Centrify DirectControl for Mac OS X 10.9 or aboveProblem:
An AD account has been converted to a Mobile Account and Home Syncing has been enabled, however the following issues are seen:
- Logout and login syncs take ~20 minutes to complete.
- Errors showing some folders are not able to sync at all.
Both types of errors can be seen below:
Starting from OS X 10.9, Mobile Home Syncing now uses the SMB2/SMB3 protocol for network home mounting instead of SMB1 (SMB2 is used on 10.9 and SMB3 for 10.10).
Windows network shares use SMB1 by default. Therefore, if the network homes are being hosted on a Windows share, then the mismatch of SMB versions can cause the sync issues seen.
When this occurs, the following type of entries may be seen in the system.log
:May 19 11:36:07 albertmacair kernel: smb_iod_reconnect: Reconnected share MOBILE with server fileserver.albert3.local
May 19 11:36:07 albertmacair kernel: smb_fid_get_kernel_fid: No SMB 2/3 fid found for fid ...
This is not a Centrify-specific issue as the same errors can also be seen with systems bound under the native Apple AD plugin.Workaround:
Mac systems can be forced to use SMB1 only by using the following configuration:
- Login to the Mac as Local Admin
- Edit, or create a text file at the location
- Open the text file for editing and enter the following lines:
- Save the file and run the following commands:
- sudo chown root:wheel /etc/nsmb.conf
- sudo chmod 644 /etc/nsmb.conf
- Reboot the Mac for the setting to take effect.
To create the file via group policy:
- Enable the GP at:
- Computer Configuration / Centrify Settings / Common UNIX Settings / "Specify commands to run"
- Insert the following command:
- sudo sh -c "echo '[default]' >> /etc/nsmb.conf; echo 'smb_neg=smb1_only' >> /etc/nsmb.conf"
To revert the change and switch back to SMB2 / SMB3, delete the /etc/nsmb.conf
file and reboot the Mac.
For more information on the method used in this workaround, see: (External link provided as a courtesy)
Resolution:This is an Apple issue and they have acknowledged the bug.
Reference: Apple Bug ID #20951854.
For more information on the different SMB versions, see: