Active Directory user home directory set to /var/empty

benfifield
New Contributor

While trying to troubleshoot some weird problems with an account on one of our shared Macs, I noticed that the account was set to use /var/empty as its home directory. Does anyone know how to clear out this account's configuration on the Mac so that it creates a new mobile account for the AD user? The broken account does not show up in System Preferences, and there is no folder for it in /Users. I've tried

dscl . -delete /Users/account

but that just fails saying Invalid Path. This is a shared computer, and all of the other accounts are working correctly.

7 REPLIES 7

StoneMagnet
Contributor III

Try deleting them with the sysadminctl command. See sysadminctl --help for the syntax.

benfifield
New Contributor

@StoneMagnet No luck there. "User not found"

Thanks for mentioning that though, I hadn't heard of that command before!

StoneMagnet
Contributor III

@benfifield It arrived with Yosemite, and makes user related scripts much cleaner if you're not concerned about older versions of OS X (luckily all my installation's Macs are running El Cap).

draeconis
New Contributor II

We're having this issue as well here. Some user accounts are created as network accounts even if our AD bind is set to create Mobile accounts. This account's $HOME is set to /var/empty. The user then is spammed with requests to repair their Library folder, which if processed starts to effectively chown files/folders in /var/empty to the logged in user, which is bad. No idea why this is happening, or why only certain accounts seem affected.

mattiasvdm
New Contributor

Had the same issue today. Somehow the 'require confirmation before creating a mobile account' was ticked. The user got the question and clicked No. His home folder was created inside the /var/empty directory. I unticked the box and removed his homefolders from the /var/empty directory but this didn't help. Finally I found out that I could manually convert his network account into a mobile account. Go to system preferences - Users & Groups and unlock it. There you have a button saying 'Create mobile' or something similar. Click that and it will logout and ask for the users password. After that the account is mobile.

donmontalvo
Esteemed Contributor III

This happened a couple times to me when working remotely using a teleworker box.

Fix (for us, YMMV) has been to log in as a local account, ensure you are on your company network (teleworker box; or physically there), then unbind/rebind. Luckily we have policy triggers to do both.

PS, posting this now, because it just happened, and I remembered the fix, so sharing here.

--
https://donmontalvo.com

abaines
New Contributor

I am having this same issue, Sorta..

1 unbind from Domain A
2. bind to domain b
when I log back in even as a domain admin my account is trying to be created in var/empty
any help would be appreciated!!