Skip to main content

We are new to JSS and were using Profile Manager to manage our Macs before making the switch. In our old Profile Manager setup we had the Finder ‘Connected Servers’ setting to show on the users desktop. We are currently pushing out an Art Share to one of our Mac labs and mounting it on the workstation desktop using the Finder ’Connected servers’ setting I mentioned above. We are than hiding the users home drive mount on the desktop, but displaying their documents folder in the Dock.



I don’t see and option to hide the users home directory in JSS. The issue is that the workstation is mounting the root of the share and not their home folder directly. Although the user does not have access to any folder but their own with in the root, we would rather them not see the other folders in this share. I there a solution where I can hide the home directory mount from the desktop or possibly not show connected servers on the desktop and create an alias on the desktop or Dock?

Hi,



If you are using mount volume "smb://${adHome}" the OS should do the mounting for you. You don't need to specify where it gets mounted.



Is the drive not mounting with that method?

@davidacland It is but then prompts the user for a username / password.

Use python and the NetFS API



https://gist.github.com/hunty1/94284f2535a964a2ed8f2297974e98ca



run it like this by providing two arguments, the server address and the share name
./mount_share.py <your.file.server.com/homes/student> <student>

@Chuey It still sounds kerberos related to me. If you log in and try to mount the drive using Go > Connect to server... does that also ask for a username & password?



@calumhunter I hadn't tried mounting a drive with Python before. Thanks for sharing :)

Sounds like this is a new macOS feature, & the Apple have a KB here on how to make a change to use kerb & not prompt.



The AppleScript mount volume uses NetFS & some other logic @hunty. My AppleScript methods piqued the curiosity of @frogor & @kcrawshaw so they reversed engineered it to time the NetFS API.



I was looking to do a Swift NetFS App next year, but seems that the AppleScript's additions still win in some cases.

@davidacland My admin account will never ask for the password. Only standard accounts are getting asked to input their password. . .



EDIT If the standard user has never logged into the computer it will allow me to navigate to their network home directory without a password. If I log out and log back in on the same computer it will prompt me for the password. Sorry wanted to clarify that Kerberos is working properly.

@Chuey Was looking at your 11/20 post and we have a portion of our dock setup script - which utilizes dockutil - that adds an additional link (the globe you refer to) to connect to the user's network folder.



Our dock setup script incorporates the same code as the SMB/AD home script to get the full network folder path and then uses this to add the connection to the "Connect to Server" server favorites list as well as an icon to connect to it in the Dock. We prefer to have multiple places for our users to be able access their network folder.



I've copied and pasted the applicable portions of that script into a new script below.



#!/bin/bash



USER=$(/bin/ls -l /dev/console | /usr/bin/awk '{print $3}')

LOG="/path/to/logfile.log"

DOCKUTIL="/path/to/dockutil"

SFLTOOL="/usr/bin/sfltool"

PLIST="com.apple.LSSharedFileList.FavoriteServers"

ADHOME=$(/usr/bin/dscl . -read /Users/$USER 

        | grep -e "SERVERNAME" | head -n 1 

        | sed 's|SMBHome:||g' 

        | sed 's|dsAttrTypeNative:original_smb_home:||g' 

        | sed 's/^[\\]*//' 

        | sed 's:\\:/:g' 

        | sed 's/ ////g' 

        | tr -d '

' 

        | sed 's/ /%20/g')



# For writing info to log file

writelog () {

    /bin/echo "${1}"

    /bin/echo $(date) "${1}" >> $LOG

}



# Add user's AD home folder to Dock for easier access

if [ "${ADHOME}" == "" ]; then

    writelog "ADHOME Shortcut: User ${USER} does not have an SMBHome attribute. Skipping network folder Dock shortcut creation ..."

else

    writelog "FOUND: SMBHome identified for ${USER}."

    writelog "Creating network folder Dock shortcut for ${USER}."

    $DOCKUTIL --add "smb://${ADHOME}" --label "My Network Folder" --before Applications --no-restart 

    writelog "CREATED: Network folder Dock shortcut for ${USER}."

fi



# Add user's AD home folder to Favorite Server list w/ name "My Network Folder"

$SFLTOOL add-item -n "My Network Folder" $PLIST "smb://${ADHOME}"



if [ $? = 0 ]; then

    writelog "Successfully added ${USER}'s network folder to Favorite Servers."

else

    writelog "Failed to add ${USER}'s network folder to Favorite Servers."

fi



exit

@aporlebeke Thanks for that.



I'm still confused as to why when I log in to a machine with a user who has never logged in before, the globe automatically appears and is mapped to their network home folder using SMB, and when clicked it opens the share.



BUT if you log out and back in on the same machine with that user and click the globe it prompts for the password again.



Anyone have an idea as to why this happens?

@Chuey As posted in another thread, I think you might need this

Reply


Terms & ConditionsCookie settings