Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Rick46580
Rick46580 Author
User level: Level 1
24 points

Local home folders to Network Home folders migration

Hello everyone. I've recently taken on the task of converting our infrastructure from OpenLDAP to OpenDirectory, implementing Profile Manager, Network Authenticated logins, and a slew of other services to help wrangle my organization of ~150 Macs. This is on the latest version of Yosemite+Server App


I've got the basics covered, OD master and replica in place, and profile manager handling devices properly at the moment. What I am currently planning out, is the migration/enabling of the Network Authenticated logins. Currently machines are configured with local user accounts, and OpenLDAP handles authentication of other services like file sharing (to EMC Isilion Cluste), VPN, RADIUS, etc.


Knowing that it would be hugely disruptive to start fresh on all of these machines, and that our network bandwidth won't support network home directories, I now need to figure out a migration strategy, and get advice on what pitfalls to avoid through this migration. (I am backing up)


First, I've imported the OpenLDAP users and their UIDs. I've done this to keep file ownership for data on the Isilon cluster/Filesharing. My concern now, is for UID permissions on the local home folders and their translation to their network bound accounts. I'd rather not have to go through to each machine and adjust UIDs and permissions for each local user to match their network UID, but I'm not sure if there's another way. I'd also rather not have to migrate data around on each individual machine.


One thought I had, would be to import the local user folders (from the machines) to their matching network home folders, enable "mobity", delete the local user accounts (on the local machines), then have them sync at login/account creation. To me, this seems like it would counter any permissions issues between network login UID and local UID, but has the high overhead of pushing around a lot of data, introducing possible corruption of data, or just straight up mucking things up.


A second thought would be to utilize Time Machine, backup, login with the network user, then restore from TM backup. If I'm not mistaken, the imported/restored information should take the new UID of the user information being restored?


Some thoughts, tips, and tricks would be welcome. If I'm totally wrong on this, please suggest a better way.


Thanks!

MacBook Pro, Mac OS X (10.7.4)

Posted on Jul 29, 2015 9:50 AM

Reply
2 replies
User profile for user: Rick46580
Rick46580 Author
User level: Level 1
24 points

Jul 30, 2015 9:35 AM in response to markuna

Thanks for the heads up. I guess I should clarify that I'm not going to rely on NHF for active use, but to have network bound machines, and allow users to authenticate against the server. In order to accomplish this, users have to have home folders on the server... Even if they aren't touched/actively used. What I need to accomplish, is to keep their local home folders in place, while allowing for authentication against the server.

Reply

Local home folders to Network Home folders migration

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up