AD SMB Home Directory Mounting (SMBHome) with Hidden Directories

pickerin
Contributor II

I'm at a bit of a loss now...

I've read through the forums and haven't seen this particular problem. I'm trying to mount our user's home directories off of their Windows AD file shares. I'm using the script "mountNetworkShare.sh" found here, as well as various other folks attempts at Bash scripts and/or AppleScripts.

The issue is straightforward:
The output of 'dscl . read /Users/myusername SMBHome' at the command line is:
SMBHome: heServerPrivate$myusername

Unfortunately, that $ is wrecking havoc with all of the shell-based scripts, as it truncates at the $.
For example, the output of the command:

./mountNetworkShare.sh one two myusername is:
Attempting to read SMBHome attribute from user record since the 'share' parameter is blank...
Share determined to be: smb://theServer/Private$

And then, of course, it fails to mount.

Any thoughts on successfully preserving that $ as part of the mount command?

1 ACCEPTED SOLUTION

bentoms
Esteemed Contributor
Esteemed Contributor
24 REPLIES 24

daz_wallace
Contributor III
Contributor III

Hi Pickerin,

You could try calling the share back in double quotes ( " " ) or possibly try and escape the $ with a backslash in front "".

Hope that helps

Darren

pickerin
Contributor II

Darren,

Thanks for the thoughts, the quotes don't seem to work either. I've abandoned the initial script as flawed for our environment and am re-writing the guts of it in Python to get around the shell problems. So far it's looking pretty good, but I'm still having an issue with the "jamf mount" command, as I think it's now choking on the $ as well. Sigh.

bentoms
Esteemed Contributor
Esteemed Contributor

pickerin
Contributor II

@bentoms
I've previously taken a hard look at your stuff, but I want to create a Dock icon that allows them to click it and it will re-mount their home directory, without requiring the username/password (assuming a valid Kerberos ticket). Whenever I try: mount volume "PROTOCOL://SERVERNAME.FQDN/SHARENAME", it prompts for the username/password. Yet if I use Go -> Connect to Server and mount it, it doesn't.

Perhaps I just need to give up the dream and try your stuff out. Off I go... Thank you, I'll mark it as answered if it all works.

bentoms
Esteemed Contributor
Esteemed Contributor

@pickerin. That is exactly how it works.

Save the AppleScript as an app, run via a launchagent & will use Kerberos ticket @ login. Also, can be re-run with no issue.

Only prompted for username & password when no ticket (like over VPN).

bentoms
Esteemed Contributor
Esteemed Contributor

@pickerin. If you have issues, reply on my blog & we can chat via email then to see what went wrong & can then update here.

I need to move it to GitHub ASAP with the expanded use cases which may assist you.

pickerin
Contributor II

@bentoms
You're right, it worked flawlessly as an application. Nicely done.
I did have issues getting it to compile, the problem is this line:
"try mount volume "smb:" & ADHome on error"
It has to be:
try
mount volume "smb" & ADHome
on error
Or else the AppleScript Editor will give a syntax error when trying to compile.

bentoms
Esteemed Contributor
Esteemed Contributor

@pickerin.

Awesome. Yea the syntax issues are why I'm gradually posting the scripts to GitHub.

pickerin
Contributor II

@bentoms
Thanks for all of the help. I've got the Application running when I double-click it on the Desktop, but when run as a Self-Service Application (as a Script, using either the .scpt version or the .app version), it fails with:
Script result: /Library/Application Support/JAMF/tmp/MountPrivateDir.app: line 1: syntax error near unexpected token `newline' /Library/Application Support/JAMF/tmp/MountPrivateDir.app: line 1: `'

Any ideas?

bentoms
Esteemed Contributor
Esteemed Contributor

Deployed via HTTP/S?

Try AFP/SMB.

Also, why? Just throw the app in /Applications & add to the dock using dockutil

pickerin
Contributor II

@bentoms

I prefer having this type of stuff deployed via Self Service, I actually want to drive my folks there because then they see the other items that we're deploying through there and know that if they have an infrastructure issue, Self Service is where to find the solution.

