It's rare, but sometimes mobile accounts (accounts that sync to an Active Directory/LDAP entry) can become corrupt and bad things happen as a result. Common symptoms are shells not being able to start, applications claiming you don't permission to do this-or-that, etc. I still haven't found a good reason for this happening, but have discovered the corruption exists in /Local/Default/Users/<user> in the local Directory Service on the mac. Since the data is synced to Active Directory/LDAP, the easiest thing to do is simply delete the entry in Directory Service using dscl. Then when you log in with the account (using the Other option in the Login Window,) it will create a new mobile account and take over the home directory for the old account that you DIDN'T delete. Since the uid is synced, the files in the home directory are owned by new mobile account. To delete the entry in Directory Service, run the following command replacing <user> with the username of the account to be removed.
dscl . -delete /users/<user>
0 comments:
Post a Comment