Skip to main content

We are currently in the process of migrating our staff to AD from local accounts. I am using the script from here



The issue that is coming up is that the local user loses rights to update applications and applications break as well and need to be reinstalled. After migrating a user, I found that the applications installed by the previous user is now owned by a UID (502). I tried to chown all the 502 applications to the AD account, however, the applications are still breaking.



Has anyone experienced this issue while doing AD migrations? If so, how did you tackle this issue? We are trying not to reinstall every broken app from updates.

Are you using a -R on your chown command?

I went through a domain migration a couple of years ago and wrote a post on how to fix these permissions issues. It's available from here:



https://derflounder.wordpress.com/2013/11/20/fixing-permissions-after-changing-directory-services/

I actually did this as well, however, apps were still unable to update. Just out of curiosity, do your AD users have local admin rights still?



I don't know if this is possible, but we want our users to be able to update their installed applications sitting in the /Applications folder without giving them admin rights.

I just want to put a note that the following code does work. 



find / -uid old_uid -exec chown -v username {} ; > logfile.txt


However, it does not chown items that have symbolic links. I was able to bypass this by doing



find / -uid old_uid -exec chown -Rv username {} ; > logfile.txt
Terms & ConditionsCookie settings