Disclaimer: I assume no responsibility or liability for any actions resulting in the use of the following information. I have tested this and it works great for me, so I feel confident it will work for you. That said, do so at your own risk.
We’re preparing to manage all of our Macintosh clients at work at the start of next school year. This was never implemented in the past for various reasons (personnel, funding, technology, etc), but since I was hired last December, I’ve made it my Grail quest.
A brief paragraph on our setup: We have an Active Directory (AD) domain where all our user accounts and passwords live, and which handles authentication. I’m running my own Open Directory (OD) domain on an 8-Core Intel Xeon beast of an Xserve for managed settings, file sharing, home folders, etc. We’ve achieved single sign by binding the Macs to AD, and then passing off management to OD user/group/machine settings.
This is great, but it all relies on a working network connection. Without one, there’s no access to the machine since it won’t be able to authenticate credentials. I also have an older G4 Xserve configured as an OD replica in case anything happens to the Intel Xserve, the G4 will take over its role until it is back online. But what if something happens to both Xserves or worse, or our network infrastructure? I want to build in a plan to let users have access to the local machine only when the network is unavailable, and until we get the network back. (Ok, so that was two paragraphs on the setup, sorry!)
(more…)
Read More