Help

Convert Network Account to Mobile Network Account?

mccallister
Contributor

Posted on ‎07-19-2017 12:17 PM

We are trying to implement a onedrive sync solution. On our campus users authenticate with AD credentials and their home share is created on the Mac. One of the steps after creating the symbolic links is to do a chown on the links for the user. The problem is that they are network users, so they are not in the list of users on the mac and you will get an illegal user error.

If the account is a mobile account we can do the chown. So, how can I convert a network account to a mobile account? One proposed solution that will not logistically work for us calls for having the user login, checking the box for mobile account, and then we have to provide admin credentials. With a few hundred machines that is just not feasible.

The other proposed solution I have read also has its own issues. That would be to create a local account, and when it bugs about the home share already existing to select that one. The issue with that solution is in the account creation process you have to provide a password for the account. I do not know their passwords and if I pick something else the user will get keychain errors upon logging in.

0 Kudos
3 REPLIES 3

rmiltenb
New Contributor

Posted on ‎07-20-2017 12:07 PM

did you try this from terminal?

sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount –n <username>
0 Kudos

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎07-20-2017 12:58 PM

Hi, if you set the AD connector to create mobile accounts at login, it will happen automatically when they next log in.

I'm not sure if mobile accounts is what you need though. Could you expand a little on

"One of the steps after creating the symbolic links is to do a chown on the links for the user."

What are the symbolic links to / from?

and

"their home share is created on the Mac"

Do you mean they have a local user folder on the Mac in /Users, or something else?

Regarding chown, if the Mac is joined to AD, it can see the users in that directory and chown would work. I suspect you've got another issue at play there.

0 Kudos

Look
Valued Contributor III

Posted on ‎07-20-2017 02:15 PM

You can force mobile accounts using a configuration profile under Mobility.

0 Kudos