Set up home folders for user accounts in Directory Utility on Mac
On a computer that’s configured to use the Directory Utility Active Directory connector, you can enable or disable network home folders or local home folders for Active Directory user accounts.
With network home folders, a user’s Windows network home folder is mounted as the macOS home folder when the user logs in.
You determine whether the network home folder location is obtained from the Active Directory standard homeDirectory attribute or from the macOS homeDirectory attribute, if the Active Directory schema is extended to include it.
With local home folders, each Active Directory user who logs in has a home folder on the macOS startup volume. In addition, the user’s network home folder is mounted as a network volume, like a share point. The user can copy files between this network volume and the local home folder.
In the Directory Utility app on your Mac, click Services.
Click the lock icon.
Enter an administrator’s username and password, then click Modify Configuration (or use Touch ID).
Select Active Directory, then click the Edit button (looks like a pencil).
If the advanced options are hidden, click the disclosure triangle.
Click User Experience.
If you want Active Directory user accounts to have local home folders in the computer’s /Users folder, click “Force local home folder on startup disk”.
This option is not available if “Create mobile account at login” is selected.
To use the Active Directory standard attribute for the home folder location, select “Use UNC path from Active Directory to derive network home location”, then choose from the following protocols for accessing the home folder:
To use the standard Windows protocol SMB, click the “Network protocol to be used” pop-up menu, then choose smb.
To use the standard Mac protocol AFP, click the “Network protocol to be used” pop-up menu, then choose afp.
To use the macOS attribute for the home folder location, deselect “Use UNC path from Active Directory to derive network home location”.
To use the macOS attribute, the Active Directory schema must be extended to include it.
If you change the name of a user account in the Active Directory domain, the server creates a home folder (and subfolders) for the user account the next time it is used for logging in to a Mac. The user can still navigate to the old home folder and see its contents in the Finder.
You can prevent creation of a home folder by renaming the old folder before the user next logs in.