Network profiles or synchronized mobile homes not working
Hello Guys
I need a solutions for some environments where I have more users than computers. It doesn't need to work right out of the box, but it needs to have a deterministic behaviour and function reliably.
I tried different solutions to get network homes or synchronized mobile homes working, but did not succeed.
So here is what I tried so far:
- pure OS X Setup: Open Directory server with file services enabled. Destination of the user homes in a shared folder on the server.
Issue: The keychain items do not get synchronized. Whenever a user logs in (even when he just logged out on the same machine) he has to re-enter the password (and no: iCloud keychain isn't a solution!)
- Active Directory 2012 R2, user homes on OS X Server or user homes on synology or user homes on windows server:
Same issues as with the "pure" OS X solution, the keychain items do not get synchronized. Also, other items (many of them from the library) do not get synchronized correctly or with the wrong permissions set on the file.
A general problem with network homes seems to be that many applications can't cope with a home folder which isn't located on the local disk. Because of that, I decided to give synchronized roaming profiles a chance.
Here is what I tried:
- Active Directory, Roaming Profiles, synchronized with an OS X Server over AFP
- Active Directory, Roaming Profiles, synchronized with an OS X Server over SMB
- Active Directory, Roaming Profiles, synchronized with a Windows Server over SMB
- Active Directory, Roaming Profiles, synchronized with a Synology Server over SMB
- Active Directory, Roaming Profiles, synchronized with a Synology Server over AFP
In all cases, user homes were created fine on the local disk and the users were able to log in. But as soon as I wanted to synchronize files (doesn't matter if automatically or manually), many synchronization errors occured, rendering this option as unusable as the "network home only" solution.
Configuration details:
- NTP was set correctly on all machines and servers
- I did not use a .local domain (I used the domain "lab.intra") and had a DNS server in place (2 colleagues assured me that it was configured correctly)
All I want is that users can login on any machine they want and get their user profile. Up to 10.6.X this worked well, but it seems like it changed very much since then.
Any help would be greatly appreciated!
Regards
Christian