Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4115: Mobile Home Sync creates hidden folders after the first sync

Centrify Identity Service, Mac Edition ,  

12 April,16 at 11:07 AM

Applies to: Centrify DirectControl on all versions of Mac OS X

Problem:

A Mac is configured to convert the AD user to a Mobile Account upon login.

If the user's network home folder is empty and folder structure needs to be created as well - then some of the home folders (Desktop, Documents, etc) will be created as hidden folders.

‚Äč
Cause:

This appears to be a bug in OS X's  FileSyncAgent mechanism and can be reproduced with Apple's own AD plugin (no Centrify installed):
  1. Create an AD user in ADUC with a new, empty network home folder
  2. Join the Mac to the domain using the Apple AD Plugin (System Preferences > Users & Groups > Login Options > Join)
  3. Make sure to enable: "Create mobile account at login"
  4. Login to the Mac as the newly created AD user
  5. Configure the mobile account to sync the home folder
  6. After the first sync, check the user's network home folder share. Some folders will be created with the hidden attribute enabled.


Workaround:

Pre-create the home folders on the network home share before syncing for the first time.

There are two options to do this easily:

Option 1:
  • Have the AD user log into a Mac where the Mobility Settings GPs have not been enabled, but where the AD user will still use their network home folder.
  • After the AD user logs in for the first time with just the network home folder enabled (no mobility settings applied) home folder contents will be created correctly.

Option 2:
  • Have the AD user log into the Mac with the Mobility Settings GPs enabled, but make sure to select the [ Don't Create ] button when prompted for the first time.
  • This will allow them to log in with just the network home folder (same as Option 1).
  • The second time the AD user logs in, they can now select the [ Create Now ] option when prompted again.
  • (After the Mobile Account is created, the user will not be prompted again)


Resolution:

None. The FileSyncAgent is maintained by Apple and they have been notified. (Apple Bug ID #13005631)



For more information on network home folder configuration and Mobile Account creation, see the following KBs:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.