Posted on 07-07-2016 08:13 AM
I am setting up a new OSX server running EL CAPITAN with the latest profile manager. I am connecting it to active directory and the MAC workstations to active directory and OPEN DIRECTORY. Right now, when a user logs into the MAC, they can go to GO TO and HOME and see their windows AD home folder. However, I would like it to map to the MAC home folder so a user can just hit DOCUMENTS or PICTURES etc and they are mapped to their windows equivalent from the HOME that is mounted. How do I do this? what script do I need etc...
Thanks... Dave
Posted on 07-07-2016 08:26 AM
(1st - please don't type "Mac" in all-caps. That's a specific networking term, the computer OS is an abbreviation of "Macintosh" and thus should be "Mac" and not "MAC" It makes many Apple/Mac admin types twitch ;) .)
If you're using the standard, default AD plugin, there isn't an automatic way to do this, although you CAN sync folders to their AD network share. But telling the Mac to use "Pictures" on the home folder isn't natively supported, it will just create its own folders there instead. Not sure if this is close enough for you or not. Otherwise, 3rd party plugin tools such as Centrify give a little more granular control over things.
Posted on 07-07-2016 07:14 PM
This is exactly what I am doing here at our work. I have setup a policy that executes at login which runs a script to delete and recreate the Documents, Pictures, Movies etc. as symbolic links to the AD home location which in my case when a network user logs in is /Volumes/Net/.
eg:
rm -rf /Users/$3/Movies
ln -s /Volumes/Net/My Documents/My Videos /Users/$3/Movies
FYI we only use this on desktop Macs
Has been working quite well so far.
Posted on 07-08-2016 06:55 AM
PatrickD, Is the script you posted the entire script? How does it get your server name etc? Can you share your entire script? I would love to make this work for our setup.
Thank you ....
Posted on 07-11-2016 03:21 PM
#!/bin/sh
#Skip redirection if user is localadmin
if [ "$3" == "localadmin" ]; then
echo "Localadmin, skipping folder redirection"
exit
fi
sleep 5
MYDSKDIR="/Volumes/net/Desktop"
MYDOCDIR="/Volumes/net/My Documents"
MYPICDIR="/Volumes/net/My Documents/My Pictures"
MYVIDDIR="/Volumes/net/My Documents/My Videos"
MYMUSDIR="/Volumes/net/My Documents/My Music"
echo $MYDSKDIR
echo $MYDOCDIR
echo $MYPICDIR
echo $MYVIDDIR
echo $MYMUSDIR
echo ----------------- User -------------------
echo $USER
echo $3
echo ----------------- Checking Folders ---------------
if [ -d "$MYDOCDIR" ]; then
echo "$MYDOCDIR is Available!"
else
echo "$MYDOCDIR is Empty"
fi
if [ -d "$MYDSKDIR" ]; then
echo "$MYDSKDIR is Available!"
else
echo "$MYDSKDIR is Empty"
fi
if [ -d "$MYPICDIR" ]; then
echo "$MYPICDIR is Available!"
else
echo "$MYPICDIR is Empty"
fi
if [ -d "$MYVIDDIR" ]; then
echo "$MYVIDDIR is Available!"
else
echo "$MYVIDDIR is Empty"
fi
if [ -d "$MYMUSDIR" ]; then
echo "$MYMUSDIR is Available!"
else
echo "$MYMUSDIR is Empty"
fi
if [ -d "${MYDSKDIR}" -a -d "${MYDOCDIR}" ]; then
echo "$MYDSKDIR and $MYDOCDIR are both Available!"
else
echo "####Your Account has a Problem, Please Visit IT Dept####"
sleep 5
fi
ECHO ----------------- Redirecting Folders ---------------
#Wait for OS X to Create Local Homes
sleep 4
rm -Rf "/Users/$3/Documents"
ln -sFfh "/Volumes/net/My Documents" "/Users/$3/Documents"
rm -Rf "/Users/$3/Desktop"
ln -sFfh /Volumes/net/Desktop "/Users/$3"
rm -Rf "/Users/$3/Pictures"
ln -sFfh "/Volumes/net/My Documents/My Pictures" "/Users/$3/Pictures"
rm -Rf "/Users/$3/Movies"
ln -sFfh "/Volumes/net/My Documents/My Videos" "/Users/$3/Movies"
rm -Rf "/Users/$3/Music"
ln -sFfh "/Volumes/net/My Documents/My Music" "/Users/$3/Music"
rm -Rf "/Users/$3/Downloads"
ln -sFfh "/Volumes/net/My Documents/Downloads" "/Users/$3/Downloads"
ECHO ----------------- Completed Script -------------------
#$SLEEP 4
killall Finder
exit
Posted on 07-11-2016 03:35 PM
Finder should automatically mount your network share so long as the Config Profile Directory Payload has the following option is ticked [Use UNC path from Active Directory to derive network home location] and the machine is connected to the network.
Let me know if you have any questions.
Posted on 07-11-2016 04:22 PM
It does except years ago we when we were on Windows XP and we switched to windows 7, everyone had MY DOCUMENTS in their home folder on the server. This now plays a problem since when a user logs into a mac, it looks for DOCUMENTS, and not just MY DOCUMENTS or the root on the share (students have their documents in the root of their share while staff has a MY DOCUMENTS in the root). Since the MAC doesnt find a DOCUMENTS, it creates one. That is OK for now as they can do a go-->home and see the windows my documents. They get a new DOCUMENTS folder for the MAC side. I was hoping there was a way to fix this on the mac side but maybe not..
Posted on 01-09-2017 09:24 AM
Hey There, I'm new here, I have the same problem, I want that the computers load the roaming profil from the dc when the users log in.
I don't want local profiles. How I can change this? What I need to know and how can I use the Script?
On Windows clients the roaming profil load without problems. On Mac the Mac create local profil folder. I dont have activate mobile profil and deativate create local Profil at the directory Utility...
IT would be important, perhaps someone could write me a little how to?
