Jamf Nation Community

I'm not a big fan of AppleScript, but I'll give it a try. I just assumeed
that running as a script wouldn't prompt the user in the GUI.

Sent from Ken's iPhone

Correct me if I'm wromg, useds in managed enviroments (AD, OD, Thomas Larkin <tlatkin at kckps.org> wrote:
Kerberos, etc.) shouldn't be prompted to authenticate.

Don

Correct,

I think this script will work for my needs. In this environment,
users' machines are bound to an old Open Directory, but for our new
business system they need to mount a smb share on a windows server
that is in AD. In the future we are planning to ditch open directory
for this buisness unit.

Sent from Ken's iPhone

I am confused, do you want it to ask for authentication or use Kerberos?

---

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351
chown -R us /.base

"Thomas Larkin" <tlarki at kckps.org> wrote: I am confused, do you want it to ask for authentication or use Kerberos?

Hi Thomas,

Our users in AD bound environments don't get prompted when Applescript is used to mount AFP and SMB shares at login.

Don

i mount my shares via WorkGroupManager, i just add the share to the login items managed preference and when the user logs in it mounts the share using their kerberos access

Criss

Criss Myers
Senior Customer Support Analyst (Mac Services)
Apple Certified Technical Coordinator v10.5
LIS Business Support Team
Library 301
University of Central Lancashire
Preston PR1 2HE
Ex 5054
01772 895054

I think everyone is confused, or missing what Ken i s accomplishing. He has
an AD system and an OD system that are NOT linked. Two different
directories right now. The Macs are bound to the OD system, but need to
mount an SMB share from the AD system, hence the requirement to ask for
credentials.

The future plan is for the Macs to be bound to AD and pull kerberos
authentication from AD at that time. Once that happens, he can auto mount
the SMB share with requiring an authentication dialog.

Steve Wood
Director of IT
swood at integer.com

The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
T 214.758.6813 | F 214.758.6901 | C 940.312.2475

That is what I thought I read the first time. My Apple script will work just fine for that, and it is quite simple. I use self service to run a few scripts that mount a network share and run a testing application that needs to map the database files from that share. I use a combination of both apple and shell since you can invoke both from one another. Quite robust tools actually, and self service makes it a snap for end users to run. They just click a button.

-Tom

Ah, OK, I guess what threw me off was that there were two different directories, I guess there are reasons for it. The scripts Tom posted would probably be just the ticket then. Apologies for the confusion. Is there a reason the OP is running dual directories?
=On Dec 7, 2009, at 8:19 AM, Thomas Larkin wrote:

Don

Thanks Steve... you hit it right on the head.

I think that this question has been answered already by just using the apple script. However I need to verify that it creates the same mount name in /Volumes every time. It seems that some computers mount it slightly differently... I need to verify that this is the case.

Thanks again everyone!

The reason for our dual directories

The business unit that this is affecting had both an OD and AD environment when our company acquired them. Their AD was a .local domain and early attempts at the "golden triangle" configuration failed because of this. Since then this company has been brought into our AD infrastructure and I'm planning on getting rid of OD all together. The Mac servers at this particular site will be refreshed and joined to the AD Kerberos.

In the meantime it is a pain maintaining two directories... we have pc users that also have to access sharepionts on the mac servers... they have problems all the time forgetting their passwords and keeping their mapped drives working.

It should work just fine, here is an example of a script I use in my production environment:

tell application "Finder"

mount volume "afp://user:password@fs493.kckps.k12.ks.us/FS493.VOL2"

delay 8 repeat 25 times if (exists "FS493.VOL2") then do shell script "open -a TestTaker" exit repeat

end if delay 2 end repeat end tell

It will mount the share as the name exactly as posted, then it will launch the test taker application once it is mounted.

Sounds like you'll be busy with that migration for a while. :) Good luck, hope things go smoothly. I'm assuming your plan is to use AD for authentication...how will you be handling MCX? Schema extensions? AD Plug-In? Or are you planning on using Casper for MCX?
On Dec 7, 2009, at 8:59 AM, Edgar, Ken wrote:

Don

Don,

Yeah, a lot of my work will be to figure out users/groups and re- architecting the server environment. They have a lot of Xserve Raids that I'd like to get rid of and I'd like to clean up their fibre network as well. Currently none of the Macs are getting MCX, however we have been going through PCI DSS which is how I got them here to spring for Casper. So we'll be using Casper managed preferences going forward.

Thanks,
Ken