Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4439: How to convert a migrated account into a network account after unlinking from the Account Migration Tool on Mac OS X

Centrify Identity Service, Mac Edition ,  

12 April,16 at 11:22 AM

Applies to: Centrify DirectControl on Mac OS X 10.6 and higher

Question:

How can I unlink a migrated local account and convert it into a network account?


Answer:
  1. Log into the Mac as a Local Admin.
  2. For migrated accounts that were created on Centrify for Mac agent versions 5.2.1 and below:
    • Go to System Preferences > Centrify > Account Migration > Select the target user > Unlink
    • There will be a pop up saying that the user will need to create a local account with the same name to access this home directory. Click OK.
    • User-added image
    • Notes:
      • Migrated accounts that were created on versions 5.2.2 and higher are migrated differently and don't need to be manually unlinked from this menu.
      • Accounts that have been converted to Mobile Accounts will need to have their local user records deleted manually from System Preferences > User & Groups > (Make sure to use "Don't change the home folder" option):
      • User-added image
      • Alternatively, the following command could also be used to only delete the local user record (without affecting the local home folder):
        • sudo dscl . -delete /Users/local_username
  3. Flush the AD cache:
    • sudo adflush
  4. View the contents of the /Users directory:
    • ls -ln /Users/
  5. If the home directory folder name does not match the AD username,  rename the folder so that it matches the username of the target account.
    • Open the Terminal and enter the following commands:
      • sudo mv /Users/old_username /Users/ad_username
    • (Where ad_username is the username of the AD user)
  6. Change the ownership of the user's home directory.
    • sudo chown -R ad_username /Users/ad_username
  7. Use adquery to view the UID for ad_username.
    • adquery user -u ad_username
  8. List the contents of /Users and make sure that the change of ownership actually took.
    • ls -ln /Users
    • User-added image
  9. Log in as the AD user.
  10. If needed, choose to Update Keychain Password.
    • User-added image
  11. Test if the account can access the home folder and open files. 

Related KBs:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-4423: Manually converting a local user to a Centrify Active Directory user on Mac OS X articleKB-4382: FileVault password is not syncing with AD password articleKB-3150: How to set up Mobile Home Sync with Migrated Accounts articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-6041: How to show current license type in use by adclient? articleKB-6056: How to report the group policy settings that are in effect for the local computer? articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-3064: How to convert a Network Account without a network home directory into a Mobile Account articleKB-6038: How to specify the license type to use when joining the server to AD using adjoin? articleKB-4634: Account conflict error shown when trying to login with non-migrated accounts