Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Roeller
Roeller Author
User level: Level 1
4 points

Connecting Mac (clients) to Network Home Folder (via MacOS Server 5.8 Policy Manager / Synology)

Hello,


We have a quite simple setup;


8x MacMini ("Clients", running MacOS Mojave 10.14.0)

1x MacMini ("Server", running MacOS Mojave 10.14.0 and MacOS Server 5.8)

1x Synology, running LDAP



MacOS Server's Profile Manager is pushing a payload/setting for:

  • Address List: Use Open Directory/LDAP and the IP address of the Synology.



On all the MacMini Clients I've made the following small change:

  • Added a line to /etc/auto_master: /~ auto_syno -nobrowse,nosuid
  • Created a new file /etc/auto_syno with the following code: /MacHome -fstype=nfs,resvport nfs://<ip-of-synology>/volume1/homes


Then in the LDAP, I changed the NFSHomeDirectory attribute for each user to: /MacHome/<username> (example: /MacHome/Jan )



This works. Users can login on any of the Client Macs and their homedirectory is on the Synology.


However, I should be able to make the above changes (which I did in terminal on each client) on the Policy Manager of MacOS Server 5.8 under "Mobility" then click "Create mobile account when user logs in" and I need to set something for user home folder..etc..


Can anybody please give me some help on this last part?

I prefer for users to have a cached mobile account. One of the things we saw that didn't work with a Network Home Directory (even though the user was local admin) was signing into Office365 software like Excel and Word. It gave the error: "Not allowed to edit on this Mac".

When we had Local accounts, it did work and didn't gave the error.

Another side effect of the Network Home Folder is that (when downloading something to the Downloads folder), opening the Downloads folder in Finder at the same time gives a permanent refresh of that folder.. it's not workable.. (probably because the file size changes all the time and Finder thinks it needs to refresh?)



Any help is highly appreciated!








Posted on May 1, 2019 3:10 AM

Reply

Similar questions

1 reply
User profile for user: John Lockwood
John Lockwood
User level: Level 6
13,685 points

May 10, 2019 3:48 AM in response to Roeller

For years Apple has made changes which have made using network home folders less and less feasible. It is now effectively impossible due to the many, many issues.


I do not recall an official statement from Apple regarding network home directories but all Mac admins I know long gave up. :(


PHD - Portable Home Directories was some time ago officially discontinued. With this when you login on a client Mac it syncs a copy of the users home directory to the client Mac. This was always notorious for syncing problems and Apple discontinued it rather than fixing it.


Mobile accounts however still in theory exist. With this when you login for the first time on a client Mac a user account should be created with the same credentials as defined on the LDAP server and an empty new local home directory created for that user.


Most of your post seems to be describing using a network home directory.


An old separate issue is/was the way Microsoft Office for Mac handled creating and storing temporary files for users whilst they were editing documents stored on a network file server. This as I recall was not related to network home directories or mobile accounts etc. but purely a 'traditional' file server use. Office did (does?) create an invisible folder at the root of the network share called .TemporaryItems inside of which a sub-folder is created for each user. Each user needs to have a unique UID value and this needs to match between the file server and the client computer. If your using network logins with network home directories or using mobile accounts this should be the case.


However apparently the default permissions for this folder may be wrong. It maybe that this folder might not have even been created due to the permissions on the root of the network share. You would need to do the following on the file server itself.


cd /path/to/root/of/share

ls -la


If there is no .TemporaryItems folder listed then do


sudo mkdir .TemporaryItems


To create one and then do (regardless)


sudo chmod 1777 .TemporaryItems




There are far too many issues with network home directories for me to list here. As a couple of major examples the users Local Items keychain is stored in a folder named after the client Macs UUID value. If the user logs in from a different Mac then the UUID will be different and this keychain will not be accessible and hence unusable. This keychain is used by Mail, Calendar, Contacts and Safari. The other major issue is that SQLite the simple database software is used these days by Apple to store many settings and related information. SQLite hates accessing its files via a network share and will often corrupt them. - Guess what? The Local Items keychain is also a SQLite database!

Reply

Connecting Mac (clients) to Network Home Folder (via MacOS Server 5.8 Policy Manager / Synology)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up