- Telling Your Server How To Share with Other Macs
- Now That the Servers Ready to Share, Create Some Share Points
- Three Share Points that Apple Assumes You Need (But You Probably Dont)
- Making Share Points Behave
- Automounting Share PointsIts About More than Just Connecting Them
- Giving Permissions to Share Points and Files Within Them
- When Owner, Group, and Everyone Arent Enough: Access Control Lists
- Theres No Place Like Home, Even If Its a Home Directory Nowhere Near Kansas
- Configuring Home Directories
- Using Quotas to Keep Users From Storing Too Much Stuff
- When Do You Actually Build Home for Your Users?
- Securing Home Directory Access
- Making Users Feel More At Home By Altering the Home Directory Template
- Saying Goodbye to Users and Deleting Their Home Directories
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Configuring Home Directories
Home directories can be stored on the server that is hosting an Open Directory domain or a supporting server that is bound to an Open Directory domain. Home directories must be located on automounts and they should be automounts designed to be used for home directory storage, as described earlier. The share point being used for home directories is best used only for home directories, not for other files or folders.
The best practice is to dedicate an entire volume for home directories and to use a volume that is as fast and fault-tolerant as possible. With Mac OS X 10.3, the entire path leading to a user’s home directory (beginning with /Network) can be no more than 89 characters in length. This limit includes the 39 characters of the path that Mac OS X workstations apply when connecting the share point and counts each slash in the path as a character. Keeping home directories at the root level of a share point and using a shortname for the name of the share generally will accomplish this.
Permissions on a share point for home directories should be set so that either the root or admin user is assigned as the owner for the share point, with read/write access. In theory, you can assign groups to the share point, but only members of the assigned group will be able to have home directories in the share point. Generally, the Unix groups wheel or staff are assigned as the group for a home directory share point. The group and everyone settings should be set to read-only. Each user will be assigned as owner of his/her home directory when it is created, with full read/write access to it. Other users will, by default, have read access to all folders except for the Library folder (though it is possible to adjust these permissions for more private home directories).
After the share point is created, select the user in the user accounts list and click the Home tab in the account information pane. As shown in Figure 5, the Home tab is dominated by a list box labeled Where. This list box will contain every automount share point that has been created in the directory domain that has been designated for home directory use. If you want to use one of them, select it. The path to the user’s home directory will be displayed above the list box in both standard URL format and as a file path from where the share mounts in the /Network directory of a workstation.
)
You can also create custom home directories. Custom home directories fall
into two categories: those that are located beneath the root level of a share
point and those that do not use a user’s shortname as the name of the home
directory. To create custom home directory options, click the add button beneath
the list box (the button that looks like a plus sign). In the resulting dialog
box, enter the URL of the share point (for example:
afp://server.company.com/home_folders). It makes no difference whether you
include a slash at the end of the share point URL. Then enter the path within
the share point to the folder that the home directory will be stored within,
without placing a slash at the beginning or end of the path (for example:
staff/fourth_floor). Finally, in the home field, enter the entire path beginning
with /Network to the user’s home directory and ending without a slash (for
example:
/Network/Servers/server.company.com/home_folders/
staff/fourth_floor/johndoe).
Included in the Where list box is an option for None. When None is selected, the user will not have a home directory. The options for accessing a home directory through the Finder will either display the Computer level directory or the root level of the startup disk, depending on the version of Mac OS X is installed on the workstation. Selecting no home directory does not allow users to have a customized work environment that follows them regardless of workstation.
After you configure a home directory, whether it be a standard, custom, or no home directory, click the Save button to include the home directory in the user’s account.