Got your RSS feed on my Firefox home bar. You’re the best!

Apple Enterprise can’t seem to answer this question satisfactorily so maybe you know. I have about 80% of the users in a particular department with broken home synhcronization. Completely random, from 11/07/2007 to 6/25/08. No rhyme or reason. People have just had issues. Everyone is on Tiger bound to Active Directory with their home directory pointing to an Apple File Share. Their home directories mount just fine, but the sync is broken. Is there anyway to get them to do a full resync? I’ve tried deleting the /Library/Managed Prefs as well as the mcx data in Netinfo. I’ve also tried delting the Library/SyncServices folder and any plist files in their local account.

Any suggestions? Thanks in advance for this terrific blog!

For your problem creating mobile accounts, try this:
Login as the user, then
defaults write mcxMobility skipAddlEnableCheck 1
Log out, back in and see if the button is available.

You can manage this via MCX/Workgroup Manager for all users, or write a script that runs at login.

Another option is the command line mobile home creation tool:

/System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount

I was wondering how did you secure your NFS exports as NFS is not very secure.
I’m currently evaluating NFS with GSS security (so with Kerberos), but I’d really like to do it without Kerberos.

Also, I’m having troubles with creating mobile accounts.
I have working LDAP and schema extended with apple.schema. All works ok, users can authenticate and have their home directories via NFS.

However, when I want to create mobile accounts, the “Create mobile account” option is greyed out (even if I enable root user).
Any ideas?

Cheers,
Peter

It sounds like you actually are looking for _network_ home directories. They allow a user to log into any machine and get their same desktop, Documents, and preferences. Portable Home Directories build on top of Network Home Directories – that is, you must have a Network Home Directory infrastructure before you can implement Portable Home Dirs.

Network Homes are fairly simple to set up as a proof of concept if you are using an OS X Server as an Open Directory master and have one or more AFP servers. See Apple’s OS X Server documentation for info. But for real, live, production use you need to actually design things to handle the expected load, provide reliability, and provide quick recovery from failure, and those topics are way beyond the scope of a casual blog post or blog comment!

You could probably use dscl to edit the OriginalHomeDirectory attribute for a cached account to point to the path you want to sync, but such an edit would be fragile – it would be overwritten the next time the account info was updated from the server.

Just one point that keeps throwing me off: how can i tell homeSync to use a specific directory on my AD-Server. all i manage to do is get it to sync with the fileserver Volume that Windows Users have as the autoMount (Z:data), but i can not get it to sync into my user folder.

thx,

phil