We are using Open Directory on a Mac OS X Server 10.6.
Our goal is to enforce password changes for users which can easily be done through Open Directory. However, we must first bind the clients to the Open Directory server. The issue we are running into is that most the the user accounts on the clients match the account on Open Directory. Therefore it won't login to the network account. Once the account is removed on the local machine it connects without a problem through OD. We do not want to store user data on the server and it is IMPORTANT that we keep there local user profile accessible when the login.
As of now, these are the steps we would have to take (after binding):
- Login as administrator
- Make sure existing user account doesn't match OD
- If it does, modify the account name
- Logout and login as OD account to establish
- Logout and login as administrator
- Remove old account but keep home directory
- Set OD user home directory as existing user account
This clearly seems like a lot of work to get one account running. Can anyone think of a better approach and a way or automate some of this? Any help would be greatly appreciated.