[kman42]

I'm still trying to get NetInfo setup for a very simple domain hierarchy. I posted some questions prior to going on vacation, but the topic seems to have disappeared.

Basically, I want to have a single shared domain running on my G4/867. I then want to be able to login to the shared domain from either of two portables using Airport. The G4 is connected to a DSL modem through the ethernet port (192.168.1.1) and has an airport card (10.0.1.1) for the local network.

I have read Understanding NetInfo, but it gives instructions like "Make sure you have a valid DNS entry for your server".

Has anyone been able to set up a similar domain structure? Can anyone provide some suggestions for reading other than Understanding NetInfo?

thanks,
kman

[Kickaha]

I'm in the middle of such a setup right now... and good *LORD* is it more difficult than it really needs to be.

First off, I fail to see why you need to have DNS running if the machines are going to be fully private from the net... NetInfo was designed for simple maintenance of networks. (I, however, do need to have DNS running since I'm also serving up mail, accepting SMTP, the whole she-bang.)

If you're planning on having it be private, you should be able to:

1) Set up a shared domain on the server
2) Create shared users in that domain
3) Use Directory Setup on the client machines to tell them to bind to the server
4) Reboot all
5) Log in as the shared users

Now... some caveats I've run across.

First off, everything in NetInfo is checked at the local level *first*, then if it's not found, it checks further up the tree (server). So, if you have the same user/password in both domains, the local one hides the server one. This isn't what you want, from the sounds of it. (Me either, actually).

So, you either have to login as two different users depending on whether you're on the network or not, or have the lookup order be reversed for when you're on the LAN. (Laptops break some of the assumptions of NetInfo - it was designed for machines that didn't work offline...)

I've opted for reversing the lookup order, which is *NOT* supported by Directory Services. I'm still puzzling this one out (and there are some nasty gotchas involved, methinks - how NetInfo binds is determined by the Location in the Network System Pref... and you can't change it unless you're logged in as an authorized user. So, imagine that your Location is OnLAN, and you're binding to the server absolutely for user info. You then change the Location to Offline to prepare to shut down and leave work... except when the Finder (and all else) wants to shut down, it attempts to write the prefs, etc, to the *LOCAL* Home directory, instead of the Home on the Server that it *started* with. Bad. Conversely, if you instead decide to just shut down, and change it after booting next time, it can't find the NetInfo server, and hangs for a couple of minutes at boot, until it gives up. Then you can login and change the Location. But, I haven't determined that this doesn't alter the NetInfo bindings for the OnLAN Location, since Apple's done a good job of having the settings auto-configure. So, you basically seem to have to choose between bad app shut down (baaaaaaad) or an incredibly slow boot (annoying). I've poked around considering how Apple might add Location selection at boot, ala MacOS 9, but the GUI services are about the *LAST* item to launch at boot, far, far, after the Location is determined and set by DirectoryServices. So, this would likely have to be added to the Firmware, ala the boot picker that appears when Option is held down. Nasty problem.)

*whew*

Bottom line: interesting problem, eh?

[kman42]

Thanks. Do I have to add machine records for the portables in the shared domain?

kman

[Nyuni]

You shouldn't have to add machine records if you're just looking to have a simple shared domain on your server. I've set up a simple NetInfo domain for work, and it basically entailed creating a new Parent domain on the server with the network tag "network" and then using NetInfo Domain Setup on the server to "This machine is a parent". The quirky thing about it is, when it asks for a parent domain in NetInfo Domain Setup, you have to enter the server's IP address and the "Network" network tag in there, so it basically looks at itself. Then, populate the domain with users and shares by using the Server Admin application, The setup on the clients is pretty easy, use the "Directory Setup" app on both clients to make sure NetInfo is enabled (checkbox is checked) and under Configuration for Netinfo, check "Attempt to connect to a specific NetInfo server" and pop in the server's IP address and the network tag of the parent domain "network" (as default.) Click OK, reboot the clients, and if the gods are smiling upon you, you should be able to login. Phew. NetInfo is /way/ too complicated and convoluted for something as simple as setting up an authentication and filesharing domain. Apple really should spend some time polishing that sucker up.

Anyway, HTH.

[kman42]

I created a parent domain, used Domain Setup to set 'this machine is a parent" with tag 'network'. I populated the domain with sharepoints (my two drives and /Users) and users. When I login from the portable I get an error saying that it couldn't find the Home directory, perhaps the Users or Home directory has been moved.

Note: I can Connect to... the server when logged into the portable as another user (local to the portable) if I use the username and password for the shared user. This gives me the option of mounting either one of my drives or the /Users folder as you would expect given my sharepoint setup. This leads me to believe that perhaps my Home folder directory is screwed up in NetInfo (although I can log on using the shared user if I do it from the G4 (the machine that hosts the shared domain)). Do these values look correct:

home
/Network/Servers/localhost/Users/kurtman

home_loc
<home_dir><url>afp://localhost/Users/</url><path>kurtman</path></home_dir>

thanks,
kman

Also, even after a clean install I can't get server to display a list of users in the login panel. I just get the basic panel with username and password no matter how I set it up in preferences.