Mac to Mac with AD?
April 23, 2008 7:46 AM   Subscribe

How do I transfer a normal Mac account to an Active Directory Mac account on my new Mac?

I want to transfer all data, settings, preferences bookmarks and applications from a normal user account to a new Machine which is set up with Active Directory. I've lots of experience using Migration assistant to move users from Mac to Mac, but AD throws a new twist into it. You cannot have a normal user and an AD user with the same username, so transferring with Migration Assistant will only transfer applications and documents that are on the top level of the hard drive. No user data is transferred because the username already exists on the AD Mac.
posted by Gungho to Computers & Internet (2 answers total) 1 user marked this as a favorite
 
Best answer: This is actually pretty simple, though it involves a few steps. Basically, all you need to do is copy the entire home folder (/Users/username) from the old computer to the new computer, rename it to match the AD user's username, and then change the folder's ownership to match the AD user. All of this can be done from the Terminal.

Breaking it down...
  1. Boot old computer in target disk mode and attach it to new computer with a firewire cable.
  2. On new computer, open the Terminal and type the following to copy the home folder to the new computer and rename it in one step:
    sudo ditto /Volumes/old-hd-name/Users/username /Users/AD-username
    (It will ask you to supply your admin password)
  3. Now that the home folder has been migrated and renamed, you need to determine the user's AD group so you can assign the correct privileges to the folder. Use the following command to accomplish it:
    dscl /Search -read /Users/AD-username | grep PrimaryGroupID
    Copy the PrimaryGroupID number (just the digits). We'll use it in the next step.
  4. Now you need to recursively change the home folder's ownership:
    sudo chown -R AD-username:PrimaryGroupID /Users/AD-username
That should do it. This all assumes the new computer is bound to AD and you have the Create mobile account at login option enabled in the Directory Utility's AD plug-in settings.
posted by pmbuko at 8:36 AM on April 23, 2008


Response by poster: Cool. Thanks.
posted by Gungho at 9:48 AM on April 23, 2008


« Older Fair Use or Not?   |   Photographer wants to style hair Newer »
This thread is closed to new comments.


Tags

Share