Posted on 09-03-2021 06:30 AM
I'm new to Jamf Pro and MacOS, so bare with me. I'm trying to find an alternative method to mapping two network drives for new computer deployments. Each user has an H drive for their local files, and an S drive for department files. These were originally mapped as part of our enterprise connect package/scripts. They stopped working with Big Sur.
I've had some luck with the script below. However it prompts for credentials and places both shares under Locations on the Finder sidebar. Ideally I'd like to avoid the login prompt and have the mapped drives display as desktop shortcuts.
# Mount the network home
mount_script=`/usr/bin/osascript > /dev/null << EOT
# tell application "Finder"
mount volume "smb://servername/shares/"
mount volume "smb://servername/home/"
# end tell
Posted on 09-03-2021 06:58 AM
Did you switch over to the Kerberos SSO? The shares should mount automatically if you have a Kerberos ticket.
Also, if you want, you can have the script run automatically once KSSO logs in successfully. Take a look at this document from HCS:
A Guide for configuring Kerberos SSO
It explains how to use distributed notifications to launch scripts on certain events.
Posted on 09-03-2021 07:04 AM
Thanks for the input. We haven't switch over to kerberos yet. We haven't approved Big Sur for on campus use yet. This is one of the pieces I'm trying to get working. I've been told we won't be making the kerb change for a while.
Posted on 09-03-2021 12:16 PM
macOS Big Sir is not required. You can deploy the Kerberos Single Sign-on Extension to Macs running macOS Catalina and newer.
Posted on 09-03-2021 12:24 PM
Right, but we are not implementing Kerberos Single Sign-on at this time. I'm just looking for a quick fix until we do.
Posted on 09-03-2021 12:26 PM
Understood. Your post implied that you are not using Kerberos because you have not yet deployed Big Sur. Sorry for the confusion.
Posted on 09-24-2021 09:26 AM
I was able to map the drives using a configuration profile from Jamf. However there doesn't appear to be a way to include this in the Enterprise Connect install policy. Does anyone have ideas how to achieve that? I was testing with the copying of plists, but haven't had any luck yet
Posted on 04-13-2022 02:14 PM
We are planning to move to Single Sign on (SSO) very soon. I'm looking for a script or method to mount network drives. Previously our script called dscl -u username -P password '/Active Directory/Domain/All Domains' ...... But with the systems unbound this will not be a possibility. Any solutions out there?
Posted on 04-13-2022 06:33 PM
The Kerberos Single Sign-on Extension can be used to run scripts. You can use a launchd to mount a network share when the network is available, or delete a keychain item when the user changes their password, for example.
Posted on 04-14-2022 06:36 AM
Hello. Yes I have seen the examples of how SSO extension can run scripts upon several triggers. I'm looking for a specific script to mount network shares based upon the groups a user belongs to. Since the systems are no longer bound, they cannot pull information from dscl as they had in the past.