Need Methods for Changing AD Short Names and local Homes for Mac Users

[taco]

My company’s security admins are doing a pilot program, of which I am participating; to change Active Directory IDs from X to Y. Essentially renaming account IDs. For Mac OS, that would equal the short name. It has traditionally been a big boo boo to change an account’s short name on a Mac, yet this change is seamless for Windows users.

My Way—

I backed up my local Home with Retrospect, went to System Preferences>Accounts to delete my user account there, then logged in using my new short name, and restored the contents of my Home into my new Home folder.

— What I Observed–
My MBP uses mobile accounts from the AD plug-in. The mobile account parameters prevented login with using the new short name, because of the short name change. I could however login to my XServe using the new shortname.

Mac OS does not see my account with the new short name as the same as my account with the old short name. It sees two distinct accounts — Looking at /Users, I saw two different user folders. I expected that.

–Questions–
Is there a better way to move ownership of local Homes from the old AD short name to the new AD short name?
I have 60 Mac users to look after and all will eventually get new AD short names. Again, I am in the pilot program so I have some time to prepare for the changes.

We have Tiger 10.4.11 and Leopard 10.5.6- .7’s.

Any help would be appreciated.

[taco]

I sorta fixed it the cowboy way.

I made two AppleScripts that work when root or user 0 is logged in. The first script copies the contents of the chosen Home folder to /var/root/Desktop. The second AppleScript will create a new folder in /Users/ and deposit the contents of /var/root/desktop to the new folder at /Users. and chown rights to the name of the new folder. When you login again as the new user for the first time, Mac OS assumes the new ID is you and goes its merry way.

There has to be a better way, but this will do for now. I have tested the method both in Tiger and Leopard successfully.

——————
[b]Script 01[/b]

with timeout of 1800 seconds
set dialog1 to choose folder “Choose Home folder to move.”
set B to POSIX path of dialog1
set script1 to “sudo cp -rf ” & B & ” /var/root/Desktop”
tell application “Terminal”
activate
do script script1
end tell
end timeout

——————
[b]Script 02[/b]

set dialog1 to display dialog “Name of new home Folder.” default answer “”
set newfldr to text returned of dialog1
do shell script “mkdir /users/” & newfldr
tell application “Terminal”
activate
do script “cp -r /var/root/Desktop/ /users/” & newfldr & “/;chown -R ” & newfldr & ” /users/” & newfldr
end tell

[Author]

Posts