Time Machine and network users (home folders)--backup/restore
All of our users are network accounts with home folders stored on the server. Since these default these folders have default permissions of not being viewable by the administrator, will a Time Machine backup set up by the admin on the server backup everything in the users' folders (and subsequently be able to be restored by the admin)? Or will each user have to have access to Time Machine (and the backup drive) and then manage their own backups/restores?
Not sure...theoretically, Time Machine should do it, but I haven't gotten confirmation that it will basically ignore permissions. I finally got my backup drive online, though, so I guess I'll just have to do some tests on my own. Has slipped to a lower priority at the moment, though.
I have a XServe G5 Mac OS X 10.5.6 hosting network home directories for a 40 person call center. Another Mac Mini Server 10.6.4 hosts the open directory. Agents can login using any iMac 10.6.4 in the call center which are bound to the Mac Mini Server. I run a time machine backup on the server to an external disk.
Attempts to restore a user document from their home directory would not work when I was logged in as the Administrator on the XServe hosting the home directories. Drilling down into a users home directory would stop me with not having permissions to view the files (red circle with "-" in the time machine restore GUI)
I attempted adding a full control ACL to the home directory structure. I could view the users documents with the Server Finder, but time machine restore attempts still stopped with with inadequate permissions to view the user folders and documents.
The solution that appears to work is to logout as Administrator, then login with username root. My root password is the same as Administrator.
Time machine GUI let me navigate to the users documents in their server home folders and perform a restore. I did get a warning message "You may need to enter the name and password for an administrator on this computer to change the item named......". I clicked continue and then entered the administrator password. The file restored properly with the permissions of the user as the owner with read and write authority. Group and other permissions were both read only which is what I wanted.