File Server Migration - Setting Custom "Connect To Server window" entries & Keychain query

matthsco
New Contributor II

Hi again,

Decided to make a new post as I didn't quite articulate what I wanted in the previous post

BACKGROUND
I am managing a File Server Migration, moving data away from a Windows VM data drive onto CIFS shares on our NetApp. The mission is for this to be as seamless as possible for our end users.
As part of this, we are keeping the server name "TOKYO" the same. We currently use Acronis Access Connect to share files from the Windows VM to Mac users, so when the migration is complete instead of connecting to AFP://TOKYO the machines / users will need to connect to CIFS://TOKYO

WHAT IS WORKING
I have a handle on mapping the new shares / network drives to the users desktops using Configuration Profiles and Mount Points, so that will handle ensuring each department has access to their respective network drives.

WHAT I NEED HELP WITH

ITEM #1 - SET A CUSTOM "CONNECT TO SERVERS" LIST
I want to ensure that any old entries in the Go > Connect To Server list are removed, and the new correct server address is listed.

eg: prior to File Server Migration a Mac might have the following entires under Connect to Servers window:
smb://server01
afp://TOKYO
smb://legacyserver01

I would like to ensure after the migration is complete any user who browses to Go > Connect To Server window only shows 1 entry that points to the correct, friendly DNS server name:

TOKYO

Otherwise I would probably settle for the server prefixed with the protocol - cifs://TOKYO

I think a simple copy-and-replace script to copy the preconfigured file with cifs://TOKYO entry into the current (or ideally, ALL user profiles) on the Mac would probably do the trick. I'll reply with a comment on what I have so far and what I'm stuck on.

ITEM #2 - KEYCHAIN & NETWORK AUTHENTICATION PROMPTS
The user accounts we use for network authentication are Active Directory accounts, set to Password Never Expire.
Mac users have a local user profile on their computers, and their Finder is set to remember network credentials for their current file server.

Given that the new file server will be mapping via CIFS://TOKYO instead of AFP://TOKYO there won't be any Keychain entries for the new server and users will be prompted to login. Most Mac users don't have a clue about their Windows AD credentials and would have to contact helpdesk to get them reset.

This would no doubt cause a huge amount of work, and project might be viewed as a failure based on the amount of work generated.

Any suggestions on the best way to deploy custom Connect to Servers lists and how we can avoid or at least mitigate the Network Authentication prompts would be much appreciated!

4 REPLIES 4

chris_price
New Contributor

have you tried slftool ?

matthsco
New Contributor II

Hi Chris,

Yes we have - great for a quick way to add items, but from what I have read that only adds servers to the Connect To Servers window, it doesn't let us (easily) clear servers from that list.

matthsco
New Contributor II

If anyone else is curious, I ended up writing a script that resolves the Connect To Server problem:

rm ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.FavoriteServers.sfl
killall cfprefsd
killall sharedfilelistd
killall Finder
rm ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.FavoriteServers.sfl
sfltool add-item -n "OSAKA" com.apple.LSSharedFileList.FavoriteServers "cifs://OSAKA/"

This clears the existing list, forces the changes to apply instantly, then adds the entry to the new server that I want.

jack_reacher
New Contributor

NICE ARTICLE