Chat now with support
Chat with Support

Safeguard Authentication Services 4.2 - Mac OS X/macOS Administration Guide

One Identity Privileged Access Suite for Unix Installation The Authentication Services Mac OS X components Configuring the Authentication Services client Special Mac OS X features Authentication Services limitations on Mac OS X Authentication Services Group Policy for Mac OS X Certificate Autoenrollment

Configure automatic home folder mounting at join time

To configure automatic home folder mounting at join time

  1. When you are prompted for your administrative username and password, click the disclosure triangle.

    The Join Domain dialog displays:

  2. Select the User Home Config tab to expose all of the home folder mounting options:

Mount the Windows home folder or profile path

You can configure Authentication Services to mount a share that is specified as a UNC format path and stored on a user. The two most commonly used paths are found on the users Profile tab in ADUC.

To mount the Windows Home Folder or Profile Path

  1. Use Authentication Services to mount either the Home Folder or Profile Path on a Mac OS X agent at log in by selecting Use Active Directory UNC path for network home from the User Home Config properties.

Mount an alternate share at login

If you cannot use the shares specified in Profile Path or Home Folder for some reason (for example, if your Windows home shares are DFS shares), you can specify an alternate share at join time by specifying a network home path expression.

To specify a network home path expression

  1. Select Use the following path for network home from the User Home Config tab.

    Selecting this option configures the network home for all users on the machine. Because of this you must specify how the path name will be resolved for each user.

  2. Under User Path Expression, specify the appropriate user attributes in the path portion of the server URL.

    For example, if you selected Common Name and then clicked Insert Attribute, the expansion macro for Common Name (%c) is inserted into your path expression. The path expression may have text and expansion macros, or it may just be a single expansion macro with no other text.

Configure automatic home folder mounting using Group Policy

During deployment, installation and join usually happen in a scripted fashion from the command line. It is still possible to configure home folder mounting without using the graphical join interface, either through modification of the vas.conf file or by setting the appropriate options in group polices that apply to your Mac OS X machines.

The two options that have bearing upon home directory mount behavior are nethome and nethome-mount-protocol. These options are set in the vas.conf policy.

The nethome is either the name of the user attribute where the UNC path is stored ("homeDirectory" or "profilePath"), or it is the server URL expression for all users (that is, cifs://servername/sharename/%c).

If the nethome is specified as an attribute name, you can specify whether the path is mounted by means of AFP or CIFS using the "nethome-mount-protocol" setting.

Setting either of these options has no effect on any Authentication Services platform other than Mac OS X, so you can safely set it on a domain-wide Unix settings policy. Creation or modification of group policies is accomplished using the Microsoft GPOE on any Windows administrative workstation.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating