Network Homes: Folder Redirections

Thank you both for your inputs.

@Angus: Yeah, kind of found out the hard way ;-) I did this redirection mess before the office 2011 SP1, got to test it now without them (one thing I can say so far is that the font thingy is still present, so a redirection of ~/Library/Preferences/Microsoft still is necessary)..

@M@CMAN2011: I'm well aware that accounts with forced local homes work without any issues as well as mobile accounts do. But unfortunatly, this is my very last option.

I still hope that somewhere, there is a magical spell to solve these problems..

Ah, by the way some other applications that won't work without any redirection:

- Aptana Web IDE: ~/Documents/Aptana Workspace has to be linked local

- Absolute Manage Admin (Deployment Software): Is quite slow if files in ~/Library/Application Support/LANrev Admin are located on a network share (but throws an error on launch if redirected on the local drive by a ln -s as well -.-)

Cheers

Marc

You delivered the reason by yourself:

M@CMAN2011 wrote:

My only gripe is every new intake, we have to educate students about saving work otherwise it ends up in their local home account.

I simply can not teach any employee/student how to use their network homes as in our enviroment, we'll have something like 2'000 potential mac users in the employee group alone by the summer (+ additional 13'000 student accounts^^).

For employees, a proper backup is crucial so working network homes would be the best and simplest solution for everyone (including myself ;-)).

95% of the whole configuration is working quite well, only office is not very cooperative. Unfortunately, 90% of all users use that darn thing.. ^^

M@CMAN2011 wrote:

13,000 student accounts! - crikey, that's an awful lot of administration to look after!

Fortunately, not all of them have discovered the advantages of a macintosh yet :-P

I'm looking forward to read from your recent try with network homes. Let me know if you run into any troubles other than MS Office..

Cheers

Marc

Hi M@acman

Nice to hear you had a quite successful test!

M@CMAN2011 wrote:

When launching Adobe PRO, an authentication window pops up asking for admin credentials. If I put my credentials in the program crashed. Not sure why it wants admin credentials.

Yes, the redirection is required otherwise it will not work.

Is it possible that you use Acrobat Pro 9? This version (Reader as well) has an annoying "feature" called SelfHeal. If the entries in the following file are not exactly like Acrobat/Reader want them to be, the self heal process is initiated. This will require admin privileges and change the mentioned file as it is supposed to be (but ironically it changes nothing else in most cases^^). You can deploy this file then by Open Directory Managed Preferences to all users or machines and the admin credentials issue will have gone for all of them (until the next major update, of course..)

M@CMAN2011 wrote:

On a couple of user accounts, when logging in it would say, you cannot log into this computer at this time. However, I could log in and so could other students. If the said student moved on to another mac (original config), they could log in, and access their AD home drive. I have looked at their account and can't see anything out of the ordinary. Time sync on the mac was fine. Any ideas what could cause this?

Yeah, I know that one, too. As far as I can say it is related to user permissions or in most cases, due to locked files and folders. Sometimes the problem goes away, when you reboot the machine and try again (really don't know why). Also, assure that the user is not logged in elsewhere as in this case, a login may not be possible.

And of course, check the folder/file permissions of/in the users home directory and propagate them in the subfolders, if there's any difference (compare the permissions and ACLs to working profiles).

I made an important observation yesterday: Too much redirection is no good ;-) I had activated a local redirection of the folder ~/Library/Caches. It turned out, that this caused some major issues with MS Office (couldn't even properly resave an existing file) and threw smb failures all over the place when observing the connection with Wireshark. With the redirection deactivated, everything was fine again. So don't try this at home :-P

That's odd regarding the local redirection of the ~/Library/cache - that's the only entry I had using MCX as it was the example in some documentation I was reading. Havn't experienced any issues with Word or SMB.

Maybe, that's related to our storage hardware and its smb-implementation.

So I decided to add an MCX as shown in your original post. Can I get the darn thing to work! It is more than likely that I have probably added it incorrectly so If you don't mind, could you take a look. I have included the local cache folder, should it be different to the method you use.

<key>LoginRedirection-raw</key>\

<array>\

<dict>\

<key>action</key>\

<string>deleteAndCreateSymLink</string>\

<key>destPath</key>\

<string>/tmp/%@/Library/Caches</string>\

<key>path</key>\

<string>~/Library/Caches</string>\

</dict>\

<dict>\

<key>action</key>\

<string>deleteAndCreateSymLink</string>\

<key>destPath</key>\

<string>/Users/Shared/%@/Library/Application Support/Adobe/Acrobat

\

</string>\

<key>path</key>\

<string>~/Library/Application Support/Adobe/Acrobat

\

</string>\

This is what I have noted so far:

1) acrobat folder is not removed from "network user"/Library/Application Support/Adobe/

2) a file called acrobat.. appears in "network user"/Library/Application Support/Adobe/when user logs in.

3) on the local mac the following folder is empty>shared> username>library>application support>adobe>acrobat>

TIA

Strange, did you follow the setup for MCX Redirections decribed here: http://www.afp548.com/article.php?story=MCXRedirector&query=redirect%2B and are other MCX Settings applied, especially the setting for the Cache folder (and did you set this up in WGM using the "Details"-Tab)? A restart is often required to apply these settings on the client side.

Cheers

Hi

M@CMAN2011 wrote:

When a student logs in and launched Adobe 10 reader, it says, adobe quit unexpectedly.

...

on the local hard drive of the mac the paths are as follows:

Users>shared>student test account>library

adobe> empty

That's the default behavior of Adobe Reader, if the app cannot access its files in ~/Library/Application Support/Adobe. This can either be due to they are located on a network home as already mentioned or due to insufficent permissions in this folder.

Something seems to be happening as (at least a part) of the specified path is created in the target. What happens if you try to create that link manually (as the user)?

ln -s ~/Library/Application\ Support/Adobe /Users/Shared/USERNAME/Library/Application\ Support/Adobe

If this succeeds, Adobe should now be able to run and create its necessary folders on the local drive. If not however you'll have to dig deeper: Check that you have write permissions on the target and create files and folders as the student user. I have the issue that symbolic links on certain storage systems cannot be created over smb. But since your cache redirection is working, this will not be the case for your enviroment.

Heres my MCX Redirector config:

In WGM for Adobe:

And in raw format in the inspector with my cache-cleaner:

<key>com.apple.MCXRedirector</key>
<dict>
    <key>Forced</key>
    <array>
        <dict>
            <key>mcx_preference_settings</key>
            <dict>
                <key>LoginRedirection-raw</key>
                <array>

                    <dict>
                        <key>action</key>
                        <string>deletePath</string>
                        <key>destPath</key>
                        <string>/Users/Shared/%@/Library/Caches</string>
                        <key>path</key>
                        <string>~/Library/Caches</string>
                    </dict>
                    <dict>
                        <key>action</key>
                        <string>deleteAndCreateSymLink</string>
                        <key>destPath</key>
                        <string>/Users/Shared/%@/Library/Application Support/Adobe</string>
                        <key>path</key>
                        <string>~/Library/Application Support/Adobe</string>
                    </dict>
                </array>
                <key>LogoutRedirection-raw</key>
                <array>
                    <dict>
                        <key>action</key>
                        <string>deletePath</string>
                        <key>destPath</key>
                        <string>/Users/Shared/%@/Library/Caches</string>
                        <key>path</key>
                        <string>~/Library/Caches</string>
                    </dict>
                </array>
            </dict>

        </dict>
    </array>
    <key>mcx_targets</key>
    <array>
        <string>user-managed</string>
    </array>
</dict>

Cheers