Network based homes are cool, and we have written about them in the past. They can have scaleability issues though when you are trying to have even a seemingly small amount of users perform an activity that causes a lot of file IO. Typically these are cache operations that take place in ~/Library/Caches, and often this is dealt with by redirecting those ephemeral files and directories to the local drive. This works well as they are just caches and they are recreated as needed.
In the distant past this has required custom login scripts, more recently sysadmins have been able to employ Network Home Redirector to set things up.
But with Leopard here the future is now and everything just got a lot easier. Not only does 10.5 have a built in network folder redirector, but it even has a nice GUI to set it up with.
Read on for more…
The first thing you need to know is that this is a feature of 10.5 and your client must be 10.5 for it to work. You shouldn’t need a 10.5 server as it’s all MCX, but I’ve not had the opportunity to test that yet.
The second thing to know is that this cool tool is typical of many Apple things. It’s not documented, it’s simple, and it’s hidden in plain sight.
Your first task is to fire up Workgroup Manager and go to the preferences manager. Click on the Details tab, now click the plus button. Navigate to /System/Library/CoreServices and add in the ManagedClient.app bundle. Holy smokes! Look at all the preference manifests that just got imported! There are many cool things in here, and all of them are documented in the User Management Admin Guide. All of them but one, the Folder Redirection manifest for com.apple.mcxredirector.
With the accounts, group, or computer group you want to manage selected open the Folder Redirection manifest. Open the Always key and then click the New Key button.
Your choices for the root of this key are the three different types of redirection you can perform: Login, Logout, or Other. Now the first two are easy to understand, but Other is a bit trickier. Other Redirections will take place whenever there is a policy refresh. This means network transitions, reboots, login and logout.
For a simple example select Login Redirections. Select and open the Login Redirections key and then click New Key again. Now you have your first redirect action to work with.
There are four different redirect actions to choose from:
deleteAndCreateSymLink: This action deletes the folder in the home and redirects to a local symlink
renameAndCreateSymLink: This action renames the folder in the home and redirects to a local symlink
deletePath: This action just whacks a folder in the home
deleteSymLinkAndRestore: This action removes the symlink and then restores a folder that was renamed by the renameAndCreateSymLink action.
The default action will be the deleteAndCreateSymLink one. The default Folder Path key will point to “~/Library/Caches”, and this is probably the most common folder to redirect. The default Destination Folder Path key is “/tmp/%@/Library/Caches” and it requires a bit of explanation.
In the Folder Redirection manifest you simply use “%@” to fill in the current user’s name. If we look at the default action we can see that on login the ~/Library/Caches folder in the user’s netowrk home will be deleted and a symlink will be created in its place that points to /tmp/<user>/Library/Caches.
Pretty cool eh?
So what if you don’t want to delete the caches? What if the user sometimes needs them in there? This is when you would use the renameAndCreateSymLink as a login action and the deleteSymLinkAndRestore as a logout one. So for use on any particular computer the local redirect behavior could be enforced, while preserving the contents of the redirected network folders. With the logout action the preserved folders are even restored to their original state when the user logs out. How much scripting time did that just save you?
While the mcxredirector may not be a glamorous feature of Leopard it is very cool and is one that will save sysadmins lots of work and heartache.
As always, have fun and read the man pages!