|
|
05-24-2012, 01:49 PM
|
#1 |
|
Guest
Posts: n/a
|
Help With Binding to 10.6.8 Server
Hello everyone,
I am new to Server, and was hoping someone could help me out. My company has about 50 macs or so. We have a 10.6.8 Server that is primarily used for AFP file sharing. The users authenticate to the server only for AFP shares. They are not bound to the server. What I would like to do is, bind all the machines to the server, use there already set up user accounts (that they use for AFP) and switch their client machines to login and authenticate against the already set up accounts on the server. I want to keep their home user folders local on their machine. The server is set up as an OD Master. I was able to successfully bind a machine to the server, but that was as far as I got. I could not figure out how to get the machine to authenticate against the server while keeping their current local home directory in tact. Most of the clients are on 10.7. Any help is greatly appreciated! Thanks. |
|
|
05-26-2012, 07:26 AM
|
#2 |
|
All Star
Join Date: Jan 2004
Location: Limerick, PA
Posts: 687
|
It doesn't work like that. If the user is to access files on the server, then he needs a server account. If he is to access a home folder on the local machine, then he needs a local account too.
The closest you can come to this is to get the user's account ID number to be identical on the server and the workstation. On a workstation, account numbers are issued starting with number 501. On a server, accunt numbers are issued starting with number 1001 (I think). Having these two numbers be the same is needed for Portable Home Directory syncing, but you didn't say you were trying to do that. If you aren't trying to do PDH syncing, then I can't think of a reason you would have to make the userID numbers the same. |
|
|
|
06-10-2012, 12:35 PM
|
#3 |
|
Hall of Famer
Join Date: Feb 2003
Location: Brighton, UK
Posts: 3,807
|
You can convert a local account to a network account and still have local home folders.
You can do this a manual way or a scripted way. |
|
|
|
|
06-10-2012, 12:52 PM
|
#4 |
|
Hall of Famer
Join Date: Feb 2003
Location: Brighton, UK
Posts: 3,807
|
Eiteh rway make sure you have backups of home folder although unless you really make a mess of things it iManual Way :
1) Add all the Full Names/Short names to server and make sure you heck change password don first login. 2) Bind machine and check you can login to a network account. 3) Make sure every machine has a separate "local" admin user setup that is not related to user you are converting. This is best practice any for any machine. 4) System Prefs > Users & Groups > Select user you want to convert. IMPORTANT READ carefully data loss possible *** Delete the account BUT choose the option to "do not change home folder" **** 5) Now logout and login as user you just deleted it should now be network account and ask for you to change password and It will say something like "a home folder exists with same name do you want to use this" say yes it will then correct permissions on folder then log you in ( this can take a bit of time) then you should be good to go. Keychain should be changed too ;-) Other way is a shell script on local machine that will do all of the above step in one click a few passwords. I have used a version of these scripts to mainly convert Local Users to Active Directory Users. But this script may put you on track. https://github.com/rtrouton/rtrouton...leAcct.command |
|
|
|
 |
| Thread Tools | |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