At the Script what is local admin meaning? Best Regards
Posted on 01-09-2017 01:49 PM
Hi @Dan_FFM
Are you trying to load a roaming Windows profile from the DC to the Macs? If so I definitely can't see that working.
If you are trying to load the user profile that someone configures on a directory bound Mac and then have that synced to the DC with the intention that the DC hosted profile would then be used whenever a user logs on to another Mac?
I think get what you are trying to do, which is copy all of, or portions of, the ~/Library/ to the DC for each user once they have logged on to a Mac and then use the DC hosted copy as the users ~/Library/ (Application and System Preferences) so that their preferences are the same no matter what directory bound Mac they logon to.
I see several problems with this. If your DC is a Windows server, there will be conflicts with special characters that are include in file and directory names under ~/Library/ with from my experiences causes all sorts of permission corruptions and issues. What aspects of the profile are you trying to load from the DC?
Additionally we are all (jamf nation) here to help each other resolves issues, develop solutions and provide advice, but it would be nearly impossible for someone to write you a how-to for something like this as every Mac environment is unique. I am more than happy to help you however.
Lastly, to answer your question about the localadmin meaning. localadmin is the local administrator account that we use for management. Being a local account, it obviously doesn't have a network home folder so I added an if statement at the beginning of the script to check if the user is localadmin and then exit the script to skip the folder redirection.
Cheers,
Pat
Posted on 01-11-2017 01:22 AM
Hey,
thank you for your answer,
I have get connected the MacBooks to the active directory. We're using Windows Server 2016 and Exchange as Hyper-V.
We want for all mac's a network home path.
This I have get installed.
I have forgot to set an smb patch on my dc with a drive letter.
Sometimes it open excel without problems, and sometimes I get the error windows first when I close excel when its not starting. This confuse me.
:) Best Regards,
So I can logon with a network path.
We don't want to have local profits on the machines.
We are a little company and want that all company files and documents are directly placed on the server. (no sync)
But yet I have found the first Issue, If I will use Microsoft Excel on local account it will work without problems.
When I will start it, it crashes. I have downloaded all Updates from Microsoft Office.
We only need Microsoft Office.
If the jamf nation could solve these problems we would also be interested into this solution.
I have tested the admitmac, but this tool don't work.
Perhaps someone could help me.
At the disk utility I have deactivate the force create local path. So that the files should only be placed on the server.
I have thought it could be a reason that I'm using Wifi. Could a lan cable solve this problems?
Posted on 01-17-2017 04:55 AM
Hi @PatrickD
Hope you don't mind, but I've adapted the script you posted and it works really well in a test environment I'm running at the moment with just one issue. The defaults folders inside the user home don't actually get deleted, the symbolic links are created within them.
Is this expected behaviour or do you have any idea what could be using this? SIP maybe? This on 10.11.6.
Kind regards
Posted on 04-04-2017 11:40 AM
How would you set your script up for the newer versions of windows?
Would this work?
Also, will it run in sierra as they've changed a few things.
#!/bin/sh
#Skip redirection if user is localadmin
if [ "$3" == "localadmin" ]; then
echo "Localadmin, skipping folder redirection"
exit
fi
sleep 5
MYDSKDIR="/Volumes/net/Desktop"
MYDOWDIR="/Volumes/net/Downloads"
MYDOCDIR="/Volumes/net/Documents"
MYPICDIR="/Volumes/net/Pictures"
MYVIDDIR="/Volumes/net/Movies"
MYMUSDIR="/Volumes/net/Music"
echo $MYDSKDIR
echo $MYDOWDIR
echo $MYDOCDIR
echo $MYPICDIR
echo $MYVIDDIR
echo $MYMUSDIR
echo ----------------- User -------------------
echo $USER
echo $3
echo ----------------- Checking Folders ---------------
if [ -d "$MYDOCDIR" ]; then
echo "$MYDOCDIR is Available!"
else
echo "$MYDOCDIR is Empty"
fi
if [ -d "$MYDOWDIR" ]; then
echo "$MYDOWDIR is Available!"
else
echo "$MYDOWDIR is Empty"
fi
if [ -d "$MYDSKDIR" ]; then
echo "$MYDSKDIR is Available!"
else
echo "$MYDSKDIR is Empty"
fi
if [ -d "$MYPICDIR" ]; then
echo "$MYPICDIR is Available!"
else
echo "$MYPICDIR is Empty"
fi
if [ -d "$MYVIDDIR" ]; then
echo "$MYVIDDIR is Available!"
else
echo "$MYVIDDIR is Empty"
fi
if [ -d "$MYMUSDIR" ]; then
echo "$MYMUSDIR is Available!"
else
echo "$MYMUSDIR is Empty"
fi
if [ -d "${MYDSKDIR}" -a -d "${MYDOCDIR}" ]; then
echo "$MYDSKDIR and $MYDOCDIR are both Available!"
else
echo "####Your Account has a Problem, Please Visit IT Dept####"
sleep 5
fi
ECHO ----------------- Redirecting Folders ---------------
#Wait for OS X to Create Local Homes
sleep 4
rm -Rf "/Users/$3/Documents"
ln -sFfh "/Volumes/net/My Documents" "/Users/$3/Documents"
rm -Rf "/Users/$3/Downloads”
ln -sFfh "/Volumes/net/Downloads” "/Users/$3/Downloads”
rm -Rf "/Users/$3/Desktop"
ln -sFfh /Volumes/net/Desktop "/Users/$3"
rm -Rf "/Users/$3/Pictures"
ln -sFfh "/Volumes/net/My Documents/My Pictures" "/Users/$3/Pictures"
rm -Rf "/Users/$3/Movies"
ln -sFfh "/Volumes/net/My Documents/My Videos" "/Users/$3/Movies"
rm -Rf "/Users/$3/Music"
ln -sFfh "/Volumes/net/My Documents/My Music" "/Users/$3/Music"
ECHO ----------------- Completed Script -------------------
#$SLEEP 4
killall Finder
exit
Posted on 04-09-2017 03:58 PM
Hi @lozzareeves ,
Re the newer version of Windows no longer using the "My" prefix, it should work as long as the variable points to the correct location; however, don't forget to change it in all locations where the home folder is referenced in the script, i.e. the end of the script which redirects the folders using symbolic links. Consider using the actual variable in these other locations so you only have to change it in one spot.
Re will it work on Sierra? Unsure as I have not tested it. As long as Sierra continues to mount the network home folder using the UNC path in the same manner, then it should work.
Cheers,
Pat
Posted on 08-30-2017 03:38 AM
HI All has anyone tried this on 10.12.6? this is what im looking to do but cant seem to get it running. also if i have another shared drive running would i have to specify the users home dir?
Posted on 02-06-2018 03:03 PM
Hi @PatrickD and others,
I looked long and hard for a solution to map our students home directories on a primarily windows based network correctly when they log into Macbook airs bound to the domain, and your approach of using symlinks was the closest to achieving what I was trying to do, but it didn't quite get all the way, so I took the idea and wrote and tested the following scripts over a period of a few days.
One limitation was that I was uncomfortable with the local directories being deleted without saving any contents from them before being replaced with symlinks, as the computers I was applying the scripts to had previously had work saved locally. So I wanted automatic migration of local documents to the server home directory.
Because there is so little out there that does this I wanted to share the scripts I came up with, as is, with a bit of explanation of what they do for anyone who might find them useful.
There are two scripts which should be copied into /Library/Scripts and made executable with chmod.
MountHomeDir.sh login script:
#!/bin/bash
# Mac OS X Login script to arbitrarily map chosen local home directory folders such as Documents to a Windows Server SMB home directory volume.
#
# Requires the computer to be bound to an Active Directory Domain in Users & Groups to authenticate to the share. Customise USERPATH to match your
# user volume network path, and migrate_directory and restore_directory calls to map home directory folders to the server as desired. The included
# defaults map well for Windows 7 clients, for example the Mac folder Movies maps to My Documents/My Videos on a Windows client using the same home share.
#
# The script will create the users home directory on the server if necessary in case they have not logged in with a Windows PC before. Chosen folder mappings
# will also be created on the server automatically. Any files/folders already in the local folders that will be mapped are automatically rsynced to the
# SMB share before the directory is replaced with a symlink so will not be lost. If in future the server cannot be mounted the symlinks will be replaced
# by empty directories to allow local saving of new files until the server can be mounted again at which time locally saved files will be migrated again.
#
# Copy this script MountHomeDir.sh and its companion UnmountHomeDir.sh into /Library/Scripts/ as root and ensure they are marked executable using
# 'chmod a+x /Library/Scripts/*HomeDir.sh'. Create login and logout hooks for them by running
# 'sudo defaults write com.apple.loginwindow LoginHook /Library/Scripts/MountHomeDir.sh' and
# 'sudo defaults write com.apple.loginwindow LogoutHook /Library/Scripts/UnmountHomeDir.sh'.
#
# Script tested on Mac OS X High Sierra and written by Simon Byrnand <sbyrnand@gmail.com>. This script is in the public domain and free to use for any purpose.
# Use this script at your own risk, no responsibility taken for any data loss.
#
# Version 1.0, 20/01/2018.
migrate_directory()
{
# Ensure the directory we are about to migrate to exists on the server.
mkdir -p "$MOUNTPOINT/$2"
if [ ! -L "$HOME/$1" ] && [ -e "$HOME/$1" ]
then
# Migrate existing files and folders to the remote home directory before replacing local directory with a symlink.
echo "Migrating $HOME/$1 to $USERPATH/$USER/$2"
rsync -av --update "$HOME/$1/" "$MOUNTPOINT/$2/"
rm -rf "$HOME/$1"
else
rm -f "$HOME/$1"
fi
# rm before ln is neccessary as ln -F doesn't seem to be honoured!
ln -sFfh "$MOUNTPOINT/$2" "$HOME/$1"
}
restore_directory()
{
if [ -L "$HOME/$1" ];
then
echo "Restoring $HOME/$1 to an empty directory"
rm -f "$HOME/$1"
sudo -u "$USER" mkdir -m 700 -p "$HOME/$1"
fi
}
# Work around a bug in High Sierra where fast user switching login sessions do not get the correct PATH.
export PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin
# User home directory network share - set this to the base path one level above the users individual folder.
USERPATH="//yourserver.domain.local/users"
USER="$1"
HOME=$(eval echo "~$1")
# uncomment the following two lines to enable debug logging in /var/log.
#exec > "/var/log/MountHomeDir-$USER.log"
#exec 2>&1
if dscl . -list "/Users/$USER" >/dev/null 2>&1
then
echo "Skipped mounting remote home directory - $USER is a local user account"
exit 0
fi
MOUNTPOINT="/Volumes/$(hostname -s)_$USER"
rmdir "$MOUNTPOINT"
if [ ! -d "$MOUNTPOINT" ]
then
echo "Mounting $USERPATH at $MOUNTPOINT"
mkdir -m 700 -p "$MOUNTPOINT"
if mount -t smbfs -o nobrowse "$USERPATH" "$MOUNTPOINT"
then
# Create the users home directory on the server if it doesn't exist yet.
echo "Creating/Verifying home directory $USERPATH/$USER on the server"
mkdir -p "$MOUNTPOINT/$USER"
echo "Unmounting $USERPATH"
umount -f "$MOUNTPOINT"
mkdir -m 700 -p "$MOUNTPOINT"
chown $(id -u "$USER"):$(id -g "$USER") "$MOUNTPOINT"
# remount the server directly at the users home directory.
echo "Mounting $USERPATH/$USER at $MOUNTPOINT"
# If you want to prevent the mount point appearing on the desktop uncomment
# the mount command with -o nobrowse and comment out the first one.
if sudo -u "$USER" mount -t smbfs "$USERPATH/$USER" "$MOUNTPOINT"
#if sudo -u "$USER" mount -t smbfs -o nobrowse "$USERPATH/$USER" "$MOUNTPOINT"
