OS X Home Directories on Windows Server 2003

S

Swiftfeet_8

Registered
I am trying to setup my Mac running OS X to have a home directory depending on the user that logs into the server running Windows Server 2003. I am able to map to the "users" share folder on the server, but I am unable to setup a home directory like on windows machines (ie. %username%). I am kind of new to Mac's so any help would be great. Thanks!
 
Hi Swiftfeet_8 and welcome to the forum.
I didn't fully understand what you are trying to do but let me suggest you one very neat freeware tool called SharePoints. Good luck!
 
Thursby's Admitmac will allow you to do this. You just set the Windows home share up as you would for a Windows login. Admitmac connects through to the AD on the 2003 server and verifies the account information from there and if a home share is specified it can be set to use it.

There are several possible settings, one being 'network only' share and another being 'local home share with mapped network share' I would recommend that latter as if there is a connectivity problem with the network the user will not be able to login to the Mac at all.
 
I'm assuming your using Active Directory authentication?

Default behavior by the AD plugin is to load the home share over SMB.

dsconfigad -localhome disable

That will disable the forced creation of a local home and use one off your server, but your results may vary. As always, man dsconfigad if you want to read up on the features. :)
 
I am using AD to authenticate the users. I have not tried AdmitMac because I am looking for a free / manual way to accomplish this. I will try to descibe what i am trying to accomplish a little better.
I want to be able to have users log onto a Mac and have a shared directory from my "users" directory based on their logon name.

example: User - Swiftfeet with home folder .../users/Swiftfeet


Thanks!
 
Ok, lets sort this out a bit more with some detail! :)

There's a difference between home directories and home folders (or shares). A home directory is going to be a full complement of folders (Desktop, Documents, Music, Movies, Library, etc), where the local machine does not store a user's profile, the profile is stored on the server and will enable you to use roaming profiles, meaning a user can sit down at any machine on your network and have the exact same documents, preferences, etc.

A home folder, or share, is simply like a My Documents folder, that is usually restricted for use only by that user, for their own information.

In your AD user properties, you can set a Home Folder option in the Profile tab. Simply tell it to connect (in my case) H: to \\server\share\folder. If you do decide to keep your homes on Windows, leave the AD Plugin at default values for mount style, meaning, do not use AFP, as AFP will not be able to load at launch due to the difference in authentication types that are supported between SMB -> Windows and 'AFP' -> Windows.
 
Ok, sorry for the confusion. What I am trying to setup is a shared home folder. The problem I am having is that when the user logs in, the shared home folder on the desktop does not connect to .../users/"username". Instead I can only map the share to .../users and then set the permissions so that the user can only access their own folder. I hope this clears things up a little.

Thanks for all the help, and sorry for being a "noob". ;)

**Is there someway I can change the title of the thread? ie. not Directories
 
Hmm. Odd. The AD plugin should be grabbing all that info from AD for you, in the area I specified in my previous post. The AD plugin relies on a kerberos realm as well, which I'm hoping is working in your environment? Take a look at that as well!

You can check to see how OS X is reading your AD using the dscl command line tool. Open up a terminal and type in dscl and hit return. From there, cd Active\ Directory/domainName.com/Users/ , or wherever your user accounts are stored. You can take it one step at a time and cd Active\ Directory, ls to see what's available, cd again, etc...

You're also in luck that the AD pluging can provide extensive logging capabilities!

First, put lookupd in debug mode by using this command in the terminal:

sudo killall -USR1 DirectoryService

Now, use this command to allow you to view the debug info of the AD plugin:

tail -f /Library/Logs/DirectoryService/DirectoryService.debug.log | grep ADPlug

The second command will find in your system logs any records by the AD plugin. Try logging in as an AD user and grep'ing out all the information left for you by the plugin.

No problem for the help. This is what I do all day! We were all new at this at one time or another! :)
 
You must log in or register to reply here.
Back
Top