Convert local OSX account to Open Directory account

2

How to convert a local user account to a network user account

Learn how to re-use an existing home folder with a user account in another domain in this advanced article.

Although there is no direct process to convert a local account to a network account, you can re-use an existing user’s home directory with a different user account. For example, if your company or school is deploying an Open Directory or an Active Directory server, you can use the following steps to re-use an existing user’s home directory while logging in with a network account.

In order to perform these steps you will need to log in with a different administrative user than the user you’re trying to convert. If there is only one local user on the system, it may be necessary to create another local admin user before proceeding with these steps.

Important: You should back up the user’s home folder before proceeding with these steps.

Overview

These steps let you perform the following tasks:

  • Delete the local user account, choosing to keep the home folder.
  • Rename the local home folder.
  • Bind to the directory domain.
  • Copy the home folder to the server.
  • Change ownership of the home folder.

Steps

Delete the local user account and choose to keep the home folder

  1. In System Preferences, select Users & Groups (or Accounts in Mac OS X v10.6).
  2. If locked, click the padlock to authenticate.
  3. Select the user account you would like to convert.
  4. Click the Delete button (-).
  5. When prompted about what to do with the home folder, click “Don’t change the home folder” and then click OK. The home folder remains in the Users folder.

Rename the local home folder

  1. In the Finder, navigate to the Users folder.
  2. Locate the deleted user’s home folder. It will have “(Deleted)” appended to the name.
  3. Rename the home folder to match the short name of the new user account. Be sure to remove the following:
    • the ” (Deleted)” portion of the folder name
    • any trailing spaces in the folder name
  4. Enter an administrator’s name and password when prompted.

Bind to the directory domain; copy the home folder to the server

  1. Bind to your directory domain server using the Users & Groups (or Accounts in Mac OS X v10.6) preference pane.
  2. Use your preferred method to copy the home folder to the network home directory server. For example, the following Terminal command will copy a home folder to a server. You’ll need to have the root user enabled on the home directory server.
    sudo scp -Epr /Users/username root@server.example.com:/Users/username

    Where username is the short name of the user account, and server.example.com is the name of the home directory server

    The -E option to preserve extended attributes, resource forks and ACLs is only supported on Mac OS X v10.4 or Mac OS X Server v10.4 and later. Refer to the scp man page for more information.

  3. Enter your local administrator password at the first password prompt. Enter the server’s root password at the second password prompt.

Change ownership of the home folder

  1. Once the computer is bound to the domain, change the ownership of the home folder. If you are converting to use a network home directory perform this step on the server. The following Terminal command will assign ownership to the network user:
    sudo chown -R username:staff /Users/username/

    Where username is the short name of the network user account, staff is the short name of the user’s primary group, and /Users/username/ is the path to the user’s home directory on the server.

  2. Enter the server’s administrator password when prompted.

Test logging in

When logging in with a converted home directory, note that some settings may not work as previously configured. This can occur when changing the location of a user’s home folder because settings may be written using the full path to a resource rather than a relative path. Once you update these settings, it will change the path to include the new home directory location.

Source : https://support.apple.com/en-us/HT202506

2 thoughts on “Convert local OSX account to Open Directory account

  1. I have Sierra 12.2. machine at both end with server 5.2. I get constantly following error.
    scp: illegal option — E
    usage: scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
    [-l limit] [-o ssh_option] [-P port] [-S program]
    [[user@]host1:]file1 … [[user@]host2:]file2

    I tried both with SIP enabled and disabled.

    Is there something more I could do?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.