Snow Leopard Server & Mobile Accounts

September 29, 2009

snowleopard.jpgMy last post looked at an issue where network users without a proper path assigned to their home directory in WorkGroup Manager would be unable to properly create a local home folder. This post looks at an issue with login failures that can arise with mobile network accounts under Snow Leopard Server. If you have mobile network accounts – AD or LDAP – that cannot login, jump to the bottom of this post for the fix.

After creating several network user accounts under Snow Leopard, I found that my test user account was unable to login. But instead of the standard shake of the login window that indicates a failed login attempt, the login window actually began to collapse as if the login process was starting – the login & password boxes disappeared briefly before reappearing suddenly & displaying the familiar shake to indicate that login had failed.

Interestingly, the user account could still be used to access system services without issue. Attempting to login to AFP shares or setup iCal for shared calendaring using the users login credentials worked fine.

Several reboots & rebinds later I dug through the system log to find the following error: error = Error Domain=NSOSStatusErrorDomain Code=-35 “Operation could not be completed. (OSStatus error -35.)” (no such volume).

Turns out the ManagedClient.app was unable to create the mobile account at login. The solution was to create it manually. On the client computer, login as an administrator & run the following two commands as root:

sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n username

sudo createhomedir -c -u username

This forces the creation of both the mobile user account & their home directory. Log out & log in with your mobile user’s credentials – you should be able to login without issue. This should work for both Active Directory and Open Directory mobile user accounts.

Thanks to Rich Trouton of the macenterprise google group for posting the fix!

As of this writing, Snow Leopard Server is at version 10.6.1

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: