I'm currently setting up an OSX Server (Mavericks) in a small company (10.9 on the clients as well), and I'm trying to decide what the best approach is to manage accounts.
The accounts will not be used for roaming; everyone has their own workstation, and never has any desire to log into other machines. This appears to eliminate the need for home directories on the server.
Now I'm wondering whether I should create Local Network Users
or Local Users
(in both cases without a home directory on the server). What is the advantage of using Open Directory to manage Network Users rather than creating Local Users and leaving Open Directory switched off?
There are no other servers or off-site networks involved that we need to 'hook into', so that is not something that seems to lead to a requirement for an Open Directory server.
Is there any reason why I should not just create Local Users instead? What can they not do that Local Network Users can do?
EDIT: While I'm still interested in the answer to this, I've since elected to set up accounts using Open Directory. I could not find a reason not to, and I figured that there might be services that require it of which I'm unaware at this moment. This will hopefully ease future migration.
Best Answer
For a small company, it's not even clear you would set up network users to start with. The costs associated with setting up and running that might be more than it would cost to support a handful of Macs.
Without knowing a few items such as exactly how many accounts, how many Macs, how different the Mac users are (are you setting up a lab with 15 identical machines or is each belonging to a user that has software needs different than all the rest.) Also, your decisions on how much users should support themselves (or can even support themselves) would go into the decision on how best to manage IT time and dollars to support the users.
There often is no best answer other than starting with something that has a chance of working and then iterating as you learn what is really needed in your specific shop.
That being said, if you make Local Network Users they can log into client machines and use the services (file sharing, backup, etc..) from the server but not log directly into the server. Local Users get all the benefits of network users and also get a home directory stored on the server and can log in there as well.
I'd start with two resources for planning your deployment:
The former is easier to get started and organized more in terms of functional tasks and the latter is an exhaustive reference and covers about all the mechanics of how the software operates and is configured.