Network Home not from AD

Jason
Contributor II

Hello,

Currently I am testing Mobile Accounts for AD users logging into Mac (10.9.4). The purpose is to sync their data to a network share. My understanding is that the Home folder must be set in Active Directory for this sync to work, as the OS uses that path to tell it where to sync the users data. However, in our AD environment (for windows systems) we do not use that attribute. Instead we are setting home folders with Group Policy. Is there a way to still use Mobile Home sync, but tell the OS what the home folder path should be using JAMF instead of pulling it from the users AD account? (which would un-grey the mobile account settings button)

Thanks

2 REPLIES 2

Lewandowski
New Contributor III

We have not found any way to use the Mobile Home sync with AD. As far as I'm aware, this is specifically for Open Directory environments.

If you bind the computer to AD, the OS will find the smb path as the network home. You can leverage the rsync command to sync a particular folder (ie. Desktop) with the folder "Desktop" on the smb share. We have a script that runs the rsync commands and we set it to run at the login, logout, and every15 triggers.

Jason
Contributor II

@Lewandowski
I already actually have Mobile Home sync working with AD (as long as my home folder attribute is set in AD). I've only set this up manually and haven't tried to automate with JAMF yet, but it is working. All of my documents, pictures, etc. that I have selected get synced up to the network path. There was the occasional notification that there is a version conflict when I was working in Office for Mac, but it's not too common and everything else works great. Perhaps it's working with AD for me since I'm also using Centrify.

The problem with just populating that home folder attribute in AD is that we have an identify management solution which clears out that value about once a week. I could work with the AD team to exclude Mac systems, but was hoping there was a simple way to create a JAMF policy that runs a script to set it. Just not sure where on the system it gets set.