Chat now with support
Chat with Support

Safeguard Authentication Services 4.1.5 - Mac OS X/macOS Administration Guide

One Identity Privileged Access Suite for Unix Installation The Authentication Services Mac OS X components Configuring the Authentication Services client Special Mac OS X features Authentication Services limitations on Mac OS X Authentication Services Group Policy for Mac OS X Certificate Autoenrollment

Automatically mount network home folders

When you Unix-enable an Active Directory user with Authentication Services, the default configuration for that user is that he or she will use a local home directory. The home directory path is populated with a Unix path (/home/<username>).

On Mac OS X systems, /home is replaced with /Users, aligning with the Mac OS X standard location for local home directories. Authentication Services supports the automatic mounting of network shares (SMB or AFP) using Active Directory credentials, but you must specify a server path. You can store this server path in the directory on each user as a UNC path, or as a per machine setting.

You can configure your home folder strategy globally for the entire domain using Group Policy extensions for Unix, or you can configure it on a per machine basis at the time you join your Mac OS X machine to the domain.

Configure automatic home folder mounting at join time

To configure automatic home folder mounting at join time

  1. When you are prompted for your administrative username and password, click the disclosure triangle.

    The Join Domain dialog displays:

  2. Select the User Home Config tab to expose all of the home folder mounting options:

Mount the Windows home folder or profile path

You can configure Authentication Services to mount a share that is specified as a UNC format path and stored on a user. The two most commonly used paths are found on the users Profile tab in ADUC.

To mount the Windows Home Folder or Profile Path

  1. Use Authentication Services to mount either the Home Folder or Profile Path on a Mac OS X agent at log in by selecting Use Active Directory UNC path for network home from the User Home Config properties.

Mount an alternate share at login

If you cannot use the shares specified in Profile Path or Home Folder for some reason (for example, if your Windows home shares are DFS shares), you can specify an alternate share at join time by specifying a network home path expression.

To specify a network home path expression

  1. Select Use the following path for network home from the User Home Config tab.

    Selecting this option configures the network home for all users on the machine. Because of this you must specify how the path name will be resolved for each user.

  2. Under User Path Expression, specify the appropriate user attributes in the path portion of the server URL.

    For example, if you selected Common Name and then clicked Insert Attribute, the expansion macro for Common Name (%c) is inserted into your path expression. The path expression may have text and expansion macros, or it may just be a single expansion macro with no other text.

Related Documents