OS X Clients integration with AD 2003, roaming profiles?

[schilled]

Goals

1. Migrate all OS X users to Authenticate with Active Directory on a Windows 2003 Server box while having a way for the Users’ Home Directory to reside on a server without the requirements of a constant connection. We are basically looking for a similar set up to Windows roaming profiles that allow the user to log in and cache the profile locally so if there is a network problem the user can continue working and when the network is back up the user can log out and synchronize with the server version of the profile. [Side Note: In previous tests we have observed that OS X users with Home Directories on the server will lose all functionality if disconnected from the network at any time. A restart is mandatory to resume functionality.]

Obstacles

1. When the option under Directory Access: Active Directory (cache last user logon for offline operation) is checked the user will get a Home Directory created on the local machine but the user will not have any privileges to it, User “System” is owner with Group and Other having no access.

2. When we disable that same option in Directory Access: Active Directory, the user will get a Home Directory created on the Active Directory at first login.

Solution:
1. We have no flippin idea. Any help would be greatly appreciated. We are thinking we may need to use rSync or similar with a custom script to synchronize the local Home Directory with the Network Directory at login and log out.

[cborkowski]

tell you users to select “create” instead of “continue” when asked if they want to create a mobile account.

the continue option create the type of local account that has no rigts to almost everything. not sure why that option is presented.

I’m also assuming you did the whole song and dance to bind your mac to your doman otherwise you’d never get this option on “first time” log on.

[Author]

Posts