Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-2522: Scenarios which require Mobile Account creation.

Mac & PC Management Service ,  

12 April,16 at 11:19 AM

Applies to: All versions of Centrify DirectControl on Mac OS X

Question:

Under what conditions is it necessary to create a Mobile Account for Mac users?


Answer:

There are three scenarios in which a Mobile Account is necessary on Mac machines:
  1. If the hard drive has been encrypted with FileVault; only users with local profiles are allowed to unlock FileVault systems (Mobile Accounts exist as both local and network accounts).

    For more information, see:
    KB-2148: How to set up FileVault 2 on Mac OS X
     
  2. If the user has a network home directory configured and wishes to keep backups of their home folder synced between a network file server and the local Mac.
     
  3. If the user has a network home directory configured and needs to use their AD credentials to login to the Mac while off the network.

Note 1: 
  • If the user is configured with a local home directory (e.g. /Users/username/ ), then Mobile Accounts are NOT required for offline logins.
  • The Centrify Agent employs its own cache to allow for AD users to login offline.

Note 2: 
  • A Mobile Account user with a local home directory will see their Mobile Account Settings disabled in the Users & Groups Preferences panel. This is normal since there is no network directory specified and therefore nothing to sync with.

Note 3:

Further Reference:

Please see the following KBs for details on how to set up Mobile Accounts on Mac systems in different environments:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-4340: FileVault 2 GP does not activate FileVault on some machines articleKB-6979: "Unable to create Mobile Account" error displayed when attempting to create a mobile user acocunt for Mac OS X articleKB-2896: How to set up Mobile Accounts via Group Policy in Auto Zone mode. articleKB-2897: How to set up Mobile Accounts via Group Policy in Zone Mode. articleKB-3158: General troubleshooting tips for Centrify for Mobile/SaaS articleKB-10010: FileVault2 fails to initiate for macOS 10.13.x High Sierra systems using Centrify Group Policy and/or cannot add a mobile account as a FileVault unlocker account articleKB-3925: How to add Centrify parameter to a group policy articleKB-3064: How to convert a Network Account without a network home directory into a Mobile Account articleKB-10750: How to reset the administrator password in Privileged Access Service On Prem