Welcome to the MacNN Forums.

waffffffle · Oct 19, 2001, 03:57 AM

The option to have an "Other User" button so that a suer can log in over a network is in the Login preference pane. My question is, where the hell do these users come from. What server package out there supports this kind of relationship with OS X? Does X Server do it? This certainly isn't part of Mac Manager since that only works with OS 9 clients. And if a user can log in, where is their profile generated from? Is their home directory stored on another machine? Has anyone gotten this to work in some way? My school really needs a solution like this, so it would be great if someone could explain this. Thanks.

malvolio · Oct 19, 2001, 10:16 AM

AFAIK, the "other user" button is only there to allow logging in as root or >console (sigh).

spicyjeff · Oct 19, 2001, 11:05 AM

Yes OS X Server supports this. But you can do it with client as well with the built in Netinfo database. Read up on Netinfo and BSD and then start playing with the Netinfo and Network manager.
Back with 10.0.x I had it setup so that my iBook (using Airport) logged in using a network account created and hosted on my G4.

waffffffle · Oct 19, 2001, 04:15 PM

Does this ONLY work with netinfo? Can it be made to work with NIS? My school knows nothing about netinfo but we have had unix systems with NIS for decades and they would be extatic to hear they can get it to work with NIS. I have been hearing that NIS is disabled by default and Apple won't provide support for it. And if you enable it on an OS X server then it only works if you're physically logging in to that machine via NIS.

Whatever, I'll look into it. Thanks. Oh, also, this netinfo stuff is so confusing! And their no docs for netinfo that comes with 10.1 client!

naepstn · Oct 19, 2001, 05:16 PM

Check the Apple KnowledgeBase for Article #106499, or do a search for "Binding NetInfo to an NIS Domain." This can be done either in OS X Server or OS X (client) 10.1. I'm assuming that if you have NetInfo bound to NIS, then you can log in as "Other" and enter any user/pass that NIS accepts. I have yet to try this though, and may not ever, since on my iBook, NIS is less useful than on a desktop machine that's always on the network.

Hope this helps. Cheers!

Rickster · Oct 19, 2001, 05:49 PM

There's some pretty decent NetInfo documentation available from http://www.apple.com/macosx/server/.

graphiteman · Oct 20, 2001, 09:30 PM

Originally posted by spicyjeff:
<STRONG>Yes OS X Server supports this. But you can do it with client as well with the built in Netinfo database. Read up on Netinfo and BSD and then start playing with the Netinfo and Network manager.
Back with 10.0.x I had it setup so that my iBook (using Airport) logged in using a network account created and hosted on my G4.</STRONG>

Could you point me to an article that tells me how to do this with 10.1 client/netinfo?

kennedy · Oct 21, 2001, 06:26 PM

Originally posted by graphiteman:
<STRONG>Could you point me to an article that tells me how to do this with 10.1 client/netinfo?</STRONG>

I have it set up on my network at home. It works well, now that
I've figured out that I should not let my server machine go to
sleep!

DISCLAIMER: While the below works for me, I do not guarantee
it to work for anyone else. Doing the following could result
in very bad things... your Mac may never work right again!
I am neither Mac nor Unix expert; I am an idiot; and you
should never take advice from idiots.

The easy way is to buy OS X Server which gives a pretty GUI for
this stuff. But if you want to do it with normal OS X, here's
how:

1) Enable root user on your server machine.
(If you don't know how, I suggest you not continue.)

2) Backup netinfo database.
su root
cd /var/db/netinfo
cp -r local.nidb local.nidbak

If you ever need to recover, you can just:
su root
cd /var/db/netinfo
mv local.nidbak local.nidb

3) Open Netinfo Manager and authenticate yourself.

4) Export the directory to contain your user directories.
Select root level of database.
Add subdirectory; name it 'exports' (assuming one doesn't exist).
Select 'exports' and add subdirectory.
Name it with the path that you want to export (i.e. /Users).
Add a 'clients' property with no value (to allow everyone).
Add an 'opts' property with no value, or with any options
you would like (esp. the 'alldirs' value to allow you to
mount any subdirectory of this export).

