Mac Thread, AD-OD Error When Creating Home Folders in Technical; Hi
I'm playing with some virtual machines to get a flavour of how Mac's can integrate with AD, my setup ...
25th March 2010, 01:25 PM #1
AD-OD Error When Creating Home Folders
I'm playing with some virtual machines to get a flavour of how Mac's can integrate with AD, my setup is 2003 AD & OS X 10.6.
I've bound the Mac Server to AD using Directory Utility (DNS has forward & reverse lookup host A records, hostname resolving OK) & created an OD Server. Using Workgroup Manager I can see the AD accounts but when I try to create their home folders on the Mac (I've told Directory Utility not to use their Windows home folders) I receive the following error:
Error of type eDSNoStdMappingAvailable (-14140) on line 574 of /SourceCache/WorkgroupManager/WorkgroupManager-361.2.1/Plugins/UserAccounts/UserVolumesPluginView.mm
It seems to be some kind of authentication error, but I'm stumped :-(
IDG Tech News
25th March 2010, 07:49 PM #2
Sounds like your trying something that isn't possible without Augmented records, you cannot just specify an alternative home folder for AD users within workgroup manager directly against the AD account, this would effectively try to write the home directory back into Active Directory into a attribute that doesn't exist in the standard schema.
Maybe a break down of the steps you are taking would help to confirm this
26th March 2010, 10:08 AM #3
Thanks for the reply.
We are running a vanilla network with 1000+ windows computers & around 80 Macs. The Macs are used by the art department for extensive photo/arty type things that require lots of disk space. To this end we have a Mac server in the workgroup where these documents are kept. We have created user accounts in the workgroup manager the same as their windows accounts but obviously the passwords are different. This is causing confusion.
My plan is to bind the OS X server to AD for authentication, but when user logon to the Macs, they only get their Mac home folder, when they logon to Windows PC's, they only get their Windows user area. Administration of their usernames/passwords can now hopefully be done through AD.
I have followed the steps in the first post to achieve this end (hopefully).
Please be gentle, I'm a Mac newbie!!!!
26th March 2010, 10:23 AM #4
Sounds like you need to look at augmented records if you wish to work with live home folders, otherwise a local home folder with a network mount to the users folder on the mac storage, utilizing a push pull model may provide the best performance.
I would strongly suggest getting your mac suppliers consultants in to discuss your options, most will do this FOC I know we certainly do.
Also it might be worth setting up a couple of test machines with each solution to see which best suites your enviroment.
26th March 2010, 10:44 AM #5
If the Mac users were to have a local home folder, I can envisage the carnage!!!! (Cant find me work Sir. Which computer were you working on? Dont know Sir!!), sounds like live home folders for me.
Can you point me in the right direction for newbie augmented records information.
26th March 2010, 10:56 AM #6
In that case you have two options , syncing home folders that sync back to the mac storage, giving you local speed with the advantage of central backup and ability to move from machine to machine. This is easily implemented.
Augmented records is a little more tricky, I'm on site currently but when I'm back I'll dig out some links for you for both solutions.
26th March 2010, 11:06 AM #7
There are other options, although still not ideal.
I have a server sharing Mac user files with AFP, set up with exactly the same share names as the PC file server. Mac clients get a modified hosts file to point to this server instead and set to afp for the AD home folder. The biggest issue is that home folders need to be created for users manually and the permissions set as it is not automatically created.
I'm not even using a Mac server for afp as it's just too unreliable (10.6.2 directory service deadlock is an example). I'm using Extremez-ip on windows instead.
26th March 2010, 11:14 AM #8
DMcCoy - sneaky ! Lots of people do it like that though , it's easy to maintain with images.. Sometimes it trips Kerberos up and it's not really considered best practice, but if it works it works :-)
With regards to creating the folders and setting permissions we always script it, services in 10.6 are even better allowing us to build a service for the creation of users from say a text file.
26th March 2010, 11:16 AM #9
p.s ExtremeZ-Ip is a great product ;-)
Last edited by TomH; 26th March 2010 at 11:21 AM.
26th March 2010, 11:46 AM #10
Thanks, I'll await the web links.
I'll give this a dose of looking at when I get a minute.
26th March 2010, 06:16 PM #11
Augmented Records :
AFP548 - Record Augmentation - Part 1 - The Cylinder of Destiny
Synchronised Home Folders to Mac Storage :
As a Managed preference use com.apple.MCX with the following :
Synchronisation URL / string / afp://server.domain.com/Users/%@
No need for Augmented Records if your just using Sync.
29th March 2010, 11:48 AM #12
Thanks for this. Will give this a go at home this week sometime & let you know how I get on.
30th March 2010, 01:23 PM #13
I'm following the cylinder of destiny link, unfortunately I cant find the plist file I created to edit it
Can anyone help.
31st March 2010, 12:29 PM #14
The plist is entered into the augmentconfiguration within workgroup manager, so it's more of a entry than a file I suppose.
I'll dig some more links out for you when I'm back in the office next week, I think bombich has some automation scripts for creating your users augmented records.
1st April 2010, 01:17 PM #15
By dgrams in forum How do you do....it?
Last Post: 26th February 2010, 06:15 PM
By browolf in forum Windows
Last Post: 11th January 2010, 04:01 PM
By PiqueABoo in forum How do you do....it?
Last Post: 29th August 2009, 01:39 PM
Last Post: 26th January 2009, 11:01 PM
By dezt in forum ICT KS3 SATS Tests
Last Post: 24th November 2008, 02:08 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)