AD Binding script with optional parameters

Question

I'm trying to modify this script so that I don't have to hard code the values in it, and instead utilize the optional script parameters $4-whatever. I've looked at some of my other scripts that utilize this method and tried to import into this, ut it doesn't seem to work the same. Can someone take a look and help me figure out where I'm going wrong?

I get script exit code 2, and unexpected EOF at line #94

#!/bin/sh

############################ AD_Bind_ARD ###########################
# Patrick Gallagher | patgmac@gmail.com
# http://macadmincorner.com
# This is a script that will bind a Mac to AD from ARD.
# Modified from Mike Bombich's ad-bind-login-tiger.sh script
# which can be found at http://www.bombich.com/mactips/scripts.html
# Needs to be modified for your enviornment
####################################################################


computerid=`/usr/sbin/scutil --get LocalHostName`

# Standard parameters
domain=""         # fully qualified DNS name of Active Directory Domain
udn=""            # username of a privileged network user
password=""                   # password of a privileged network user
ou=""     # Distinguished name of container for the computer

#################### domain ####################
if [ -n "$4" ]; then
    domain=$4
fi
#################### udn ####################
if [ -n "$5" ]; then
    udn=$5
fi
#################### password ####################
if [ -n "$6" ]; then
    password=$6
#################### ou ####################
if [ -n "$7" ]; then
    ou=$7

# Advanced options
alldomains="enable"           # 'enable' or 'disable' automatic multi-domain authentication
localhome="enable"            # 'enable' or 'disable' force home directory to local drive
protocol="smb"                # 'afp' or 'smb' change how home is mounted from server
mobile="enable"           # 'enable' or 'disable' mobile account support for offline logon
mobileconfirm="disable"       # 'enable' or 'disable' warn the user that a mobile acct will be created
useuncpath="enable"           # 'enable' or 'disable' use AD SMBHome attribute to determine the home dir
user_shell="/bin/bash"        # e.g., /bin/bash or "none"
preferred="-preferred <redacted>"   # Use the specified server for all Directory lookups and authentication
                            # (e.g. "-nopreferred" or "-preferred ad.server.edu")
admingroups="<re dacted>,<redacted>"  # These comma-separated AD groups may administer the machine (e.g. "" or "APPLEmac admins")

# Login hook setting -- specify the path to a login hook that you want to run instead of this script


### End of configuration

# Activate the AD plugin
defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active"
plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist
sleep 5

# Bind to AD
dsconfigad -f -a $computerid -domain $domain -u $udn -p "$password" -ou "$ou"

# Configure advanced AD plugin options
if [ "$admingroups" = "" ]; then
    dsconfigad -nogroups
else
    dsconfigad -groups "$admingroups"
fi

dsconfigad -alldomains $alldomains -localhome $localhome -protocol $protocol 
    -mobile $mobile -mobileconfirm $mobileconfirm -useuncpath $useuncpath 
    -shell $user_shell $preferred

# Restart DirectoryService (necessary to reload AD plugin activation settings)
killall DirectoryService

# Add the AD node to the search path
if [ "$alldomains" = "enable" ]; then
    csp="/Active Directory/All Domains"
else
    csp="/Active Directory/$domain"
fi

#dscl /Search -create / SearchPolicy CSPSearchPath
#dscl /Search -append / CSPSearchPath "/Active Directory/All Domains"
#dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
#dscl /Search/Contacts -append / CSPSearchPath "/Active Directory/All Domains"

# This works in a pinch if the above code does not
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Policy" -int 3
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Policy" -int 3

plutil -convert xml1 /Library/Preferences/DirectoryService/SearchNodeConfig.plist

JustDeWon · Accepted Answer

@jwojda  Haven't truly dug into the script. But from quick glance, I'm not seeing fi for both of your if statements in $6 and $7 for lines #30 and #34.. Also your csp variable in lines #79 and #81 appears to be unused. Maybe something something like a -array &#034;$csp&#034; for lines #90 and #92, instead of the full path. Or you can comment out lines #77-82 and leave lines #90 and #92 as is, if you need the default path to be &#034;/Active Directory/All Domains&#034;

ImAMacGuy · Answer

Thank you @JustDeWon I missed closing the if / fi statements as you said!I also commented out the paths for $csp

AD Binding script with optional parameters

2 replies

Reply

Most helpful members this week

Cookie policy

Cookie settings

Reply

Related topics

Using Passwords in CLI commandsicon

10.13 - FileVault 2 and Secure Tokensicon

Changing Local Admin Account Password (Help!)icon

Push .command to be executed as current usericon

Password Policy profile disables user accounticon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings