Friday, August 12, 2011

OS X Lion not creating a local home folder for network users

Update: 3/27/12


After a few months of relying on Snow Leopard, I had to get a new Macbook so this topic has come back up. I'm happy to report that the 10.7.3 update Apple released in early February appears to have fixed the mobile account issue this post was about. The only thing that still doesn't work is when disconnected from the network, domain users do not have admin rights on the machine even if they're in a group that Directory Utility has identified as an admin group on the machine. To get around this, check out my other post.


Update: 8/19/11
Apple released 10.7.1 yesterday, so I'm curious to see if it resolves these issues with network accounts. I'll have a chance to test it next week and will update this with what I find. If you're ready this and already tried it please leave a comment as to whether or not it works for you

Original Post

I use local home folders for the Mac users I manage, but the Macs are bound to Active Directory for the user accounts. In OS X 10.7 Lion this seems to be far from complete. First I couldn't get logged in with a network account, which required a workaround. Then after getting in, another error said the "The home folder for user xxxxxx isn't located in the usual place or cannot be accessed". This has worked fine in 10.4-10.6 but is now broken in 10.7. The problem appears to be related to OS X Lion having bugs with creating mobile accounts. By unchecking "Create mobile account", the home folder issue disappears. Supposedly I see a lot of talk of a 10.7.2 update fixing this problem, but since that update is in beta and not available to the general public that doesn't do much good. If you don't know where to go to uncheck the mobile account box, here's a walkthrough:


1. Open System Preferences
2. Go to User & Groups
3. Click Login Options in the lower left. You may have to authenticate first by clicking the lock icon in the lower left.
4. Under Network Account Server, click Edit
5. Select your domain, then click Open Directory Utility
6. Select Active Directory, then click the pencil to edit
7. Click to Show Advanced Options
8. Under User Experience you will see "Create mobile account at login". Uncheck this box
9. Click OK
10. Close your windows
11. Reboot and log in like normal

"Network accounts are unavailable" when logging into OS X Lion

Update: 3/27/12

I essentially gave up with the Mac Mini waiting on an update that solves the problem, and apparently 10.7.3 completely flew under my radar. I had read 10.7.2 still had issues, but in 10.7.3 one of the primary bugs Apple says they fixed is authentication with directory services. I had to get my first new Mac in a while this past weekend and was going to back rev it to run Snow Leopard, which turns out to be a pain. If you're looking to do it, check this article. Essentially you need a second Mac running Lion in order to use Target Disk Mode to install Snow Leopard on the machine.

In the testing I did today after updating to 10.7.3, it appears that both mobile accounts and the network unavailable issue have been fixed. The network unavailable may still show up for a little bit, but it disappeared for me within a minute. Having mobile accounts working also makes it easier since after the first login the user won't need to wait for the network account availability to change.

Update: 8/19/11
Apple released 10.7.1 yesterday, so I'm curious to see if it resolves these issues with network accounts. I'll have a chance to test it next week and will update this with what I find. If you're reading this and already tried it please leave a comment as to whether or not it works for you

Original Post


If you use Active Directory user accounts with your Macs, you may run into this issue after upgrading or introducing OS X Lion. Hopefully Apple comes out with an update to fix it soon, but in the meantime there is a workaround. You can add a custom search path to the Authentication tab and that seems to work. Here's a walkthrough:

1. Open System Preferences
2. Go to User & Groups
3. Click Login Options in the lower left. You may have to authenticate first by clicking the lock icon in the lower left.
4. Under Network Account Server, click Edit
5. Select your domain, then click Open Directory Utility
6. At the top, select Search Policy
7. Under the Authentication tab you should see two paths: /Local/Default, and /Active Directory/YourDomain/All Domains, where YourDomain is a placeholder for the name of your domain name. Click the + to add another
8. You should see /Active Directory/YourDomain listed as an additional option. Select it and click Add
9. Move /Active Directory/YourDomain above /Active Directory/YourDomain/All Domains so it has a higher priority
10. Click Apply
11. Reboot and log in

Thanks to juiced2010 at macrumors.com for posting that the solution.

Thursday, August 11, 2011

Mac OS X 10.7 Lion scrolling is inverted

After having my first hands-on experience with Mac OS X 10.7 Lion, one thing I noticed right away is that Apple thought it was a good idea to try to change the way people use scroll buttons on mice. They've set the default to be inverted, so if you scroll down the screen moves up, and scrolling up the screen moves down. I I'd guess this is because of their new swipe gestures to control your computer, but for someone like me who likes a two-button mouse it makes scrolling seem backwards. It's a simple fix though if your preferences are the same as mine:

1. Open System Preferences
2. Go to Mouse
3. Uncheck the box at the top that says "Move content in the direction of finger movement when scrolling or navigating"
4. Close System Preferences