[dcrew]

I should note the Guest User Access does resolve the issue… though it’s not ideal. And grants me the cached profile I want/need for our Mac users. I found that I had to turn off Authenticate in any domain for this to work and specify specifically our domain.

I’m curious about one aspect left to explore a bit. to have the cached profile you need to enable the Network Sync feature, that syncs the users home dir with network home. Is there a way to hide this feature from the user? I understand I could just turn it off but then it again disables the caching of the profile to allow for local management and off network logins.

[dcrew]

One thing I found with Win2k and NT domains… if you manually add the Mac Computer name to the directory first then bind the Mac, telling it you want to join the existing account you should have success.

I also found that with 10.3 there was greater ease to bind with 10.3.7 and higer.

We’ve moved to Win2003 servers here before our 10.4 issues I’m looking into so I can’t help there.

[dcrew]

Thanks for the replies – However I’m still having issues. The main reason I want the local managed accounts has less to do with allow network syncing of home directories and more to do with having the users information cached in NetInfo, as it was with 10.3. This allows for non-network login. Something our laptop users need. Unfortunately there doesn’t seem to be a way to do this unless you create a mobile account. Unless the call that used to be available through the UI is now only available through dsconfig to cache last user login.

I did find that the guest user access worked on a previous image. However after getting that to work I restarted the build process and now found that it no longer resolves the issue. I’m looking into what may be causing this. I’m curious why the automount would try to call for a folder prior to authenticating the user especially when it has to authenticate the user to even initiate the login process.

The share points are on a Win2003 cluster being shared via smb.

[dcrew]

I’ve actually got another post on this subject. I’m not sure the UID error is actually a real problem. The consensus is that it’s a common error. It seem to be related to the mount call for the users Home Directory from a Windows server. In our case a Win2003 server with a cluster sharing up the users home directories.

I found a temp solution but it doesn’t seem to be 100%. Giving Guest read access to the users home dir seems to allow the mount to happen. Atleast this is the case most of the time. However I am running into an issue now where our new build Image won’t work and is providing me with two errors. I have another post in this forum you may want to look at that I will be updating today.

[dcrew]

If you turn on Create Mobile Home Folder in the AD plugin and disable the sync – if you’re not looking for that – Then 10.4 will cache the user in NetInfo and Create a homefolder if it doesn’t find one. First logon takes about 10 seconds to authenticate and then a few more to create directory. In 10.3 this was accomplished with the Cache User Last Login and selecting yes to Create Mobile Account on first login. At least that was the GUI way.Nice about both is that if the network is down or not available, ie notebook, the user can still log in.

[dcrew]

I beg to disagree with that. That error never arises on our 10.3 systems and I managed, unknowingly how, to get one system to work on this network with 10.4. Yet the UID error does not occur. Unfortunately this system is not something I can build an image from but even if I could I’d want to know what was different.

However if what you are suggesting is right then I’m in a bit of a bind. There doesn’t seem to be anything else in the log relevant to the problem. I’m able to communicate with the Active Directory domain controller via command line and poll for users and even log in via command line as network users. I’m able to bind successfully to the domain as well. This occurs with new test user accounts as well as existing accounts. Is there anything else I should be looking into as to why the mobile mounts won’t work then?

[Author]

Posts