home directory on different computer

rraburrabu
Posted:
in macOS edited January 2014
I was just helping a few fellow grad students with their new G5s (I'm so jealous because by supervisor is a microsoft head and gave me a 5 year old hand-me-down PC) in hopes of gaining access to using them as well. Anyway, their supervisor got these 2 computers and none of them know how to really use them (like mounting shares from other servers and such). Here's the main problem though. They have 2 G5s used by several students and they created accounts on each for all their students. Now each student has a home directory and such on each computer. How can the accounts be changed so that the home directory is on some other server. We have file servers on campus that serve out home directories and such already. Can this be done via samba?



Also, how could they get their accounts authenticated to our campuses kerberos server? I'm guessing this is all done via directory services or something. Would all these setting have to go in per user or is there a more global area that would affect all users.



Thanks in advance. Sorry if this should be in "genius bar".

Comments

  • Reply 1 of 5
    mr. fantasticmr. fantastic Posts: 123member
    I've never done it personally, but the means to do it is there. From what you're telling me, it sounds as if the campus has active directory - a user can log in as them selves on any computer (amazing considering how we did the same thing with terminals 20 - 30 years ago and slowly moved away from that model...) To do it in Jaguar - forget it. You'll most likely need an OS X server in the mix as well. Panther is supposed to finally make active directory integration a snap. Thursby software also has a package called Goliath that's supposed to help in active directory integration. All in all - you should be able to log in to a home directory that's hosted on a NT box from a Mac running OS X, it's just not easy to set up. Hell, I tried getting that info from two Apple engineers and they never could give me a straight answer.
  • Reply 2 of 5
    cubistcubist Posts: 954member
    People do this on Suns all the time. They mount a volume on another machine at a mount point and the home directories are there. I don't see why it would be hard to do under Mac OS X.
  • Reply 3 of 5
    thuh freakthuh freak Posts: 2,664member
    i dont know about the kerberos part, but i think i can do the homes from foreign hd part. have an admin login with admin privs. mount the dir which contains all the users' home folders (hoping they are all within the same branch of a hierarchal tree on a hd, tho it wouldn't be too hard to deal with multiple branches/trees). you can probably script that mount part, and have it run at startup. you may have to lookup the exact wording, but it should be the `mount' command. samba may have a special program for this, but mount should be able to do it, with the right args. i think its like 'mount -t smbfs -o userass /mountpoint', presuming that your shares are samba/cfis shares (ie, windows shares).



    nExt step, the dirty netinfo database. an admin is gonna have to pop in there, and update each user's home folder, to point it the the mount position of the share (with the user's name concatenated of course). don't worry, this part can also be scripted. i think the necessary command is niutil, or something like that. check the man pages for exacts. oo, you can probably even write a script that will check if the currently logged in user has a foreign home folder, and if so, to have it change its own home place to that foreign folder.



    actually, instead of the second paragraph there (which is still possible), you could mount the share to /Users. if it contains a single folder per user, each named after a certain user, then you dont have to mess with each user's home folder setting in netinfo.



    i just thought of a potential issue. each user is identified by a UID, which would also have to be transferred to the mac computer, or its designated netinfo db. i'm not sure of an easy way to do that. its probably still pretty easy, but i cant think of exactly how to do it.
  • Reply 4 of 5
    staphbabystaphbaby Posts: 353member
    To just share files between the machines, you could use alogin to automatically log them in to one or the other machine when they log in; or you could mount the other machine as a file server (cmd-K in the Finder), and make an alias to their user space on it so they just have to click on the alias to go to the other machine.



    Alternatively, you can share user spaces between the two machines through NFS shares, although you'd only really want to do it if you were sure that the network was stable enough to not present any problems, and if the machine you were exporting the filesystems from was going always to be on.



    This involves setting up one machine to export the filesystem (i.e. the user folder), and the other machine to mount it, and make it a particular users home folder. All of this can be done in the NetInfo Manager (or using nidump/niload on the CLI). UIDs will need to match up; you'll need to have administrator privileges.



    I've never done this before, so caueat emptor:



    Setting up NFS Exports



    (1) Open the NetInfo Manager

    (2) Click the lock to make changes and authenticate as administrator

    (3) BACK UP THE DATABASE (Management>Save Backup): killing the NetInfo DB makes your machine... problematic, shall we say.

    (4) Click on the exports directory (/exports); if it doesn't exist, create it

    (5) Click "New" to create a new subdirectory

    (6) Name it for the filesystem you're exporting (e.g. /Users/foo)

    (7) Give it some properties: (cmd-shift-N)

    (a) clients: the IP address of the machine/s you're exporting to

    (b) opt: any options you want (see man exports for details); for example, you might want to use maproot=root

    (c) name: the filesystem i.e. /Users/foo in this example

    (8) Save changes

    (9) Reboot, and pray you haven't killed your NetInfo DB.



    Setting up NFS Clients



    (1) Open the NetInfo Manager

    (2) as above

    (3) ditto

    (4) Click on the mounts directory; this should exist

    (5) ditto

    (6) Name it for the remote filesystem (e.g. /Users/foo)

    (7) Give it some properties:

    Property Value

    (a) "vfstype" "nfs"

    (b) "passno" "0" (that's a zero)

    (c) "dir" your mountpoint, the directory which will contain the NFS share: this MUST exist e.g. "/netusers"

    (d) "dump_freq" "0" (that's also a zero)

    (e) "name" [the name of the NFS server]:[the full path to the exported directory] e.g. 192.168.1.1:/Users/foo

    (f) "opts" "w"

    (8) Save changes

    (9) Reboot, and pray



    Go to the CLI and type "mount" to see if your exports/imports are working (they'll be listed with something like



    "/dev/disk1s7 on /Users/foo (NFS exported, local)"



    Finally, select the /users directory in the NI DB on the client machine, select the user who's directory you just shared, and edit the home directory value to the mountpoint and name of the directory you just shared. Here it might be "/netusers/foo"



    Once again: I've never actually done this, so don't quote me on it. Comments anyone?



    This might be explained more clearly here for clients and here for servers.



    If you want to get a bit more tricky, you can set up a NetInfo domain to parent to other machines (but which to work will still need the NFS stuff), or do LDAP or Active Directory...
  • Reply 5 of 5
    rraburrabu Posts: 264member
    Thanks for the answers. For now, I've already showed them how to simply mount their home directory using samba. (And I made an alias to make it easier for them in the future.)



    We do have active directory on our campus for the windows machines. We also use nfs on all the unix and linux machines to have a common home directory no matter where you login. Actually, the windows home directory is in a subdirectory called "winhome" in the unix/linux home directory. I doubt nfs is an option though as I believe that would give the admins of the G5s (some profs/students) access to too much (root access to other people's stuff on the mounted drive). Although I may be wrong there. Active directory and/or LDAP seems to be the way to go.



    I found out that this group is awaiting the arrival of another G5 which will act as a server (don't know if they are getting OSX server on it or not) so I guess they will figure more stuff out then. I'm guessing accounts for the handful of students using these computers on the server and the 2 G5s authenticating to that.



    It's too bad that our department doesn't set up the xserve that was purchased over a year ago so that students or faculty or anybody could use it. But I guess if people actually communicated and worked together, this wouldn't exactly be a university. Long live chaos!!
Sign In or Register to comment.