- Jamf Nation Community
- Products
- Jamf Pro
- AD Binding script with optional parameters
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-27-2019 01:52 PM
I'm trying to modify this script so that I don't have to hard code the values in it, and instead utilize the optional script parameters $4-whatever. I've looked at some of my other scripts that utilize this method and tried to import into this, ut it doesn't seem to work the same. Can someone take a look and help me figure out where I'm going wrong?
I get script exit code 2, and unexpected EOF at line #94
#!/bin/sh
############################ AD_Bind_ARD ###########################
# Patrick Gallagher | patgmac@gmail.com
# http://macadmincorner.com
# This is a script that will bind a Mac to AD from ARD.
# Modified from Mike Bombich's ad-bind-login-tiger.sh script
# which can be found at http://www.bombich.com/mactips/scripts.html
# Needs to be modified for your enviornment
####################################################################
computerid=`/usr/sbin/scutil --get LocalHostName`
# Standard parameters
domain="" # fully qualified DNS name of Active Directory Domain
udn="" # username of a privileged network user
password="" # password of a privileged network user
ou="" # Distinguished name of container for the computer
#################### domain ####################
if [ -n "$4" ]; then
domain=$4
fi
#################### udn ####################
if [ -n "$5" ]; then
udn=$5
fi
#################### password ####################
if [ -n "$6" ]; then
password=$6
#################### ou ####################
if [ -n "$7" ]; then
ou=$7
# Advanced options
alldomains="enable" # 'enable' or 'disable' automatic multi-domain authentication
localhome="enable" # 'enable' or 'disable' force home directory to local drive
protocol="smb" # 'afp' or 'smb' change how home is mounted from server
mobile="enable" # 'enable' or 'disable' mobile account support for offline logon
mobileconfirm="disable" # 'enable' or 'disable' warn the user that a mobile acct will be created
useuncpath="enable" # 'enable' or 'disable' use AD SMBHome attribute to determine the home dir
user_shell="/bin/bash" # e.g., /bin/bash or "none"
preferred="-preferred <redacted>" # Use the specified server for all Directory lookups and authentication
# (e.g. "-nopreferred" or "-preferred ad.server.edu")
admingroups="<re dacted>,<redacted>" # These comma-separated AD groups may administer the machine (e.g. "" or "APPLEmac admins")
# Login hook setting -- specify the path to a login hook that you want to run instead of this script
### End of configuration
# Activate the AD plugin
defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active"
plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist
sleep 5
# Bind to AD
dsconfigad -f -a $computerid -domain $domain -u $udn -p "$password" -ou "$ou"
# Configure advanced AD plugin options
if [ "$admingroups" = "" ]; then
dsconfigad -nogroups
else
dsconfigad -groups "$admingroups"
fi
dsconfigad -alldomains $alldomains -localhome $localhome -protocol $protocol
-mobile $mobile -mobileconfirm $mobileconfirm -useuncpath $useuncpath
-shell $user_shell $preferred
# Restart DirectoryService (necessary to reload AD plugin activation settings)
killall DirectoryService
# Add the AD node to the search path
if [ "$alldomains" = "enable" ]; then
csp="/Active Directory/All Domains"
else
csp="/Active Directory/$domain"
fi
#dscl /Search -create / SearchPolicy CSPSearchPath
#dscl /Search -append / CSPSearchPath "/Active Directory/All Domains"
#dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
#dscl /Search/Contacts -append / CSPSearchPath "/Active Directory/All Domains"
# This works in a pinch if the above code does not
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/SearchNodeConfig "Search Policy" -int 3
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Node Custom Path Array" -array "/Active Directory/All Domains"
defaults write /Library/Preferences/DirectoryService/ContactsNodeConfig "Search Policy" -int 3
plutil -convert xml1 /Library/Preferences/DirectoryService/SearchNodeConfig.plistSolved! Go to Solution.
Reply
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-03-2019 04:58 PM
@jwojda Haven't truly dug into the script. But from quick glance, I'm not seeing fi for both of your if statements in $6 and $7 for lines #30 and #34.. Also your csp variable in lines #79 and #81 appears to be unused. Maybe something something like a -array "$csp" for lines #90 and #92, instead of the full path. Or you can comment out lines #77-82 and leave lines #90 and #92 as is, if you need the default path to be "/Active Directory/All Domains"
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-03-2019 04:58 PM
@jwojda Haven't truly dug into the script. But from quick glance, I'm not seeing fi for both of your if statements in $6 and $7 for lines #30 and #34.. Also your csp variable in lines #79 and #81 appears to be unused. Maybe something something like a -array "$csp" for lines #90 and #92, instead of the full path. Or you can comment out lines #77-82 and leave lines #90 and #92 as is, if you need the default path to be "/Active Directory/All Domains"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-06-2019 08:53 AM
Thank you @JustDeWon I missed closing the if / fi statements as you said!
I also commented out the paths for $csp
Reply