then
# migrate the local directories on the left to the remote directories on the right.
# contents of the directory is first rsynced to the destination before the directory
# is replaced with a symlink. Folder name mappings can be customised here.
migrate_directory "Desktop" "Desktop"
migrate_directory "Downloads" "Downloads"
migrate_directory "Documents" "My Documents"
migrate_directory "Movies" "My Documents/My Videos"
migrate_directory "Music" "My Documents/My Music"
migrate_directory "Pictures" "My Documents/My Pictures"
else
echo "Unable to mount $USERPATH/$USER"
MOUNTFAILED=1
fi
else
echo "Unable to mount $USERPATH"
MOUNTFAILED=1
fi
else
echo "Unable to mount $USERPATH because $MOUNTPOINT already exists and could not be removed"
MOUNTFAILED=1
fi
if [ "$MOUNTFAILED" = 1 ]
then
# couldn't connect to the server so our symlinks will be useless - replace symlinks with normal directories to allow working offline.
# Files saved in these local directories will be migrated to the server automatically during the next login where the server can be mounted.
# This list of directories should match the list of migrate_directory calls.
restore_directory "Desktop"
restore_directory "Downloads"
restore_directory "Documents"
restore_directory "Movies"
restore_directory "Music"
restore_directory "Pictures"
# remove the & on the following line if you want to make the warning dialog modal and delay loading the Finder until the user reads and dismisses the dialog.
osascript -e 'display dialog "Warning! Unable to connect to network home drive. During this logon session files will only be saved to the local hard drive." buttons {"OK"} with icon stop' &
fi
UnmountHomeDir.sh companion logout script:
#!/bin/bash
# Mac OS X Logout script to arbitrarily map chosen local home directory folders such as Documents to a Windows Server SMB home directory volume.
#
# This script UnmountHomeDir.sh is the companion to MountHomeDir.sh.
#
# Version 1.0, 20/01/2018.
# Work around a bug in High Sierra where fast user switching login sessions do not get the correct PATH.
export PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin
USER="$1"
HOME=$(eval echo "~$1")
# uncomment the following two lines to enable debug logging in /var/log.
#exec >> "/var/log/MountHomeDir-$USER.log"
#exec 2>&1
if dscl . -list "/Users/$USER" >/dev/null 2>&1
then
echo "Skipped unmounting remote home directory - $USER is a local user account"
exit 0
fi
MOUNTPOINT="/Volumes/$(hostname -s)_$USER"
echo "Unmounting $MOUNTPOINT"
umount -f "$MOUNTPOINT"
rmdir "$MOUNTPOINT" 2>/dev/null
For expediency I chose to enable the login and logout scripts by just locally creating Login and Logout hooks:
sudo defaults write com.apple.loginwindow LoginHook /Library/Scripts/MountHomeDir.sh
sudo defaults write com.apple.loginwindow LogoutHook /Library/Scripts/UnmountHomeDir.sh
These scripts were tested on High Sierra but should go back to about 10.9. Here is a bit of a description of what it does.
First you would need to edit USERPATH to point to your home volume share - the URL should be the base path one level above individual user folders. The script also assumes that the users home directory is named directly after their username. (Provided in $1 in login/logout scripts) If this is not the case you may need to modify the script for example to use dscl to try to retrieve the home directory from Active Directory. Uncomment the two exec lines if you want to enable debug logging.
The mapping between local directories in the Mac users home folder (Documents, Movies etc) can be arbitrarily mapped to directories on the server home share. This is set by the migrate_directory function calls starting at line 99 and the restore_directory calls at line 124 should also match.
I chose to try to map directories as best as possible to their Windows counterparts so that students moving back and forth between Windows and Mac will see their files in the most logical place. For example Movies is mapped to My Documents/My Videos, but you can customise these any way you like. Do NOT try to map the Library folder to the server, nor the entire home directory.
The login script in simplified terms does the following:
Mount USERPATH directly and attempt to create the users home directory on the server - which won't exist if they haven't previously logged into a Windows client. Unmount then re-mount directly at the users own home directory. The local mount point is in /Volumes with a unique combination of username and local hostname to try to avoid clashes with mounted disks.
You can choose to have the /Volumes mount displayed on the desktop or not - I have it enabled as it is a quick way to reach the network home directory, although it does mean the user is able to unmount it by dragging it to the trash. I was not able to find a way to prevent this.
For each directory mapping attempt to migrate the directory to the server. This means any contents within the local directory (for example Documents/ ) is first moved to the server before the directory is removed and replaced with a symlink pointing to the location on the server.
Instead of just doing a cp -av I decided to use rsync --update, which will merge the local files with any files already on the server and only replace existing files of the same name on the server if the local copy is newer, which seems to be the safest merging strategy, but you can modify the options passed to rsync to choose other strategies, such as renaming duplicates.
The companion unmount script will unmount the server when the user logs out, otherwise it would remain mounted at the login script or whilst another user is logged in.
If for any reason the server can't be reach or mounted during login, restore_directory will remove the symlinks and replace them with empty directories - they won't have access to their server based files, but they will have normal directories that they could save new work in locally instead of unusable symlinks. And then next time they log in and can connect to the server the locally saved files will be auto-migrated to the server.
If the server can't be mounted a dialogue is also displayed on screen (osascript at the bottom) and you can choose whether this dialog is modal and must be dismissed before the finder appears or whether it appears over the top of the finder.
Fast user switching is supported with multiple users logged in at once.
There is a lot of error checking and redundancy in the script and it had a good solid weeks worth of testing so I believe it to be fairly solid, but of course I provide it as is.
Hopefully this will save someone else hours of searching for scripts to do this and having to write their own from scratch!
