Help

AD User homes have only items placed by "Fill User Templates"

curiousgene
New Contributor

Posted on ‎06-25-2010 02:30 PM

I'm testing a Configuration that includes at base 10.6.4 image, an AD
binding and a fairly standard load of software - Office 2008, iWork, iLife
and so on. The AD bind is not creating a Mobile Account, is forcing local
home on startup disk, is using UNC path from Active Directory to derive
home. Some of my packages are configured to Fill Existing Users and Fill
User Templates, namely:

Adobe Reader 9
Firefox 3.6.4
Flip4Mac 2.3.3.3
Perian 1.2.1
Transmit 4.0.5

If I just lay down the base image and the AD binding, AD users can log in
just fine, and get a bog standard OS X home directory, with all the folders
you'd expect, owned by them.

If I lay down the base, the bind, and the above packages, when AD users log
in, all they get in their home directory is the files and folders created by
Casper filling User Templates, owned by the UID of whoever created the
package.

In the second case, if I remove the home directory and run "createhomedir -c
-u <username>", I get a standard, fully functional OS X home directory.

I tried just turning off Fill User Templates for all the packages, but AD
users are still getting some Casper-created items in ~/Library, and I really
can't figure out where they're coming from. With FUT off for all packages,
none of the stuff that's winding up in the user home is in
/System/Library/User Template. Is there some other place that Casper is
putting things that I'm missing? Anybody run into this before?

-- Gene Sullivan
http://curiousgene.com

0 Kudos
2 REPLIES 2

JimAllsop
New Contributor

Posted on ‎02-06-2014 05:17 PM

I think we might be having a similar issue. The problem I found with doing what you did by not filling out the user info is half of my packages did not work. When I enabled fill out user data it added the info of who made it like you said. If I deleted the users in composer before I made a DMG or a PKG none of those ever worked for me.

This is what I am doing to prevent this issue. (Right now I am redoing 8 packages actually) We have (2) user accounts in each of our Mac's. administrator and first.last of whoever the laptop is issued to. So I have a clean VM mac 10.9 with only one user administrator. I will make the packages that I have to using snap shot and because I have the user account administrator on all my macs anyways I will simply be adding to not adding me or my staff to each computer.

I am not 100% sure that this will work, but logically to me it sounds like it would.

0 Kudos

joshuasee
Contributor III

Posted on ‎02-11-2014 03:07 PM

I am running into the same issue. AFAICT, if a profile is present and an account is not a mobile account, it is invisible to Casper, which will not fill the profile, list it when you run jamf listusers, or list the user in the inventory record for that machine. While I can understand the reasons why, this omission is approaching bug territory and should be documented better.

0 Kudos