5) Mount the directory that will contain your user directories.
Select the '/mounts' directory.
Add subdirectory; name it "127.0.0.1:/Users", assuming that
is the directory where your network accounts are.
Add property 'dir' with value "/Network/Users".
Add property 'vfstype' with value "nfs".
Add property 'opts' with values "bg", "union", and "w".
For more info, see "http://www.burntchicken.com/rich/osxnfs.html".

6) Select '/machines/localhost' and Duplicate it.
Set the name to 'netserver' (or most anything?).
Append an additional value to the 'serves' property: '../network'.

7) Select menu Domain->Manage Domain->Hierarchy and 'create a new
master server on this host', the last option in the list. You
can check to limit access to the data to the LAN.
Netinfo Manager sometimes unexpectedly quits, but it did what
it needed to. Quit it in any case.

8) Launch the program /Applications/Utilities/Directory Setup.
Deselect the first two options and select connect to a
particular server: "127.0.0.1" and "network" tag.

9) Go to System Preferences, select Energy Saver, and then
drag the top bar to 'never'... you never want the server
to go to sleep because when it does the other computers
that have mounted directories will hang on the next disk
access.

10) Restart the server.

11) Launch Netinfo Manager. The 'local' domain will open.
Click on the globe icon to open the parent domain.
The 'network' domain will open.

12) Authenticate yourself in each; in the 'network' domain you
authenticate as 'root' with the same password.

13) Create users.
Select '/users' in the 'network' domain.
Switch to 'local' domain and select a particular user
defined in '/users'.
Drag from the blue folder icon of 'local' over to the blue
folder icon of 'network' in order to copy a user.
If the users you want defined for the whole network are
already defined, you can continue copying them; if not,
just Duplicate entries as you go.
For each copied/duplicated user, you will need to change
all property values to have the desired name.
You will also need to change the home directory location
to /Network/Users.

14) Proceed to L1 below for one client machine, set up that client
machine, test... only if working should you finish cleaning
up the server.

15) [Skip this step until you've tested that all is working.
Then just delete one local user and test. Then delete rest.]
Delete local users that conflict with network users.
Select the 'local' domain, '/users' directory,
and then select each user you've copied over to 'network'
domain and delete it from the 'local' domain.
Make sure you leave a local admin account!
If you don't, and the network stuff fails, you will have
no way to login and fix things!!
You may want to rename it 'admin' to avoid conflicts if
your existing admin account is to be a network account.

16) Restart the server.

FOR EACH CLIENT MACHINE...

L1) Open Netinfo Manager and authenticate yourself.

L2) Mount the directory that will contain your user directories.
Select the '/mounts' directory.
Add subdirectory; name it "<server-ip>:/Users", assuming that
is the directory where your network accounts are.
Add property 'dir' with value "/Network/Users".
Add property 'vfstype' with value "nfs".
Add property 'opts' with values "bg", "union", and "w".

L3) Open Directory Setup.
Deselect the first two options and select connect to a
particular server: "<server-ip>" and "network" tag.

L4) Delete/modify any local user accounts that would be in conflict
with your new network accounts.

L5) Make sure you have a local 'admin' account that has administrator
privileges. If something goes wrong, you want to make sure you
can get in and fix things.

L6) Optionally, add a local 'mac' (or other name) account that are
like a guest account so that users can login to the machine
even if the server is down. In my case, my family often just
wants to get online... this account works for them in the
case that something's not working with the server-client
connection.

L7) Restart client machine.

ADVANCED ISSUES

The above works fine, but depending upon your situation, here's some
things that might make it even better...

One issue is that if you add users specific to local machines they
may be added with user IDs in numeric sequence locally, creating some
users that share files on that machine. If you are Unix savvy, I would
recommend that when you create your network users, instead of using
their existing user IDs, you start numbering at 601... possibly just
adding 100 to each. Now, you will need to go to each user's home
directory and change the owner accordingly. (If you don't know how
to do that, I recommend you not worry about this issue.)

The above is assuming all user directories live on one machine, and
then you can login to any machine and see your home directory. But
even cooler setup would have every machine able to be both server
and client. So, your home directory is on the machine on your desk,
but you can login to any machine and it'll pick up your home directory
by automounting it from your machine. I suspect you can set that up
via Netinfo, but have not bothered trying. I'll leave that for someone
else to figure out.

Hope that helps.

graphiteman · Oct 21, 2001, 08:53 PM

Wow!

Thanks! The directions worked flawlessly!