Local Mac User to an AD User that has the same short nameOS X 10.5.8
(Other versions may differ)
Here is the scenario. Mac User has a local account and his “Short Name” is muser and his Home Directory is muser as well. The problem is that when we join this computer to Active Directory, and Mac User logs on, it will want to make a Home Directory for him with the name of muser.
So, we have to delete the local Mac User user, but preserve his Home Directory. Then we have to move it to the network Mac User user and assign the correct permissions.
Step One. Join computer to Active Directory. There are many guides out there on how to do this. Official Apple docs http://docs.info.apple.com/article.html?path=ServerAdmin/10.5/en/c7od44.html
Step Two. Log in as a different Local Admin account than the one you want to change. If one doesn’t exist, create one. If possible, back up the users Home Directory before proceeding just to be safe. Now go into System Preferences and then Accounts. Now, unlock things and then select “Mac User”. Now click the “-“ to remove him. You want to select the middle option on the next screen which is “Do not change the home folder (The home folder remains in the Users folder.)” Click “OK” and then log out.
Step Three. Click on the “Other” option at the Login screen and log in as the network Mac User account to create his profile. When you are asked to create a mobile account, click the “Create Now” button. Log out and log back in as the local Admin account you were using in step Two.
Step Four. Open the terminal and enter the following:
sudo rm –r /Users/muser
sudo mv /Users/”muser (Deleted)” /Users/muser
sudo chown –R muser /Users/muser
If this user should be a local admin, click the “Allow user to administer this computer” box under his profile. Log out.
Step Five. Log in as the network user and all your programs, data, and settings should be moved over to the new profile.
Step Six. You may have to fix the keychain. If there is an issue with getting prompted for the keychain password, go into utilities and then click on Keychain Access. Right click on the “Login” keychain and at the bottom of the list you will see “Change Password…” Once you click it, you will be prompted for the old password and then enter a new password.
Done. Now the Mac user will be able to change their network password, be prompted when it is about to change, and most importantly, be required to use one. Your mileage may very so test out these steps in the lab first.
Post a Comment