Posted on 02-20-2018 06:58 AM
So the only issue we find now is the library folder doesn't work, the documents, desktop seem to work now without using any scripts.
When you go to add something like an email account, change the home URL on safari or anything to do with the library folder then it just won't save or allow it.
Any ideas?
Posted on 03-13-2018 02:25 AM
Hi.
The script is great, works really well in testing so far. I have a question though - could it not be set as a login script in JAMF as opposed to being set on each client machine? We have had so many performance issues related to network home folders and this may be an ideal solution.
Many thanks.
Posted on 03-22-2018 02:47 AM
Are you using Patrick's script or mine ?
In any case, you can't map the Library folder to an SMB share - that's why in my script I explicitly leave it out and only map Documents, Pictures etc rather than trying to map the entire users home directory at once.
The reason is that the SMB share cannot preserve the special permissions that are used by many system and preferences files under the users Library folder.
It may appear to work at first but you will definitely have problems attempting to map Library to the users home share. I tried it for a while but had multiple sometimes bizarre problems (like terminal not working) until I realised what the issue was.
Also not sure if you're referring to Patrick's script or mine, but I can't see any reason why you couldn't use Jamf to set it as a login script. As I don't use Jamf I haven't tried it - I only had 12 devices to set up so for me it was easier to manually set up the LoginHook and LogoutHook as I was copying the scripts onto the machines anyway.
Posted on 04-20-2018 10:30 AM
Thanks for the script. It's really sped up my development of a script similar to this (it's now 95% yours) but I'm having an issue reading the user's group from AD at login.
My computers automount the network home on login so that's the reason for the change in USERPATH
currGroups=$(id -Gnr $USER)
if [[ "$currGroups" = *"My Staff"* ]]
then
USERPATH="/Volumes/staff/"
else
USERPATH="/Volumes/students/"
fi
HOME=$(eval echo "~$1")
At login when run as a loginhook it seems to not know what group the user belongs to, and it always bombs out to the "students" userpath. I have a test script with just the code above and when my test user (who is in the "My Staff" group) is already logged in it evaluates to staff. Is there a way around this?
Posted on 04-27-2018 12:10 PM
I have modified your original script to add a sync function. Thanks for doing all the heavy lifting on this. My solution for determing the proper user share point was to attempt to mount at each until one worked. Also had to straighten out the migrate_directory function in relation to $mountpoint vs. $userpath$user using $mountpoint worked better.
loginhook script
#!/bin/bash
# Mac OS X Login script to arbitrarily map chosen local home directory folders such as Documents to a Windows Server SMB home directory volume.
#
# Requires the computer to be bound to an Active Directory Domain in Users & Groups to authenticate to the share. Customise USERPATH to match your
# user volume network path, and migrate_directory and restore_directory calls to map home directory folders to the server as desired. The included
# defaults map well for Windows 7 clients, for example the Mac folder Movies maps to My Documents/My Videos on a Windows client using the same home share.
#
# The script will create the users home directory on the server if necessary in case they have not logged in with a Windows PC before. Chosen folder mappings
# will also be created on the server automatically. Any files/folders already in the local folders that will be mapped are automatically rsynced to the
# SMB share before the directory is replaced with a symlink so will not be lost. If in future the server cannot be mounted the symlinks will be replaced
# by empty directories to allow local saving of new files until the server can be mounted again at which time locally saved files will be migrated again.
#
# Copy this script MountHomeDir.sh and its companion UnmountHomeDir.sh into /Library/Scripts/ as root and ensure they are marked executable using
# 'chmod a+x /Library/Scripts/*HomeDir.sh'. Create login and logout hooks for them by running
# 'sudo defaults write com.apple.loginwindow LoginHook /Library/Scripts/MountHomeDir.sh' and
# 'sudo defaults write com.apple.loginwindow LogoutHook /Library/Scripts/UnmountHomeDir.sh'.
#
# Script tested on Mac OS X High Sierra and written by Simon Byrnand <sbyrnand@gmail.com>. This script is in the public domain and free to use for any purpose.
# Use this script at your own risk, no responsibility taken for any data loss.
#
# Version 1.1, 2018/04/27.
# Work around a bug in High Sierra where fast user switching login sessions do not get the correct PATH.
export PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin
migrate_directory()
{
# Ensure the directory we are about to migrate to exists on the server.
if [ ! -L "$MOUNTPOINT/$2" ] && [ -e "$MOUNTPOINT/$2" ]
then
# Migrate existing files and folders to the remote home directory before replacing local directory with a symlink.
echo "Migrating $HOME/$1 to $MOUNTPOINT/$2"
rsync -av --update "$HOME/$1/" "$MOUNTPOINT/$2/"
rm -rf "$HOME/$1"
# rm before ln is neccessary as ln -F doesn't seem to be honoured!
ln -sFfh "$MOUNTPOINT/$2" "$HOME/$1"
else
rm -f "$HOME/$1"
fi
}
sync_directory()
{
# Ensure the directory we are about to sync to exists on the server.
if [ ! -L "$MOUNTPOINT/$1" ] && [ -e "$MOUNTPOINT/$1" ]
then
# Sync existing files and folders to the local home directory from server and make local directory if necessary
if [ ! -L "$HOME/$1" ] && [ -e "$HOME/$1" ]
then
sudo -u "$USER" mkdir -m 750 -p "$HOME/$1"
fi
echo "Syncing $MOUNTPOINT/$1/$2 to $HOME/$1/$2"
sudo -u "$USER" rsync -av --update "$MOUNTPOINT/$1/$2" "$HOME/$1/$2"
fi
}
restore_directory()
{
if [ -L "$HOME/$1" ];
then
echo "Restoring $HOME/$1 to an empty directory"
rm -f "$HOME/$1"
sudo -u "$USER" mkdir -m 700 -p "$HOME/$1"
