Yes, we used them for a while. But Apple has deprecated support for AFP and its broken all together in 10.11 for network homes.

I'm not sure if it would help your exact situation but you may want to take a look at Kumo from Indiana University and see if that may be a possibility. I know it can do on premise network drive mapping as well as the cloud services and they do have a Mac client (in beta). We are in the process of implementing right now with our institutions google drive. We have a similar setup where there is no 1 to 1 for our students.

I haven't seen any issues with our SMB and AFP workflow. Are you using profiles to set network drive authentication? If so, I would try using a script... the seem to be a lot more reliable. I rarely have files corrupted. I would check to make sure your drives are in good condition.

I can confirm, that there are a lot problems with Networkhomes, specially with Wi-FI Devices it's even worse!
Right know I'm changing schools from networkhomes to localhomes.

yes there are gonna be quite a lot homes on the local HD, but with jamf or other mdm solution it's quite easy to delete them like once a year or so!

I have a made a script with launchagent which redirects the finder favorites like documents ... to the networkhome from the user.
So what I do is, I create a user on OD with Networkhome and set it back to local, so basacally OD ist just here for authentication.

maybe a even better solution would be mobile accounts with only syncing the the most important library preferences from the user
and everything else like I told you.

But as I have heard these mobile accounts also seem to give problem.

since 10.6.8 these networkhomes got really bad I can confirm!

cheers

@chrisx Sounds like a good idea if you are experiencing these many issues. I know there are lots of good scripts out there than can clear out local accounts. You could probably modify it to you needs.

Happy Holidays!
Jared

Hi Jared,

You have any recommendations concerning the scripts what u use or so?

Or something that makes it easier switching from network accounts to local accounts?

Cheers

@chrisx I saw this yesterday. I think you could modify it to fit your needs.

https://www.jamf.com/jamf-nation/discussions/22485/converting-ad-mobile-accounts-to-local

We don't bind to AD anymore because I only manage a handful of devices and I not only found it time consuming and unreliable as well. We have had less help request when using local accounts. I will look for the script that clears out local accounts after a certain amount of time and post it here.

Jared

Hi Jared,

Well this script converts the AD User into a local user. But what happens if the user changes personal settings they will not be uploaded to the server, it's basacally just a converter switching from network user to local user right?

Cheers

@chrisx Yes. I would test it on a few machines. I think you would still use OD for authentication, but from then on, everything setting, history, etc would stay on the machines locally. All files would have to be moved using network drives or flash drives. We just switched right over from using OD with OS X server to local accounts when I swapped out laptops.

We have a similar deployment and we use AD auth and local homes out in shared-use classrooms and labs. We have student homes set to expire and be removed after x days depending on need so the disks don't fill. This might be a good fit for you and you wouldn't have to change much.

Hi Volker

This sounds very good!
We just use OD for authentication. While then home library is created new! Also I have a script running which redirects the favorites in Finder directly to the networkhome share from the user itself. So it will be easier to save files fro Word, Excel and others.

What are u using to delete the student homes on the the machine automatic.

Thanks for your reply

Cheers Chris

Chris,

Can you share your script?

We ditched our network homes for.....nothing. We now only have guest accounts, and student's are taught to save everything to the cloud (Google Apps account). On log out, everything gets wiped, and machines are set to reboot (wipe) weekly.

Easy for everyone, and teaches the student's a valuable skill.

We use AD accounts, but do not use network homes. Instead I run a dockutil script at login that creates an smb Dock shortcut to the user's network folder. This lets them easily access their network location without the trouble of network home directories.

We're also moving more toward Google Drive and OneDrive as many of you are.

Ideally what would solve the problem for us is if the setup, config and prefs for the Google Drive app would automatically travel or take effect on any computer an individual logs into.

I am also interested in solutions to this problem, but I do not see anything that would work for us in the responses above. We have a mixed Linux/Mac lab environment which currently uses NFS home directories for both, but the aforementioned problems with sqlite databases have made the Macs difficult to use. My first thought was to run netatalk on my home directory server and try to switch the Mac clients from NFS to AFP, but I cannot figure out a way to get them to mount, and agerson's original post suggests that AFP has the same problems as NFS.

