A few weeks ago, we discovered that the second hard drive on our Mac mini server was failing. Which isn’t good. It’s still under warranty though so won’t cost anything to fix, apart from the inconvenience of having it taken away from our school for a few days.
And an inconvenience it certainly has been! The Mac server has been brilliant for managing all the little settings and preferences on the Macs and I’ve made much use of Workgroup Manager for tweaking this and fixing that. This makes it all the more painful when it is removed, especially with a large school full of an ever-increasing number of Macs.
All the Macs are bound to two servers: the Open Directory (OD) on the Mac server and the Active Directory (AD) on the Windows server. The AD manages usernames and passwords and serves up all the network drives, but the OD tells the Macs what to put in the dock, what drives to mount on login, and where Microsoft Office can put all its first-run registration windows (i.e. not on my screen!). Without the Mac server, the Mac will still let users login, but the dock will be empty, network drives won’t be mounted and everyone will come running to find me and demand access to their shared folders.
After some very helpful support from our wonderful reseller Toucan, I settled upon this plan:
- Make a local account and set it up just how I wanted it, i.e. applications in the dock and network drives mounted on login with credentials on the keychain.
- Log in as root and copy this home folder to all the Macs using Apple Remote Desktop.
- Tell teachers to login with the local account only.
The first part was fairly straightforward.
The second part was a little more tricky as it involved logging in as root, something I had not done before. But Apple give some easy-to-follow instructions how to do it. This gives the user unlimited powers to look in any folder and move anything anywhere, without running into permission errors all the time. Once logged in as root, I used Apple Remote Desktop to copy the home directory of the local user to all the Macs. I had already set up a local user previously, so I just reused that name and didn’t have to go to each machine and add a local account.
The annoying problem I ran into was that some Macs were still remembering all their managed preferences, even though the Mac server was unavailable. This would have been fine if every Mac was doing this, but it was inconsistent across the school and gave an uneven user experience. Thankfully, I found an article explaining how to flush the MCX cached settings. Et voilà, everything working fine. Or at least good enough.
I hope the Mac server gets fixed quickly!
It does make me realise why Apple is moving to profiles for managing preferences on a Mac, just like with iOS. That way, the client machine remembers the settings it’s been given, rather than relying on a continuous connection to a server. It’s just a shame that Profile Manager isn’t quite up to the job as of yet, particularly with OSX.
Primary ICT 