fi
}
# User home directory network share - set this to the base path one level above the users individual folder.
USER="$1"
MOUNTPOINT="/Volumes/$(hostname -s)_$USER"
USERPATH="//some.server.com/students"
UGROUPS=$(id -Gnr $USER);
# clean old mountpoints for this user just in case of a crash or power failure
if [ -d "$MOUNTPOINT" ]
then
echo "Unmounting orphaned $MOUNTPOINT"
umount -f "$MOUNTPOINT"
rmdir "$MOUNTPOINT" 2>/dev/null
fi
# Try to mount under first share, switch to different share if it fails
#if mount -t smbfs -o nobrowse "$USERPATH" "$MOUNTPOINT"
if [[ $UGROUPS == *"My Staff"* ]]
then
USERPATH="//some.server.com/staff"
echo "Staff userpath"
fi
HOME=$(eval echo "~$1")
# ignore local users
if [ "$USER" == "adminuser" ]
then
echo "Skipped mounting remote home directory - $USER is a local user account"
exit 0
fi
echo "Attempting mount"
rmdir "$MOUNTPOINT"
if [ ! -d "$MOUNTPOINT" ]
then
echo "Mounting $USERPATH at $MOUNTPOINT"
mkdir -m 700 -p "$MOUNTPOINT"
if mount -t smbfs -o nobrowse "$USERPATH" "$MOUNTPOINT"
then
# Create the users home directory on the server if it doesn't exist yet.
echo "Creating/Verifying home directory $USERPATH/$USER on the server"
mkdir -p "$MOUNTPOINT/$USER"
echo "Unmounting $USERPATH"
umount -f "$MOUNTPOINT"
mkdir -m 700 -p "$MOUNTPOINT"
chown $(id -u "$USER"):$(id -g "$USER") "$MOUNTPOINT"
# remount the server directly at the users home directory.
echo "Mounting $USERPATH/$USER at $MOUNTPOINT"
# If you want to prevent the mount point appearing on the desktop uncomment
# the mount command with -o nobrowse and comment out the first one.
if sudo -u "$USER" mount -t smbfs "$USERPATH/$USER" "$MOUNTPOINT"
#if sudo -u "$USER" mount -t smbfs -o nobrowse "$USERPATH/$USER" "$MOUNTPOINT"
then
# migrate the local directories on the left to the remote directories on the right.
# contents of the directory is first rsynced to the destination before the directory
# is replaced with a symlink. Folder name mappings can be customized here.
# The below mappings are for a linux not windows server.
echo "Redirect Folders"
migrate_directory "Desktop" "Desktop"
migrate_directory "Downloads" "Downloads"
migrate_directory "Documents" "Documents"
migrate_directory "Movies" "Movies"
migrate_directory "Music" "Music"
migrate_directory "Pictures" "Pictures"
# Synced folders REMEMBER TO SYNC ON LOGOUT in the logout script!
#Google Chrome - sync because it doesn't like being symlinked
#path must be the same on both source and location
#sync_directory "target path" "file or folder to sync"
sync_directory "Library/Application Support/" "Dock"
sync_directory "Library/Application Support/Google/Chrome" "Local State"
# Default Profile
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "History Provider Cache"
sync_directory "Library/Application Support/Google/Chrome/Default" "Network Persistent State"
sync_directory "Library/Application Support/Google/Chrome/Default" "Preferences"
sync_directory "Library/Application Support/Google/Chrome/Default" "TransportSecurity"
sync_directory "Library/Application Support/Google/Chrome/Default" "Visited Links"
sync_directory "Library/Application Support/Google/Chrome/Default" "Web Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Cookies"
sync_directory "Library/Application Support/Google/Chrome/Default" "Cookies-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Session"
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "Bookmarks"
sync_directory "Library/Application Support/Google/Chrome/Default" "Secure Preferences"
sync_directory "Library/Application Support/Google/Chrome/Default" "History-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Login Data"
sync_directory "Library/Application Support/Google/Chrome/Default" "Favicons"
sync_directory "Library/Application Support/Google/Chrome/Default" "History"
sync_directory "Library/Application Support/Google/Chrome/Default" "Favicons-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Login Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Bookmarks.bak"
sync_directory "Library/Application Support/Google/Chrome/Default" "Last Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "Last Session"
sync_directory "Library/Application Support/Google/Chrome/Default" "Top Sites"
sync_directory "Library/Application Support/Google/Chrome/Default" "Top Sites-journal"
#Profile 1 (optional) repeat if there are multiple profiles. This profile happens when they sign into Chrome
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History Provider Cache"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Network Persistent State"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Preferences"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "TransportSecurity"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Visited Links"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Web Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Cookies"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Cookies-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Session"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Bookmarks"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Secure Preferences"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Login Data"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Favicons"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Favicons-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Login Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Bookmarks.bak"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Last Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Last Session"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Top Sites"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Top Sites-journal"
# other sync items
sync_directory "Library/Containers" "com.microsoft.Excel"
sync_directory "Library/Containers" "com.microsoft.Office365ServiceV2"
sync_directory "Library/Containers" "com.microsoft.onenote.mac"
sync_directory "Library/Containers" "com.microsoftPowerpoint"
sync_directory "Library/Containers" "com.microsoft.Word"
sync_directory "Library/Containers" "com.apple.Notes"
sync_directory "Library/Containers" "com.apple.Notes.datastore"
sync_directory "Library/Containers" "com.apple.mail"
sync_directory "Library/Containers" "com.apple.iBooksX"
sync_directory "Library/Containers" "com.apple.iWork.Numbers"
sync_directory "Library/Containers" "com.apple.iWork.Pages"
sync_directory "Library/Containers" "com.apple.iWork.Keynote"
sync_directory "Library/Containers" "com.apple.reminders.RemindersNC"
sync_directory "Library/Containers" "com.apple.TextEdit"
sync_directory "Library/Containers" "com.adobe.accmac.ACCFinderSync"
#Application support
migrate_directory "Library/Application Support/Adobe" "Library/Application Support/Adobe"
migrate_directory "Library/Application Support/Adobe-bak" "Library/Application Support/Adobe-bak"
migrate_directory "Library/Application Support/Atom" "Library/Application Support/Atom"
migrate_directory "Library/Application Support/audacity" "Library/Application Support/audacity"
migrate_directory "Library/Application Support/Autodesk" "Library/Application Support/Autodesk"
migrate_directory "Library/Application Support/edvrclient" "Library/Application Support/edvrclient"
migrate_directory "Library/Application Support/Filemaker" "Library/Application Support/Filemaker"
