefan

    Thanks for the reply.  I've already upgraded the Mini to 10.8... however, it doesn't have anything on it so there's no harm.

     

    I don't know how the "synchronized and non-synchronized" accounts worked before.  Can you link me to something that will help me understand how to properly set this up?

     

    Kirk

  • Kirk Carver Level 1 Level 1 (5 points)
    Currently Being Moderated
    Aug 9, 2012 7:43 PM (in response to Gerben Wierda)

    Gerben

    Thank you for the overview.  Assume  that one must install the server app first before configuring any of the other items.

     

    When you write in your #1 above that you create accounts on the server, do you create local users on the server that then get registered on the server app as remote users?

     

    If I already have accounts on my current MacBook Pro, would you suggest transfering the accounts directly to the server machine using something like migration assistant ( http://support.apple.com/kb/HT4889 ) then clean install Mt Lion on the laptop?  Will the server appear as a login option from the laptop at that point, or do you need to create local users on the laptop that match the user names on the server?

     

    Thanks for the help.
    Kirk

  • Eric. Level 6 Level 6 (12,260 points)
    Currently Being Moderated
    Aug 10, 2012 2:50 AM (in response to Kirk Carver)

    Kirk, yes you need to install Server first. You'll then want to set up Open directory which is need to manage network users. You'll need file sharing on, with at least one share available for network home. Once you've done that, in Server.app you can create the network users and direct their homes to 'home' share. You don't create local users for portable homes.

     

    The only thing I didn't quite get is whether Gerben also used/needed profile manager or workgroup manager to make portabile/mobile directories available to users.

  • Kirk Carver Level 1 Level 1 (5 points)
    Currently Being Moderated
    Aug 13, 2012 3:38 PM (in response to Eric.)

    Eric/Gerben

    Thank you for the reply.

     

    I understand that the the user accounts that are to be "mobile" need to have their accounts int he Open Directory. Does this mean that these same users can't be local users too?  I ask this because I was planning to use Migration Assistant to move the contents of three users accounts (one of them being the Shared account) from an older MacBook Pro (which will itself get upgraded later) to the Mini server.  The three accounts would essentially be the network accounts that would have mobile homes.   However, there may be an easier approach than using Migration Assistant.

     

    Now, from what I gather, there needs to be a "Home" share (per Eric's note).  Does this share need to reside on one of the internal HD's (there are two 500 gb hd's on the Mini) or can it be on an External drive? 

     

    I'm also wondering what size these home shares need to be in order to adequately accomodate the user's information.  I plan (key word here) to place media on a separate external 2 GB hd that is attached via Firewire to the Mini.  This would leave the two internal HD's open for use.  I could, I suppose, RAID the drives into a JBOD configuration to maximize space, and have all of the User home data on the same logical drive as the OS.  Or, I could split the OS onto one drive, and use the other drive as the home share drive -- not sure if this is enough space.  If you could spare your advice on this subject, I'd appreciate it.

     

    In the meantime, I could load the OSx Server App on the Mini and look through it.  Does anyone know if there is a good documentation link for the Server App?

     

    Again, thanks for the input.

     

    Kirk

  • Eric. Level 6 Level 6 (12,260 points)
    Currently Being Moderated
    Aug 19, 2012 1:13 AM (in response to Gerben Wierda)

    Gerben Wierda wrote:

     

    Or: you create the users anew in the network directory, you replace their home directories with the content of what is on the MacBook (TDM is your friend) and do the chmod. Easier still.

     

    That way, I suggest the migration in that way; because, you can test everything out before the data gets moved over. There's nothing like something going wrong in the setup/migration, and you have to do it all over again.

     

    Kirk, you can always put the Home directories/folder on an external. But if you do, you'll probably want to run this command in Terminal:

     

    sudo defaults write /Library/Preferences/SystemConfiguration/autodiskmount AutomountDisksWithoutUserLogin -bool YES


    That sets the system-wide setting to mount external HDs on startup. The default behavior  in OS X, probably around 10.3 onward (but Apple may have flip-flopped on this), is to mount externals on user GUI-login, not on startup like internal HDs. The default behavior is a huge problem with network users, whose home directories reside on the external, since the external on GUI login often mounts "too late" and new "phantom" home directories are created (along with warning messages that the home directory can't be found) and you sometimes get duplicate mount points. In short, the default behavior creates a bit of mess. To spare you some frustration, run that command, which will mount the externals on startup, so the home folders are always available.

     

    It's also handy if you plan on creating other shares on the external; it prevents some flaky behavior.

     

    Gerben's "general description" can be applied to Lion and Mountain Lion, although with Mountain Lion you have fewer tools, and you'll often be working in Server.app rather than some of the older tools like Server Admin.

     

    Again, basically you need to:

     

    (1) Setup file sharing, where you designate a directory/folder as a share to hold the network home directories. On the default install, Apple makes /Users a share, and you could (similar to what Gerben did) use that to hold not only local accounts' but also the network accounts' home directories. In that setup all users' home directories reside in the same place. All you have to do then is check the box "Make available for home directories over" and leave "AFP". See below; note the very last checkbox; that needs to be checked:

    file_sharing.png

     

    I preferred to keep the local and network users separate, so I actually use a different share for the network users, and not /Users. If you go that route, pay attention to the permissions, it's somewhat easy to get them wrong. I think I cheated and used Carbon Copy Cloner to clone the /Users directory to another HD, then just renamed the directory. FYI you're actually not seeing this in these screen shots, since I'm using a "fresh install" virtual machine to make the screen shots.

     

    Also if you don't need it, I'd probably uncheck "Share with Windows clients (SMB).

     

    2. You need to setup Open Directory, so you can manage Network Users. Since you want portable home directories, then you might consider using Profile Manager (introduced in Lion Server), which is Apple's latest tool for that. You can also download separate Workgroup Manager as well. Not sure which is better, or exactly why there are both. I think the documention indicated for older pre-Lion OSes, Workgroup Manager is still around.

    2a - If you go straight to Profile Manager, and set it up, it will first make you setup Open Directory, then the rest of the setup for Profile Manager itself.

    2b - Or you can always "two-step", first setup Open Directory, then later if you want "Profile Manager".

     

    3. Once you have OD (step 2), and the share setup for network home directories (step), you use Server.app to create the network users, and assign their home directory to the share not local. Note the entry "Home Folder"; use the pull-down menu to select your share. See below.

    New_Network_user.png

    If you forget to set the Home Folder, you can always "edit" the user and change the Home Folder to the share, and not Local Only.

     

    4. To get portable Home directories, I'm pretty sure you're going to have to setup and activate Profile Manager or use Workgroup Manager. Sorry not much details I can provide there, I've only played with it a bit, and was planning on upgrading my MacBook Pro to Mountain Lion before giving it a go again.

1 2 3 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (9)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.