That said, I'm not sure what you mean by "Deployed via HTTP/S". The script is running locally as evidenced by the error message. The fact that it's dropping it into /Library/Application Support/JAMF/tmp seems to imply it's being downloaded, I assume off of HTTP/S. I don't see anywhere to change the deployment type for only that application or for only that Policy.

bentoms
Esteemed Contributor
Esteemed Contributor

@pickerin. By HTTP/S i meant is the method you're using to deploy the script? i.e. are you using HTTP/S distribution points? if so, try AFP/SMB

pickerin
Contributor II

The issue here is that I am in fact using HTTP/S as my distribution point. I'm attempting to distribute a .app file and the web server providing the distribution point just sees the .app file as a directory and is providing a directory index back to the client, rather than downloading the file.

The issue is discussed here, but there is not a solution to distributing a .app file via a HTTP/S distribution point:
https://jamfnation.jamfsoftware.com/article.html?id=116

bentoms
Esteemed Contributor
Esteemed Contributor

Sorry replied to that too.

This is the AppleScript right? What happens if your try it as an AppleScript & not a .app? (Like a .applescript).

I think that will work. From: https://jamfnation.jamfsoftware.com/article.html?id=102

pickerin
Contributor II

I'm pretty sure it's not working either, but let me try it again and document the error...thanks for continuing to help...

Okay, when run as a .scpt directly, it gets farther, but I'm getting an error on the JSS of:
"Script result: /Library/Application Support/JAMF/tmp/MountPrivateDir.scpt: execution error: «script» doesn’t understand the “quit” message. "

I think it's coming from this stanza:
if accountType is less than 1000 then tell me to quit
end if

That's the only reference to "quit" in the whole script. However, since that's valid AppleScript, the only thing I can think of is that "me" isn't set properly to the running script. Alas, I'm not as versed with AppleScript as I am Perl, Python, and Shell...

bentoms
Esteemed Contributor
Esteemed Contributor

As per the above, .scpt are not supported, can you convert to .applescript? The below should help you convert.

https://jamfnation.jamfsoftware.com/article.html?id=344

pickerin
Contributor II

LOL Ben, sorry totally missed the "non-compiled" part.
These don't really need to be converted, they're literally just the text script.
Copy/Paste from your website and you're good to go.

I'll try it out tomorrow when I'm back in the office.

pickerin
Contributor II

@bentoms

Oh well, thanks for the help. Same error as when I use the .scpt file:
[STEP 1 of 1]
Creating directory structure for /Library/Application Support/JAMF/Downloads/
Downloading https://casper.aaa-alliedgroup.com/CasperShare/Scripts/MountPrivateDir.applescript...
Running script MountPrivateDir.applescript...
Script exit code: 1
Script result: /Library/Application Support/JAMF/tmp/MountPrivateDir.applescript:958:962: execution error: «script» doesn’t understand the “quit” message. (-1708)

Maybe I can do something where the Self Service option loads the .app version on the system and/or caches it, then runs it remotely...

bentoms
Esteemed Contributor
Esteemed Contributor

This is a pain. :(

Maybe can you try & remove the lines:

else

tell me to quit

pickerin
Contributor II

Okay, I have it working, finally. It's not elegant, it should be easier than this, but it's working:

1) Took @bentoms script and exported it as an Application (MountPrivateDir.app).
2) Wrote a .sh script that just does: open /Applications/MountPrivateDir.app.
3) Packaged up #1 with a post-flight script of #2
4) Deployed Package via Self Service

This works except for:
1) It's slow. The Self Service just installs the Application every time.
2) It's repetitive. The application is already there, I just need to educate the user that they can run it.

Improvements:
1) I'll probably add to the post-flight script to create a Dock icon for the MountPrivateDir.app 2) I may write a pre-flight script to check for the existence of the Application, and just do the Open, but I'm not 100% sure how to then cancel the install.

Thanks to @bentoms for all the assistance.

bentoms
Esteemed Contributor
Esteemed Contributor

Have a look @ Dockutil to add to dock:https://github.com/kcrawford/dockutil

Also, why not scope it via a smart group whereby if the .app exists... Just run the open command.

Glad we got if working!

tkimpton
Valued Contributor II

Install as app and have a script to run at login to add to users login items :)

https://support.jamfsoftware.com/discussion.html?id=8697

bentoms
Esteemed Contributor
Esteemed Contributor

Hi Tim,

That was covered above using a LaunchAgent but doesn't follow the use case here.

tkimpton
Valued Contributor II

Ben

It is possible to mount the hidden users AD home directory via an app made by Applescript as you know.

My point was another way to skin the cat ;) that someone might find useful in the community and does follow the use case