migrate_directory "Library/Application Support/Firefox" "Library/Application Support/Firefox"
migrate_directory "Library/Application Support/GitHub Desktop" "Library/Application Support/GitHub Desktop"
migrate_directory "Library/Application Support/Mozilla" "Library/Application Support/Mozilla"
migrate_directory "Library/Application Support/PhoneView" "Library/Application Support/PhoneView"
migrate_directory "Library/Application Support/SketchUp 2017" "Library/Application Support/SketchUp 2017"
migrate_directory "Library/Application Support/SketchUp 2018" "Library/Application Support/SketchUp 2018"
migrate_directory "Library/Application Support/SketchUp 2019" "Library/Application Support/SketchUp 2019"
migrate_directory "Library/Application Support/Skype" "Library/Application Support/Skype"
# General Library
migrate_directory "Library/Cookies" "Library/Cookies"
migrate_directory "Library/Preferences" "Library/Preferences"
migrate_directory "Library/Mail" "Library/Mail"
migrate_directory "Library/Safari" "Library/Safari"
migrate_directory "Library/Accounts" "Library/Accounts"
else
echo "Unable to mount $USERPATH/$USER"
MOUNTFAILED=1
fi
else
echo "Unable to mount $USERPATH"
MOUNTFAILED=1
fi
else
echo "Unable to mount $USERPATH because $MOUNTPOINT already exists and could not be removed"
MOUNTFAILED=1
fi
logouthook script
#!/bin/bash
# Mac OS X Logout script to arbitrarily map chosen local home directory folders such as Documents to a Windows Server SMB home directory volume.
#
# This script UnmountHomeDir.sh is the companion to MountHomeDir.sh.
#
# Version 1.1, 2018/04/27.
# Work around a bug in High Sierra where fast user switching login sessions do not get the correct PATH.
export PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin
sync_directory()
{
# Ensure the directory we are about to sync to exists locally.
if [ ! -L "$HOME/$1" ] && [ -e "$HOME/$1" ]
then
# Sync existing files and folders to the remote home directory from local home and make directory if necessary
if [ ! -L "$MOUNTPOINT/$1" ] && [ -e "$MOUNTPOINT/$1" ]
then
sudo -u "$USER" mkdir -m 750 -p "$MOUNTPOINT/$1"
fi
echo "Syncing $HOME/$1/$2 to $MOUNTPOINT/$1/$2"
sudo -u "$USER" rsync -av --update "$HOME/$1/$2" "$MOUNTPOINT/$1/$2"
fi
}
USER="$1"
HOME=$(eval echo "~$1")
# uncomment the following two lines to enable debug logging in /var/log.
#exec >> "/var/log/MountHomeDir-$USER.log"
#exec 2>&1
if [ "$USER" == "adminuser" ]
then
echo "Skipped unmounting remote home directory - $USER is a local user account"
exit 0
fi
MOUNTPOINT="/Volumes/$(hostname -s)_$USER"
# Synced folders REMEMBER TO SYNC ON LOGOUT in the logout script!
#Google Chrome - sync because it doesn't like being symlinked
#path must be the same on both source and location
#sync_directory "target path" "file or folder to sync"
sync_directory "Library/Application Support/" "Dock"
sync_directory "Library/Application Support/Google/Chrome" "Local State"
# Default Profile
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "History Provider Cache"
sync_directory "Library/Application Support/Google/Chrome/Default" "Network Persistent State"
sync_directory "Library/Application Support/Google/Chrome/Default" "Preferences"
sync_directory "Library/Application Support/Google/Chrome/Default" "TransportSecurity"
sync_directory "Library/Application Support/Google/Chrome/Default" "Visited Links"
sync_directory "Library/Application Support/Google/Chrome/Default" "Web Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Cookies"
sync_directory "Library/Application Support/Google/Chrome/Default" "Cookies-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Session"
sync_directory "Library/Application Support/Google/Chrome/Default" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "Bookmarks"
sync_directory "Library/Application Support/Google/Chrome/Default" "Secure Preferences"
sync_directory "Library/Application Support/Google/Chrome/Default" "History-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Login Data"
sync_directory "Library/Application Support/Google/Chrome/Default" "Favicons"
sync_directory "Library/Application Support/Google/Chrome/Default" "History"
sync_directory "Library/Application Support/Google/Chrome/Default" "Favicons-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Login Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Default" "Bookmarks.bak"
sync_directory "Library/Application Support/Google/Chrome/Default" "Last Tabs"
sync_directory "Library/Application Support/Google/Chrome/Default" "Last Session"
sync_directory "Library/Application Support/Google/Chrome/Default" "Top Sites"
sync_directory "Library/Application Support/Google/Chrome/Default" "Top Sites-journal"
#Profile 1 (optional) repeat if there are multiple profiles. This profile happens when they sign into Chrome
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History Provider Cache"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Network Persistent State"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Preferences"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "TransportSecurity"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Visited Links"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Web Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Cookies"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Cookies-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Session"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Current Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Bookmarks"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Secure Preferences"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Login Data"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Favicons"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "History"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Favicons-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Login Data-journal"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Bookmarks.bak"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Last Tabs"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Last Session"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Top Sites"
sync_directory "Library/Application Support/Google/Chrome/Profile 1" "Top Sites-journal"
# other sync items
sync_directory "Library/Containers" "com.microsoft.Excel"
sync_directory "Library/Containers" "com.microsoft.Office365ServiceV2"
sync_directory "Library/Containers" "com.microsoft.onenote.mac"
sync_directory "Library/Containers" "com.microsoftPowerpoint"
sync_directory "Library/Containers" "com.microsoft.Word"
sync_directory "Library/Containers" "com.apple.Notes"
sync_directory "Library/Containers" "com.apple.Notes.datastore"
sync_directory "Library/Containers" "com.apple.mail"
sync_directory "Library/Containers" "com.apple.iBooksX"
sync_directory "Library/Containers" "com.apple.iWork.Numbers"
sync_directory "Library/Containers" "com.apple.iWork.Pages"
sync_directory "Library/Containers" "com.apple.iWork.Keynote"
sync_directory "Library/Containers" "com.apple.reminders.RemindersNC"
sync_directory "Library/Containers" "com.apple.TextEdit"
sync_directory "Library/Containers" "com.adobe.accmac.ACCFinderSync"
echo "Unmounting $MOUNTPOINT"
umount -f "$MOUNTPOINT"
rmdir "$MOUNTPOINT" 2>/dev/null
Posted on 05-08-2018 09:59 AM
Sorry this is a little off topic but is the closest post I've seen to possibly fixing my issue.
