09
Feb

Forcing Mobile Home Directories to another partition.

So we never keep our user’s local home directories at /Users, primarily so that we can always blow away the boot partition with our imaging system without worrying about user data.

We’ve started using Mobile Accounts for some of our desktop users due to some limitations in the OS X Server AFP server, and it was kind of bugging me that new Mobile Accounts would always get created at /Users/username, and we’d have to faff around with niutil in order to change this after the account had been created.

So I’ve managed to work out a LoginHook that will force Mobile Accounts to another location, even on the first login… I’m just showing part of it here, the bit that deals with such users, so some bits might strike you as the long way round…

#!/bin/bash
#

homes_disk="/Volumes/Storage"
local_homes="/Volumes/Storage/Users"

lookup_local=$(niutil -read . /users/$1 2> /dev/null)
if [ "$lookup_local" != "" ]; then
        is_local=1;
else
        is_local=0;
fi

# If they are a local user.
if [ $is_local -eq 1 ]; then
auth_prop=$(niutil -readprop . /users/$1 authentication_authority 2> /dev/null \
				   | grep LocalCachedUser)

# If they are a mobile user.
if [ "$auth_prop" != "" ]; then
  logger "LoginHook: Started for Mobile Account - $1"
  home_location=$(niutil -readprop . /users/$1 home)
  # If their home directory hasn't been moved to $local_homes yet.
  if [ "$home_location" != "$local_homes/$1" ]; then
      logger "LoginHook: Moving home from /Users/$1 to $local_homes/$1"
      if [ -e $homes_disk ]; then
        mkdir -p $local_homes
        chmod 1755 $local_homes
        chown root:admin $local_homes
        /System/Library/CoreServices/mcxd.app/Contents/Resources/MCXCacher \
        -U $1 -h $local_homes/$1
        ditto /Users/$1 $local_homes/$1
        rm -Rf /Users/$1
        sleep 2
        lookupd -flushcache
        sleep 2
      else
        logger "LoginHook: ERROR! Could not find $homes_disk"
      fi
  fi
    logger "LoginHook: Finished for Mobile Account - $1"
else
		logger "LoginHook: Not running for Local non-Mobile Account - $1"
fi

# If they are not local, they must be a network user.
else
	logger "LoginHook: Started for Network Account - $1"
	# Do your stuff for network users here.
	logger "LoginHook: Finished for Network Account - $1"
fi

macosx, software and scripts | RSS 2.0 | Respond | Trackback |

Leave a Reply

Name and Email Address are required fields. Your email will not be published or shared with third parties.