My goal here was to take an existing local Mac account on my laptop, and convert it to an Open Directory mobile account that had home folder syncing capabilities with my Open Directory server. I’ve found the mobile account syncing features on Mac server to be fairly unreliable and flaky, so I just wanted to bind my machine, and then do manual syncs of selected folders (as opposed to having automated syncs happen at login/logout, and syncing my entire home folder and preferences, which I’ve never found to be very stable or reliable).
This was tested on a Mac running Server version 5.1.7, and El Capitan 10.11.6, and a desktop client running Mac OS X El Capitan 10.11.6.
This article assumes you have a functioning Open Directory environment, including a properly configured local DNS server with forward and reverse records for the servers and clients involved. Also, you’ll need a share set up on the server that’s configured to share home folders over AFP over the network (you can set this up under the "Filesharing” section of the Server.app).
Lastly, if you’re going to try these steps, make sure to back up all your data first, just in case anything goes wrong in the process!
The steps I used are as follows:
1. Back up all the data on the client machine that contains the user account you’re converting from local to network mobile.
2. Create an open directory account on your server, and choose the user network share as the home folder location. In my case, I just shared the local “/Users” folder on my OD server machine. Also, it will be simpler if the short name of the network account you create matches the short name of the local account on your client machine that you're going to convert, and it will be even simpler still if the passwords match, although this isn’t necessary.
3. Log into your server Profile Manager (http://your.server.name/profilemanager), select the “Users” icon on the left, choose the new user you created, then click “Settings > Edit,” then scroll down to “Mobility” on the left.
4. Under the “Account Creation” tab, check the “Create mobile account when user logs in…” box. I chose to also check the “Require confirmation” box, set “Create home using:” to “local home template,” and left the FileVault option de-selected. Choose “on startup volume” for “Home folder location."
5. Then click the “Rules” tab, and de-select *all* the Sync options under the “Preference Sync,” and “Home Sync” tabs (for now). Click the “Options” tab, and set “Sync in the background” to “Manually” for now, and check the “Show status in menu bar.” Be sure you’ve saved all your changes.
6. On your client machine, log in as an admin user that’s not the same as the user account you’re going to convert. Then go into the "Users & Groups” system preferences pane, and delete the local account you’re going to convert (did you back up your data?!?). When prompted, choose the “Don’t change the home folder” option. You’ll notice when this is done (it may take some time), that your user folder has been re-named with “(Deleted)” appended to your username. Leave that as-is for now.
7. Still in the "Users & Groups” pane, click the “Login Options” icon on the bottom left, then click the “Join” button to right of “Network Account Server, and bind your client machine to the Open Directory server, and then reboot your client machine.
8. Log back into the client machine as the new Open Directory user account you’ve created. You’ll be prompted to create a new mobile account, and a new home folder will be created, with default dock and desktop settings. After the sync completes, make a backup copy of the following files, which should all be located in:
"/Users/<your_user_name>/Library/Preferences/“ :
com.apple.MCX.plist
com.apple.homeSync.plist
com.apple.mcxMenuExtras.plist
9. Log out of your new mobile account, and log back into your client machine as another machine admin. Go into the users folder, and you should see the newly created home folder for your mobile account. Re-name that folder (i.e “johnsmith” to “johnsmith-old” or something like that),
10. In the “/Users” folder, re-name your original user data folder to match the network account name you created — it’s important to re-name it so it matches the short name of the new mobile account you created on the server (i.e. from “johnsmith (Deleted)" back to “johnsmith”). This will be your new mobile account user folder. This will, again, require a machine admin name and password.
11. Take these three backed up files (from above):
com.apple.MCX.plist
com.apple.homeSync.plist
com.apple.mcxMenuExtras.plist
and copy them into the Preferences folder inside your new mobile account user folder, located at (i.e.):
"/Users/johnsmith/Library/Preferences/“
12. Open the “Terminal” app, and change permissions for your new mobile account folder, using the following command (replacing “johnsmith” with your actual user short name). You’ll be prompted for your admin password.
sudo chown -R johnsmith:staff /Users/johnsmith
13. When this is done, reboot your machine and log in with your new mobile account credentials, and then go back into the “Users & Groups” system preferences pane, click your user account name, and then click the “Settings” button to the right of “Mobile account.”
14. For my purposes, I made sure “Sync” was set to manually (which it should be, based on the steps listed above), and I made sure that the "at login" and "at logout" boxes were both unchecked. I then chose the “Only selected folders" radio button, and only selected the folders below that I wanted to sync, and checked the “Show status in menu bar” checkbox."
15. At this point, you should be able to pull down the home sync Mac menubar item, and choose a manual sync of all the folders you selected in step 14.
Good luck, and would love to hear how this works if you want get in touch with some feedback!
This was tested on a Mac running Server version 5.1.7, and El Capitan 10.11.6, and a desktop client running Mac OS X El Capitan 10.11.6.
This article assumes you have a functioning Open Directory environment, including a properly configured local DNS server with forward and reverse records for the servers and clients involved. Also, you’ll need a share set up on the server that’s configured to share home folders over AFP over the network (you can set this up under the "Filesharing” section of the Server.app).
Lastly, if you’re going to try these steps, make sure to back up all your data first, just in case anything goes wrong in the process!
The steps I used are as follows:
1. Back up all the data on the client machine that contains the user account you’re converting from local to network mobile.
2. Create an open directory account on your server, and choose the user network share as the home folder location. In my case, I just shared the local “/Users” folder on my OD server machine. Also, it will be simpler if the short name of the network account you create matches the short name of the local account on your client machine that you're going to convert, and it will be even simpler still if the passwords match, although this isn’t necessary.
3. Log into your server Profile Manager (http://your.server.name/profilemanager), select the “Users” icon on the left, choose the new user you created, then click “Settings > Edit,” then scroll down to “Mobility” on the left.
4. Under the “Account Creation” tab, check the “Create mobile account when user logs in…” box. I chose to also check the “Require confirmation” box, set “Create home using:” to “local home template,” and left the FileVault option de-selected. Choose “on startup volume” for “Home folder location."
5. Then click the “Rules” tab, and de-select *all* the Sync options under the “Preference Sync,” and “Home Sync” tabs (for now). Click the “Options” tab, and set “Sync in the background” to “Manually” for now, and check the “Show status in menu bar.” Be sure you’ve saved all your changes.
6. On your client machine, log in as an admin user that’s not the same as the user account you’re going to convert. Then go into the "Users & Groups” system preferences pane, and delete the local account you’re going to convert (did you back up your data?!?). When prompted, choose the “Don’t change the home folder” option. You’ll notice when this is done (it may take some time), that your user folder has been re-named with “(Deleted)” appended to your username. Leave that as-is for now.
7. Still in the "Users & Groups” pane, click the “Login Options” icon on the bottom left, then click the “Join” button to right of “Network Account Server, and bind your client machine to the Open Directory server, and then reboot your client machine.
8. Log back into the client machine as the new Open Directory user account you’ve created. You’ll be prompted to create a new mobile account, and a new home folder will be created, with default dock and desktop settings. After the sync completes, make a backup copy of the following files, which should all be located in:
"/Users/<your_user_name>/Library/Preferences/“ :
com.apple.MCX.plist
com.apple.homeSync.plist
com.apple.mcxMenuExtras.plist
9. Log out of your new mobile account, and log back into your client machine as another machine admin. Go into the users folder, and you should see the newly created home folder for your mobile account. Re-name that folder (i.e “johnsmith” to “johnsmith-old” or something like that),
10. In the “/Users” folder, re-name your original user data folder to match the network account name you created — it’s important to re-name it so it matches the short name of the new mobile account you created on the server (i.e. from “johnsmith (Deleted)" back to “johnsmith”). This will be your new mobile account user folder. This will, again, require a machine admin name and password.
11. Take these three backed up files (from above):
com.apple.MCX.plist
com.apple.homeSync.plist
com.apple.mcxMenuExtras.plist
and copy them into the Preferences folder inside your new mobile account user folder, located at (i.e.):
"/Users/johnsmith/Library/Preferences/“
12. Open the “Terminal” app, and change permissions for your new mobile account folder, using the following command (replacing “johnsmith” with your actual user short name). You’ll be prompted for your admin password.
sudo chown -R johnsmith:staff /Users/johnsmith
13. When this is done, reboot your machine and log in with your new mobile account credentials, and then go back into the “Users & Groups” system preferences pane, click your user account name, and then click the “Settings” button to the right of “Mobile account.”
14. For my purposes, I made sure “Sync” was set to manually (which it should be, based on the steps listed above), and I made sure that the "at login" and "at logout" boxes were both unchecked. I then chose the “Only selected folders" radio button, and only selected the folders below that I wanted to sync, and checked the “Show status in menu bar” checkbox."
15. At this point, you should be able to pull down the home sync Mac menubar item, and choose a manual sync of all the folders you selected in step 14.
Good luck, and would love to hear how this works if you want get in touch with some feedback!
RSS Feed