Jamf Nation Community

CasperSally · ‎09-20-2012

Our binding process (AD) creates a mobile account, with home directory pointed to local startup disk. We want files to all be local, but network home directories to mount.

If I image a computer with no MCX settings, the default mobile settings in users/groups is Sync Automatically and login/Logout checked. "Sync only folders" is selected with no folders sync'd under that. You would assume nothing would sync.

We noticed every user who logs in is getting empty LibraryPreference folder in their network home folder, and there are a lot of connections to file servers (like thousands) when users are logging in/out.

Our file server admin would like me to try to stop these connections. I'd like to finally find MCX settings to set this to Manual and login/logout unchecked. Apple hasn't been helpful, and I also have a ticket in with JAMF.

I set these settings manually (without MCX) and looked at the homesync plist in userslibraryprefs. I was able to replicate this plist exactly using MCX - and confirmed the plist gets pushed to HDLibManaged Prefsusername.

However, in Mobile Account settings, it's setting itself back to the default sync automatically (other options grayed out) at login and logout (with login and logout boxes checked and grayed out).

I wonder if it's some timing issue where the MCX settings are coming down right as the login is happening, etc. We've seen some timing issues with MCX this year (we're all Lion, 8.52 JSS).

Anyone out there have MCX settings to set homesync to manual and uncheck and gray out login/logout buttons?

tkimpton · ‎09-22-2012

Try this to convert the home sync plist to a profile

https://github.com/timsutton/mcxToProfile

Thanks Tim & Gregg you have kept my sanity with this :)

CasperSally · ‎06-20-2014

Reviving old homesync thread - has anyone successfully used mcxToProfile or the built in mobility section of configuration profiles (in 9.32) to successfully set mobile settings to sync manually with no folders selected and no option for users to select folders?

I'm still striking out on this one. I can use the GUI mobility section in 9.32 to set it to sync no folders, and no folder seems to be created on server, but the folder list isn't grayed out so users can add folders to sync. With MCX on 10.8 I was at least able to gray out the folder list so users couldn't add folders.

franton · ‎06-20-2014

I've not had any luck. I was testing a whole bunch of manual array mcx settings for home sync but mcxToProfile failed every time I tried it. Got all sorts of random issues.

I eventually gave up and made a feature request to get array mcx implemented in Casper 9.

msnowdon · ‎05-14-2015

@CasperSally ,

I was wondering if you ever got your HomeSync locked down? I came across this thread when I was trying to figure out how to get it locked down with a Configuration Profile due to a Yosemite upgrade.

I had MCX Preferences locking it and just figured out how to make a custom Configuration Profile. Let me know if you still need help.

Mark

CasperSally · ‎05-14-2015

@msnowden
I'd be curious what yours looks like. Right now we use the built in Mobility payload, setting the rules --> preference sync and homesync tab to sync manually, with no sync folders listed.

Options are set to sync in the background 'manually' and we lock students/staff out of the users/groups pref pane so they can't accidentally enable it.

this worked well for us with 10.9 - haven't tested too much with 10.10 but haven't seen glaring issues yet.

msnowdon · ‎05-18-2015

@CasperSally ,

Attached is a screen shot of the Mobile account settings on Mavericks. Its set to automatic, but no folders are selected and everything is greyed out so no changes can be made. This was done with MCX Preferences but they stopped working with Yosemite. I was able to convert the com.apple.HomeSync.plist to XML using the "/usr/bin/plutil -convert xml1 /path/to/file.plist" command and then uploaded it to a new Configuration profile. I scoped it my Yosemite machine.

On the Yosemite machine, the entire "settings" button next to Mobile account in System Preferences>Users & Groups is greyed out and inaccessible to the user.

I'd attach my converted xml file and you could test it but I'm not sure if I can attach files in Jamf Nation.

Thanks

Mark

Jamf Nation Community

HomeSync MCX settings