Cant login multiple network accounts on the same client?

Historically you have never been allowed to use Fast User Switching to log in multiple network logins on the same client machine. This certainly applied with Tiger, Leopard, and Snow Leopard. I have not yet personally tried this with Lion.

I believe that the underlying reason for this not being allowed is down to how AFP volumes are mounted. The AFP mount becomes 'owned' by the user that triggers the login. With a network login the first user becomes the owner and this means subsequent attempted network logins are denied access to that share and hence cannot access their home directories.

With Tiger, Leopard, and Snow Leopard servers, one could configure network home directories to be shared via NFS instead of AFP. NFS gets treated a lot different in terms of mounting, and is done more at a system level than a user level. While again I have not personally tried Fast User Switching with NFS shared home directories, this approach is specifically recommended by the authors of AquaConnect (a Macintosh Terminal Server solution) in order to allow multiple logins on the same Terminal Server. This seems to be for the same underlying reason. Using NFS does certainly work for use with AquaConnect and also works for the competing iRAPP Terminal Server product as well.

Unfortunately, Lion Server while it can be made to run an NFS server, will not let you configure using NFS for sharing home directories. I have actually reported this as a 'bug' in Lion server.

Neither the authors of AquaConnect or iRAPP have actually tested this scenario with Lion server yet, but AquaConnect do plan to investigate it. It could make it considerably more difficult to use their products.

So in summary, using NFS to share network home directories in theory would avoid the problem and can be done with a Tiger/Leopard/Snow Leopard server, but cannot be done with a Lion server. It is possible however to mix Lion with older server versions. This might for some people be a possible workaround.

PS. A bonus side-effect of using NFS shared home directories was that this allowed badly written software like Adobe's applications which are otherwise notorious for having major issues with network logins and home directories to work without errors. As an example Adobe Acrobat Pro introduced a bug in version 7.0 which prevented it being able to print-to-PDF (one of the major reasons to buy Acrobat Pro). It tooks two years for them to eventually fix this in Acrobat Pro 8.1 (I know because I spent that two years nagging them to fix it and was a beta tester). Unfortunately they then reintroduced the bug in Acrobat Pro 9.0. Fortunately I discovered this side-effect got round the issue although a clunkier workaround was also possible for Snow Leopard clients by redirecting certain folder paths.

"Historically you have never been allowed to use Fast User Switching to log in multiple network logins on the same client machine."

I've never seen a Apple restriction around this previously but regardless it used to work fine on SL client and server combo.

Some interesting detail in there though, many thanks... I'm currenltly investigating why i cant log in on Lion Server onto a remote network account.

AtomicGrog wrote:

"Historically you have never been allowed to use Fast User Switching to log in multiple network logins on the same client machine."

I've never seen a Apple restriction around this previously but regardless it used to work fine on SL client and server combo.

Some interesting detail in there though, many thanks... I'm currenltly investigating why i cant log in on Lion Server onto a remote network account.

While this limitation is reasonably widely known, I had previously like you not seen an official Apple document about this limitation. However after a serious amount of googling I have now found an official Apple support document which confirms this. See http://support.apple.com/kb/TA22373?viewlocale=en_US

It says you can't do this with AFP or SMB shared home directories. It does not say you can with NFS shared home directories but I can assure you that does work. Unfortunately Lion no longer supports NFS home directories (at least with a Lion server, it is quite possible a Lion client with a Snow Leopard Server would be ok).

You all say it's impossible to login multiple network users with home directories mounted with AFP but it is actually possible. At least in my case. I'm using a Ubuntu Server 11.04 with OpenLDAP and Netatalk AFP filesharing and multiple users CAN login on one client.

I'm not using the homeDirectory attribute but the apple-user-homeUrl, together with a AFP mount point. The only strange thing is, after the client goes to sleep and wakes up with one user logged in another user can't login with the same error. In secure.log this looks like this:

authorizationhost[1359]: ERROR | -[HomeDirMounter mountNetworkHomeWithURL:attributes:dirPath:username:] | PremountHomeDirectoryWithAuthentication( url=afp://fs/Users, homedir=/Network/fs/Users/foobar, name=foobar ) returned 16

After a restart both users can be logged in simultaniously.