Help

How to convert a local user account to a network user account?

ahmaduhhs
New Contributor II

Posted on ‎04-04-2016 06:09 PM

Hello Everyone,

I hope you can help me. I have roughly 25 Macs that need to be bound AD, and then to convert the local user profile to a network user account.

AD is in place and all users have active AD accounts. I was able to bind a Mac to AD login as a user and then I tried this instructions here but cant seem to get it to work also tried the reverse but it wont seem to work.

http://robotcloud.screenstepslive.com/s/2459/m/5322/l/112415-convert-local-accounts-to-network-mobile-accounts

Potential could I delete the local user account, choosing to keep the home folder then rename it to the AD account name or will that mess up permissions?

Thank you in advance for your help.

Reply
13 REPLIES 13

chriscollins
Valued Contributor

Posted on ‎04-04-2016 07:34 PM

@ahmaduhhs I do this all the time. Usually in the opposite direction but the long and short of it is the same.

1.) Delete either local account or cached mobile account, keep home folder.
2.) Make sure original home folder's name matches new account's short name and rename if necessary. 3.) Make sure permissions on home folder match new user account's UID using the chown command.

You can script this or do some other more fancy things but those are the basic steps.

Reply

rtrouton
Release Candidate Programs Tester

Posted on ‎04-05-2016 03:27 AM

I have a script that is designed to help migrate a local user to an Active Directory account. It's available via the link below:

https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/migrate_local_user_to_AD_d...

Reply

ahmaduhhs
New Contributor II

Posted on ‎04-05-2016 06:32 AM

@chriscollins Thank you for the reply. How do I make sure permissions on home folder match new user account's AD UID?

0 Kudos
Reply

ahmaduhhs
New Contributor II

Posted on ‎04-05-2016 10:43 AM

@rtrouton love it! Thank you man!
What is the best way to run it? Terminal > Local admin account?

0 Kudos
Reply

rtrouton
Release Candidate Programs Tester

Posted on ‎04-05-2016 11:16 AM

@ahmaduhhs, it's a .command file so it's designed to be double-clicked on to launch. It'll open a Terminal window and then the script's prompts will walk you through the process of migrating a local account to the equivalent AD account.

This script is also interactive, so you'll need to provide responses to questions and the script will then use that information to move the selected local account to the equivalent AD account. Once you've moved finished moving the accounts, select FINISHED from the script's menu and the script will exit and say Process Completed. It is safe at that point to close that Terminal window.

0 Kudos
Reply

ahmaduhhs
New Contributor II

Posted on ‎04-05-2016 01:38 PM

@rtrouton I must be missing something here :( df8b347c64224dca98689f9b3344dd2d
If I drag and drop into terminal i get this:
-bash: /Users/ad/Desktop/MigrateLocalUserToADDomainAcct.command: Permission denied

0 Kudos
Reply

mm2270
Legendary Contributor III

Posted on ‎04-05-2016 01:41 PM

@ahmaduhhs I haven't read Rich's post, but if the file is saved as a .command file, then you double click it to run it. You don't pull it into Terminal.

0 Kudos
Reply

ahmaduhhs
New Contributor II

Posted on ‎04-05-2016 02:29 PM

@mm2270 yeah i tried both ways and the s.s. i posted what comes up when i clicked on it, i also tried running through terminal for good measure.

0 Kudos
Reply

mpermann
Valued Contributor II

Posted on ‎04-05-2016 03:04 PM

@ahmaduhhs you may need to set the execute permissions on the file.

0 Kudos
Reply

ahmaduhhs
New Contributor II

Posted on ‎04-05-2016 04:26 PM

@mpermann sorry not sure how to execute permissions on the file :( sorry for being dense today.

0 Kudos
Reply

mpermann
Valued Contributor II

Posted on ‎04-05-2016 04:29 PM

@ahmaduhhs try the following:

chmod ugo+x /path/to/file.command

Then hopefully you can double-click the command file and have it run.

0 Kudos
Reply

ImAMacGuy
Valued Contributor II

Posted on ‎10-10-2016 06:59 AM

the script is a .sh, no?

for the netIDprompt, do I put in the user account I'm trying to fix or an account with domain joining permissions?

0 Kudos
Reply

bearzooka
Contributor

Posted on ‎10-18-2017 07:31 AM

Hey guys!

I am using a script pretty similar to this, but configured to run at next boot, so the current user (e.g. local) is the one that is converted from local to network user (e.g. uid0414).

Nevertheless, every once in a while, the whole thing is failing because the command (mv) that moves from the local to the network user finds that there's a folder with that name already, so it moves the whole tree below that old folder… the problem is that this is a freshly formatted machine!!! So I don´t know where this folder is coming from.

As a workaround I am copying (cp) instead of moving, but this is of course inefficient and slow.

Does any of you have a clue about how a clean install of Sierra might have a folder existing under /Users? Maybe after binding with the AD the machine gets information of previously existing users?

Thanks!

0 Kudos
Reply