Applies to: All versions of Centrify DirectControl on Mac OS X 10.6 and above
The "Home Sync" rules GPs have been configured to only sync the ~/Documents folder, but the system still tries sync the whole ~/Library folder as well.
How can the sync rules GPs be configured to prevent ~/Library from syncing every time?
The ~/Library folder is actually controlled by the "Preference Sync" rules and not by the "Home Sync" rules.
If the "Preference Sync" rules are not enabled, then the Mac will use the default local settings, and sync all files and folders under ~/Library as well.
The full Synchronization Rules GPs should be configured as follows:
- ... / Synchronization Rules / Home Sync / "Enable home sync rules":
- - Enabled (Sync times can be configured as desired)
- ... / Synchronization Rules / Home Sync / Synchronize items / "Synchronize home sync items":
- The only entry should be: ~/Documents
- (Note that if any other folders in the home folder are desired to be synced, enter them here. E.g: ~/Desktop, ~/Downloads, etc.)
- ... / Synchronization Rules / Preference Sync / "Enable preference sync rules":
- Enabled (Clear all the checkboxes)
From the GP Explain tab:
- "Home Sync is used for files in the user's home folder (~), but it will not sync files in ~/Library or ~/Documents/Microsoft User Data."
- "Preference sync is used for preference files in ~/Library and ~/Documents/Microsoft User Data. It cannot sync files outside these directories."
So to prevent ~/Library from being synced, enable "Enable preference sync rules" GP, and then uncheck all checkboxes in that setting.
- Enabling / Disabling the "Home Sync" and "Preference Sync" GPs themselves does not mean turning on or off the sync operations.
- Enabling the GPs means to tell the Mac systems that these rules are now managed by AD and will override whatever is set on the local system.
- This is why the Preference Sync GP needs to be first enabled (to enable "rule management"), and then the rules themselves disabled (to disable the actual syncing).
- To disable all syncing completely and only use the local home folder, go into the "Configure mobile account creation" GP and select the "Create home using: local home template" option.