I’ve long extolled the virtues of network-based home accounts, at least in some situations. And, of course, I’ve written copiously on how to implement such a thing in a lab setting. What I’ve never really done in any meaningful way, or for any length of time, is to use network home accounts myself. Until now.
There are certainly situations in which local home accounts are preferable. Generally speaking, they tend to be the way to go if you can swing it. They’re usually a bit more responsive, and of course they don’t rely on a functioning network, proper network settings, authentication servers and home account servers to work. They are the de facto, the default, and they’re what most people are used to. And if your users ever only use their one computer, local home accounts are likely to be all you’ll ever need.
But in environments that involve numerous shared (network) resources, or in which people are moving from computer to computer on a regular basis and need some semblance of consistency among machines, a centrally-located, accessible-from-everywhere home account can be a real blessing. In order to sell this system at my new job (on the Mac side — Linux was already using network homes), I needed to prove its reliability, so I threw myself on the grenade, as it were: I started using a networked home account. And you know what? I really like it.
There are, as alluded, certain inconveniences with such a scheme. For one, login tends to be a bit slower as the system needs additional time to locate and coordinate with the necessary network resources. Also, there is no Trash folder for a network home, and deleting files is immediate on a Mac when done over the network. So every time I try to throw something away I get this alert:
No Trash!
And the file is deleted for good. This is probably the worst part of the networked home. No Trash. But the advantages are so great that I plan to stick with my networked home, despite the minor annoyances.
At some point not too long ago I decided that the reliability test had been a success, and that I could finally revert back to my local home account. So I synced everything back to the local drive, and changed my home account location on the server (I use server-based authentication either way), and logged in. I worked locally for a while, and then I needed to do something on a Linux machine. I logged into that machine — which uses networked home accounts — and got my old, outdated, network home. And that’s when I realized: you can’t have it both ways. You either need to go local-only, in which case you need to really only use one machine, or you need to go networked. Otherwise your data’s all out of sync. And that’s way worse than any network dependencies or minor performance hits. So I immediately switched back to my networked home. And I plan to stay there.
And speaking of having it both ways, I suppose it is possible. At my old job I had a local account on my office computer and a networked account everywhere else. This was okay, but created all sorts of problems — particularly permissions problems — any time I wanted to share data with, uh, myself. Long story short, it was a real pain in the ass. Doable, but kinda sucky. Avoid if possible.
I have to say, since committing to my network home account, I’ve been pretty darned happy with it. Most times I’m completely unaware that I’m even on the network. And it’s great to have the same environment across every machine in the lab. It’s also great to finally be able to say definitively that this approach is not only valid, but actually pretty great in instances in which it’s appropriate.
Go me!
10 Comments
I always had a networked home on UNIX, but that’s impractical for a laptop. Couldn’t you get the best of both worlds, though, using a local home and a mirroring process? rsync isn’t just for backups, you know.
PS: I agree on not having a lot of customizations when you’re a system administrator. It’s what made me a crotchety old man about companies that pick lousy defaults. Even when it’s Apple that’s doing it… or rather, especially when it’s Apple doing it.
What about portable network homes or external homes (on a super-cheap, encrypted flash drive)? Do you feel the potential for sync issues are worth the hassle?
I was suggest the same thing as Peter, although i din’t test it yet: Mobile Accounts. The best of both words!
By the way, what about the performance of applications such Entourage, that uses huge monolithic databases?
@Peter, it does seem possible to rig something with rsync, and I’m certainly an rsync fan. But the data sync and transfer at login and/or logout would make it impractical. In fact, this is what Windows does: it syncs your home account to a network server at login and logout, which slows down both the local machine and the network. I can tell you from bitter experience, it’s godawful. As Rodrigo mentions, Apple offers something specifically for portables called Mobile Accounts.
@Jason, I have not tried Portable Home Directories, though it’s an intriguing idea. I do wonder how conflicts are handled, and how the sync is maintained, though I assume you just use your firewire/USB drive as a local home account and plug in wherever you go. This, of course, would prevent you logging in to more than one machine at a time. It’s also impractical if you’re running around to a bunch of machines all over the place, or if you access your home account from multiple platforms (Mac and Linux for example) both of which I do. But it’s a great idea for running between networks, say from my home computer to my computer at the school where I teach.
@Rodrigo, I have not tried Mobile Home Accounts yet. A colleague here tells me they work very well, though. Someday I hope to see them in action.
Regarding performance, we have a very fast network here, so I have yet to really notice much of a performance hit, though I am not using Entourage or much else in the way of large databases. I would imagine they would be fine as that stuff is usually made to run over networks anyway (my Mail runs fine FWIW). I do keep large, data-intensive files like video on my local disk when I feel it would be prudent. But this has as much to do with not wanting to burden the network as it does with the performance of my own computer.
@All, a network home account is certainly not for everyone, but I’ve been quite pleasantly surprised at how seamless it really is. Once you get used to the little differences you’ll likely not even notice that you’re running over the network in most cases. If you have the proper resources it’s really quite nice and definitely worth trying for a week.
Thanks for the comments!
-systemsboy
If you use Spotlight to find the files that have been modified (the way Time Machine does), the load should be negligible most of the time. Of course this means you have to write your own code to do the mirroring, but that’s not big deal.
Are Apple’s “Mobile Accounts” part of .MAC or whatever it’s called this week?
Ah, so basically what you’re talking about is some sort of mechanism that watched for changes from moment to moment (a la Spotlight) and mirrored on-the-fly using rsync. That would be pretty cool, actually.
Mobile Accounts (as well as networked home accounts, and Portable Homes) are all services offered by Mac OS X Server. They are not .MAC.
-systemsboy
What you described in the last comment (some mechanism that watched for changes and synced up a home directory) is exactly what the Portable Home Directory feature as was made for. They can sync all the computer’s, the server and even USB drives and it can be tweaked for intervals like MobileMe (.MAC) or Spotlight.
Many ways to skin a cat. I must try this Portable Home Directory some day.
-systemsboy
Heheh, well, me personally, I’m with ya on the current solution. I love me my instant networked homes… also hate printers, too. =)
portable homes handle syncs and conflict resolution in fairly reasonable ways. when managed with os x server, there’s a fair amount of flexibility to define what gets synced and when (login, logout, background). it’s imperative also to set sync exclusions and folder redirects to avoid syncing stuff like cache data across the wire.
with a portable home, the primary machine basically uses a local home that syncs to the server at regular intervals, and you’d use a network home on other machines you might need occasionally.
what i’d like to see next (and what probably won’t happen) is detailed tracking, logging, and sync initiation from the server side. now, most, if not all, logging is done on the client. and aside from defining the sync interval on the server, the syncs are initiated client side.