Help

Help, Intermittent SMB shares, using kerberos and mountnetworkshare.sh

spowell01
Contributor

Posted on ‎05-24-2012 03:36 PM

Hello, were in a bad situation here.....started imaging our teachers machines today and all of a sudden MANY of our users are unable to mount their H:(network share) drive on login. We are using the mountnetworkshare.sh in the resource kit and have it set to use kerberos auth. All users DO have a valid kerb ticket, and the particular users that are failing are showing logs as follows.

/usr/sbin/jamf is version 8.52
Executing Policy Mount SMB Home...
Downloading https://kibsdjss.kibsd.org:443//Scripts//MountNetworkShare.sh...
Running Script MountNetworkShare.sh...
Script Exit Code:0
Script Result: Attempting to read SMBHome attribute from user record since the 'share' parameter is blank...
Share determined to be: smb://kibsddata.
Volume name will be created as kibsddata...
Attempting to mount smb smb://kibsddata using cfoster01's kerberos ticket...
Writing out launch agent to /Users/cfoster01/Library/LaunchAgents/com.jamfsoftware.mapdrive.kibsddata.plist
Loading com.jamfsoftware.mapdrive.kibsddata...

The correct AD profile path for this user is actually smb://kibsddata/cfoster01$
Her path was originally smb://kibsd-store/cfoster01$ and i moved the share to a new server(kibsddata) to see if that solved the issue...no luck still incorrectly read

Here is a successful log from a user that IS mounting their network drive.

/usr/sbin/jamf is version 8.52
Executing Policy Mount SMB Home...
Downloading https://kibsdjss.kibsd.org:443//Scripts//MountNetworkShare.sh...
Running Script MountNetworkShare.sh...
Script Exit Code:0
Script Result: Attempting to read SMBHome attribute from user record since the 'share' parameter is blank...
Share determined to be: smb://kibsd-store/mlinscheid01$.
Volume name will be created as mlinscheid01$...
Attempting to mount smb smb://kibsd-store/mlinscheid01$ using mlinscheid01's kerberos ticket...
Writing out launch agent to /Users/mlinscheid01/Library/LaunchAgents/com.jamfsoftware.mapdrive.mlinscheid01$.plist
Loading com.jamfsoftware.mapdrive.mlinscheid01$...

has anyone else seen this? we are imaging as I type and the more we get done, the larger the number of machines that aren't mounting their users network drives.......help!

0 Kudos
Reply
8 REPLIES 8

spowell01
Contributor

Posted on ‎05-25-2012 09:08 AM

there is definitely an issue with the resource kit script and our enviroment. Somehow its reading the attribute for SMBHome incorrectly...We have a case open with jamf support, but I figured someone else must have ran into this sporadic reading of AD profile path before.

0 Kudos
Reply

spowell01
Contributor

Posted on ‎05-25-2012 09:49 AM

So far ive confirmed that its affecting users who's names start with B and C....here is another example of a user who starts with B. It seems that /B and /C is getting read as an escape character or something in the script...

/usr/sbin/jamf is version 8.52 Executing Policy Mount SMB Home... Downloading https://kibsdjss.kibsd.org:443//Scripts//MountNetworkShare.sh... Running Script MountNetworkShare.sh... Script Exit Code:0 Script Result: Attempting to read SMBHome attribute from user record since the 'share' parameter is blank...
Share determined to be: smb://kibsd-storehaakanson01$.
Volume name will be created as kibsd-storehaakanson01$...
Attempting to mount smb smb://kibsd-storehaakanson01$ using bhaakanson01's kerberos ticket...
Writing out launch agent to /Users/bhaakanson01/Library/LaunchAgents/com.jamfsoftware.mapdrive.kibsd-storehaakanson01$.plist
Loading com.jamfsoftware.mapdrive.kibsd-storehaakanson01$...
com.jamfsoftware.mapdrive.kibsd-storehaakanson01$: Invalid argument

0 Kudos
Reply

frozenarse
Contributor II

Posted on ‎05-25-2012 10:27 AM

If you do a "launchctl list" within terminal do you see something like com.jamfsoftware.mapdrive.USERNAME$ ?

I noticed that the script worked the first time but not subsequent times if the share ended with a '$'. On line 247 of the script it is supposed to UNLOAD any existing mounts. But that command is contained within an 'if' clause (line 244) that uses grep to find out if they already exist. If there is a '$' the grep doesn't return any values.

I made a change to line 244:

instead of: $volumeName
Change it to: ${volumeName%$}

0 Kudos
Reply

spowell01
Contributor

Posted on ‎05-25-2012 10:36 AM

Hello Frozen, when i run launchctl list I do not see the properly formatted com.jamfsoftware.mapdrive.username$
I see:
com.jamfsoftware.mapdrive.kibsd-store

kibsd-store is the server the share is located at.

we will take a look at your change @ line 244

0 Kudos
Reply

frozenarse
Contributor II

Posted on ‎05-25-2012 11:24 AM

Sounds like 2 different issues to me...

Our AD attributes are formatted kind of like this: ServerShare$UserName

Yours appears to be like this: ServerShare_Username$ where each user has their own share.

0 Kudos
Reply

spowell01
Contributor

Posted on ‎05-25-2012 11:33 AM

You are correct, ours are formatted servershareusername$

0 Kudos
Reply

spowell01
Contributor

Posted on ‎05-25-2012 02:21 PM

we have a resolution to our issue, I will have my team member post his edits to the script in a bit.

0 Kudos
Reply

Stanford
New Contributor

Posted on ‎06-12-2012 01:44 PM

spowell01 - can you post those edits? I'm having a very similar problem and it would be helpful.

Thanks so much all!

0 Kudos
Reply