We do not have Windows, AD, or cloud storage services here, so the only concern is for the Macs to integrate cleanly with the basic functionality expected of home directories. That means that settings travel with users when they log into different machines, and that files are available at ~/. I have strong reservations about resorting to a pile of scripts that cherrypick components to synchronize with a local home directory for a number of reasons. Some are aesthetic (it feels like a kludge) and others are more concrete (I can't predict which files any given user will generate). Synchronizing the entire home directory upon login and logout would take too long to be practical. My users are computer science students and faculty, so just giving them a prefab environment and telling them they're not allowed to change anything is not an option.

Is there nothing at all that can be done? When I look for information, most of the responses amount to "stop wanting that," and unfortunately this thread appears to be no exception. I see options for remote home directories in Server.app and I was able to host AFP homes from it in a test environment, but whatever method it uses to mount them is undocumented and I have not found a way so far to customize it for my own purposes.

@agerson this is the script I use it with OpenDirectory (Server App) you need to install mysides.pkg on the client.
also you need to create a Launchagent plist to let it run after the User logs in see below after the script! let me know if u ned help.

I'm using this with Networkaccounts with local homes, you can set in Server App.
I first create a user with normal networkhome so the userfolder gets created and then change the user to localhome in server.app

!/bin/bash

if [ "$1" == "" ]; then user=ls -l /dev/console | cut -d " " -f 4
else user=$1
fi

exclude=("root" "admin" "ladmin" "addmore")

Check to see if user is in the exclude list, if so exit

for x in "${exclude[@]}"; do if [ "$x" == "$user" ]; then logger "$user is a local user. Exiting..." exit 0 fi
done

osascript -e "try" -e "mount volume "afp://server.example.lan/$user"" -e "end try"

/usr/local/bin/mysides remove all
sleep 2
/usr/local/bin/mysides add Applications file:///Applications
/usr/local/bin/mysides add Documents file:///Volumes/$user/Documents
/usr/local/bin/mysides add Movies file:///Volumes/$user/Movies
/usr/local/bin/mysides add Music file:///Volumes/$user/Music
/usr/local/bin/mysides add Pictures file:///Volumes/$user/Pictures

add more etc

exit 0

---

Launchagent: My Script is located on every client in folder: /Library/MountScript/ the com.user.loginscript.plist file must be in /Library/LaunchAgent

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict> <key>Label</key> <string>com.user.loginscript</string> <key>Program</key> <string>/Library/MountScript/Homemount.sh</string> <key>RunAtLoad</key> <true/>
</dict>
</plist>

@agerson Hello all together,

not sure yet whether i am getting off topic, but it may be related: i try to cope with serious problems with everything related to or depend on SQLite DBs (esecially all things "Internet Accounts", i.o.w.: Mail, Calendar, Contacts; but also: Firefox) on AFP based network homes (OSX 10.11.6 on server and client) and then found agerson stating here:

"Yes, we used them for a while. But Apple has deprecated support for AFP and its broken all together in 10.11 for network homes."

Agerson, would you kindly provide some details in which regard AFP is to be considered as broken on 10.11? It may help me classifying my SQLite issues...
Would then switching to SMB as the protocol to base the homes on help these issues?
Or would upgrading to 10.12.x would better do it?

Any information would be great, as this issue really threatens the entire Mac project down here...

Best regards

exit 0

Under 10.11.x you could not use AFP for network homes. The OS would not mount it.

SQLite does not work on network shares by design. There is no way around it other than perhaps to symnlink directories that need to have sqlite databases to local directories. We have switched to AD bound local homes and not looked back.

Hello agerson,

actually the home directories always worked quite well for me (from OSX 10.5 throughout to my current deployment pn 10.11.6). I managed to resist the temptation to switch to SMB back then when it was advertised be the official successor and future route to go, thus i can't judge about SMB...

As i had multiple support sessions with APPLE, upon which they scrutinized my deployment twice thoroughly, they never complained about my architecture/NH so far and asked for dropping my network homes.

But sure: third party applications are a different topic (think ADOBE...).

I was so eager to stick with network homes ("Roaming Profiles") as we have a typical multiuser environment with shared machines and really need this feature. We practice the same on our Windows track.

In terms of SQLite: i am not far enough into the details yet, but what i'm told is that it's actually not the database itself that wouldn't work (corruption), but the means by which SQLite determines the integrity of the database which fails and then lock the DB for write access?!?

I also read (unfortunately can't recall where) about a version 3.x and above which is considered compatible (of sort) with network storage and for these reasons even got bundled in OSX/macOS from a specific version on (10.12 obviously?!?), which is my hope to get this last issue fixed.

Currently i don't have any devices handy to give 10.12.x a shot and verify that, that's why...