Q: Home Sync wants to use the Login Keychain

sorry also meant to post the errors I got when creating the mobile account - they are the same errors that the 1st guy you linked to was experiencing, apart from mine end with a "failed"

2016-06-27 16:28:50.823 createmobileaccount[27274:406072] MCXCCacheMCXRecordAndGraph(): vproc_swap_integer(NULL, VPROC_GSK_PERUSER_SUSPEND, &(uid=1101), NULL) failed

2016-06-27 16:28:51.237 createmobileaccount[27274:406072] MCXCCacheMCXRecordAndGraph(): vproc_swap_integer(NULL, VPROC_GSK_PERUSER_RESUME, &(uid=1101), NULL) failed

Ok all, I will admit defeat. I don't know why this has worked for me and is not for everyone else.

I'm writing this from the iMac account created as described previously and have still not had any further pop ups. I'm sorry that I cannot help with regards to the errors received or the fact that the same process isn't working for others, but as I indicated, I took a chance based upon the links I referenced and I appear to have been lucky.

It was a fine effort jpparallel!!

So the only difference between our setups is that you are binding to AD and I'm binding to OD? That's the only thing as far as I can tell...

There must be something in your suggestion if you are still not getting popups?

Have you rebooted without popups?

Thanks for the vote of confidence!

Just be clear on my setup, while my understanding is that Active Directory (Windows server) handles the authentication and is the basis of the file server containing the network based home directories / storage, I can't guarantee Open Directory (OS X server) isn't involved as the OD server is bound to the AD server and ALL clients are bound to BOTH AD AND OD.

The theory (and we all know how that works in practice!) is that this means AD handles most things and OD handles the managed profiles on Macs (Like AD handles group policy for Windows clients)

in answer to some questions:

Yes, I have rebooted, and still without pop ups. That clicking restart or by clicking shutdown and the powering back on after the auto power off.

I specify that the local home directories are stored on a non-boot volumes for ease of back ups and restorations. This means that when creating the mobile accounts through the GUI, they are created as "external users" , this means that the user only appeared in the User & Groups preference pane when logged in. The option used creating via terminal meant they are added as "mobile users" and continually appear in the preference pane. A small difference, but maybe relevant.

Best of luck all

Well I have submitted another feedback report (2nd or 3rd time) to Apple on this highlighting their exceptional shortcomings with this issue!

We live in hope!

Um... I received this message on my radar:

"Apple Developer Relations

27-Jun-2016 01:32 PM

Portable Home Directories are no longer supported in macOS Sierra.

We are closing this bug report.

If you have questions regarding the resolution of this issue, please update your bug report with that information.

Please be sure to regularly check new Apple releases for any updates that might affect this issue."

Which is kinda amazing as APFS would probably have resolved this issue and the errors from open files during a sync.

Although it doesn't come as a surprise to me, it's a real bummer.

Since Apple's vision about the market dramatically shifted over the last years, I never expected Apple to resolve this problem.

This means however I don't see any use for MacOSX server app in the future. In many respects I find Server app to be low in quality. The one feature that justified a Apple server over a NAS for small enivronments was the portable homefolder / network homefolder option. The other 'killer function' is Profile Manager', formerly MCX. But let's face it: Server app is targetet at small business. I think hardly anyone uses Profile Manager. In larger installations another integrated MDM solution is used, in small environments MDM is no subject at all.

So that leaves no purpose for Server app. Smaller businesses are better off using a NAS while larger businesses most likely will use Microsoft and/or Linux solutions combined with MDM of some brand.

I am able to alleviate, with regularity, this error.  It cripples a portion of this products functionality, but others might find this useful to know.

First of all, I am running Server 10.10.5 and I am using (wait for it) WorkGroup Manager 10.9.    If I avoid using the Login Item preference in the Pref Management at the machine level, or machine group level. I do not get these errors. 

If I then re-enable the Machine Level preference control, then they return.  I am continuing to investigate this and run some tests.  thought I would throw it out there though so others can maybe do some investigating on their own systems too.

Cheers

KoRektion...  I am mistaken.  The errors return if I shut down the machine. And start it back up. Then, and only then, I receive the keychain/credential requests. They stay away as long as the user never powers off the machine. So, added information, but, not a solution. As my kids say 'nvm'.

wow... how to make your own product (Server) near redundant overnight!

I really have no purpose for Server now other than for profile manager which could easily be replaced.

It's confirmed, Apple have dropped support for portable home directories as of macOS Sierra. This is taken from the beta 4 release notes:

"FileSync

Support for portable home directories has been removed. Mobile home directories (network accounts that are cached locally) can still be created, but their home folder will no longer sync with their network home directory."

I'm not even going to bother ranting about this... I feel very let down by Apple

So what would be the point of having a Mobile home directory that doesn't sync ? as soon as you have used it once the network version becomes outdated and useless, i can't see any point in even keeping Mobile home directories at all at this point?

Does anyone know of alternative software solutions out there?

It is possible that advancements in APFS may enable something akin to ZFS's ability to send snapshots.  That would make this still functional.

In the mean time, a regular rsync back to the mother ship "could" accomplish the same thing.  However, The trick is knowing what's new and what isn't...

It would be possible to create a few dæmons that watch the FSEvents and synchronize, but by that time you'd be better off buying a off the shelf solution.

Can anybody suggest an off the shelf solution?  I really don't have the free time to "whip" up a dæmon...