Convert local OSX account to Open Directory account
How to convert a local user account to a network user account
Learn how to re-use an existing home folder with a user account in another domain in this advanced article.
In order to perform these steps you will need to log in with a different administrative user than the user you’re trying to convert. If there is only one local user on the system, it may be necessary to create another local admin user before proceeding with these steps.
Important: You should back up the user’s home folder before proceeding with these steps.
Overview
These steps let you perform the following tasks:
- Delete the local user account, choosing to keep the home folder.
- Rename the local home folder.
- Bind to the directory domain.
- Copy the home folder to the server.
- Change ownership of the home folder.
Steps
Delete the local user account and choose to keep the home folder
- In System Preferences, select Users & Groups (or Accounts in Mac OS X v10.6).
- If locked, click the padlock to authenticate.
- Select the user account you would like to convert.
- Click the Delete button (-).
- When prompted about what to do with the home folder, click “Don’t change the home folder” and then click OK. The home folder remains in the Users folder.
Rename the local home folder
- In the Finder, navigate to the Users folder.
- Locate the deleted user’s home folder. It will have “(Deleted)” appended to the name.
- Rename the home folder to match the short name of the new user account. Be sure to remove the following:
- the ” (Deleted)” portion of the folder name
- any trailing spaces in the folder name
- Enter an administrator’s name and password when prompted.
Bind to the directory domain; copy the home folder to the server
- Bind to your directory domain server using the Users & Groups (or Accounts in Mac OS X v10.6) preference pane.
- Use your preferred method to copy the home folder to the network home directory server. For example, the following Terminal command will copy a home folder to a server. You’ll need to have the root user enabled on the home directory server.
sudo scp -Epr /Users/username root@server.example.com:/Users/username
Where username is the short name of the user account, and server.example.com is the name of the home directory server
The -E option to preserve extended attributes, resource forks and ACLs is only supported on Mac OS X v10.4 or Mac OS X Server v10.4 and later. Refer to the scp man page for more information.
- Enter your local administrator password at the first password prompt. Enter the server’s root password at the second password prompt.
Change ownership of the home folder
- Once the computer is bound to the domain, change the ownership of the home folder. If you are converting to use a network home directory perform this step on the server. The following Terminal command will assign ownership to the network user:
sudo chown -R username:staff /Users/username/
Where username is the short name of the network user account, staff is the short name of the user’s primary group, and /Users/username/ is the path to the user’s home directory on the server.
- Enter the server’s administrator password when prompted.
Test logging in
When logging in with a converted home directory, note that some settings may not work as previously configured. This can occur when changing the location of a user’s home folder because settings may be written using the full path to a resource rather than a relative path. Once you update these settings, it will change the path to include the new home directory location.
I have Sierra 12.2. machine at both end with server 5.2. I get constantly following error.
scp: illegal option — E
usage: scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
[-l limit] [-o ssh_option] [-P port] [-S program]
[[user@]host1:]file1 … [[user@]host2:]file2
I tried both with SIP enabled and disabled.
Is there something more I could do?
Looks like that COULD be a keychain issue. Are you getting that on all client computers or just one? If its all of them its something more than keychain most likely.