Any Ideas on how to script for an environment that has users matching access against multiple home drive server locations?
I'm having an issue with doing this with the following script.
UID1=$(id -u $3) echo "UID: $UID1"
if [[ "$UID1" -ge 1000 ]]; then echo "User "$3" is an Active Directory account"
mount_script=`/usr/bin/osascript > /dev/null << EOT
tell application "Finder"
activate
mount volume "protocol://serverName1/shareName1/$3"
end tell
EOT`
else
echo "Logged in user is a local user"
fi
isMounted=mount | grep -c "/Volumes/$USER"
if [ $isMounted -ne 0 ] ; then
writelog "Network share already mounted for $USER"
exit 0
else mount_script=`/usr/bin/osascript > /dev/null << EOT
tell application "Finder"
activate
mount volume "protocol://serverName2/shareName2/$3"
end tell
fi
EOT`
fi
exit 0
Script works fine if user has access to the first server in statement, but not if they belong to the second. I receive a popup window saying "There was a problem connecting to the server "protocol://serverName1/shareName1". I believe modifying "mount volume" to "MOUNTPOINT" could accomplish this based off a user security group access?
Any help scripting logic around this issue would be greatly appreciated.
Posted on 05-08-2018 12:13 PM
I have a script that is doing a similar task.
A few notes:
We use AD Extension Attribute 2 for our user location so I am reading that for our AD users. Also I am using MySides plugin to add to the network volume finder sidebar.
#!/bin/sh
currentUser=$(ls -l /dev/console | awk '{ print $3 }')
UID1=$(id -u $currentUser)
if [[ "$UID1" -lt 1000 ]]; then
echo "User is: $currentUser"
echo ""$currentUser" is a local user. This script will now quit"
exit 1
fi
UserLoc=$(dscl /Active Directory/(DomainName)/All Domains read /Users/$currentUser dsAttrTypeNative:extensionAttribute2 | sed 's/.*://')
#echo "AD attribute for current user is:"$UserLoc""
if [[ $UserLoc = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=Unknown
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
elif [[ "$UserLoc" = " (LocationName)" ]]; then
Location=(LocationName)
mount_script=`/usr/bin/osascript <<EOF
tell application "Finder"
activate
mount volume "smb://Server.FQDN/users//$Location/$currentUser"
end tell
EOF`
/usr/local/bin/mysides add $currentUser file:///Volumes/$currentUser
else
echo "User attribute 2 not found. The script will error and close."
exit 1
fi
Posted on 05-09-2018 02:14 AM
Like you I manage a very small network of about a dozen Macs (10.12.6) at a local charity with a Mac Mini Server. As Apple have now deprecated the Server product, I am moving the charity's systems across to a Synology server. We have already migrated the file services and have just actived their Active Directory implementation, which seems to work okay. We are now dealing with challenge of mounting the AD Users Network Home Folders on the Mac desktops, hence I am very interested in the script you have developed, which I am now experimenting with. Unfortunately it is about 20+ years since I last did any programming or scripting work, so I am thankful for your clear comments and explanation of how it works.
A couple of things that concern me at this stage:
1/ I thought that Apple introduced some restrictions in the Sierra release (without telling anyone) on the use of /Volumes that will cause issues, thus user folders are now under /Users. Does this mean that your script needs to be adjusted for this change?
2/ Whilst I was researching the Home Folder issue, I came across a very instructive video from MacAdmin 2015 by David Acland (then of Amsys, now at MoofIT):
https://www.youtube.com/watch?v=X8e2gyS8n_Q
It has some very good explanation, but is obviously about 3 generations of MacOS behind the current releases. I'm therefore dubious about using it, but he does have a very nice piece in it that converts from PC format directory paths (given by AD) to Mac unix-like paths, plus some other useful additions. He has put his scripts on Github here:
https://github.com/moofit/psu
I would consider making amendments to your script, but as I said, I haven't done any programming for 20+ years and don't want to make a pig's ear of it!
3/ David Acland does make the comment that relying on AD providing the UNC path is not, in his experience, very reliable. Perhaps some of his experience could be added into your script to make it more widely applicable.
Posted on 05-10-2018 07:46 AM
Thanks for the script! I've been trying to modify my existing script with what you have in your environment but keep getting this error.
Script exit code: 2
Script result: UID: 965755676
/Library/Application Support/JAMF/tmp/Ver 2 Home Drive: line 31: syntax error: unexpected end of file
Error running script: return code was 2.
Current script.
#!/bin/sh
#User Info
UID1=$(id -u $3)
echo "UID: $UID1"
if [[ "$UID1" -ge 1000 ]];
then echo "User "$3" is an Active Directory account"
# Mount the drive
mount_script=`/usr/bin/osascript > /dev/null << EOT
tell application "Finder"
activate
mount volume "smb://staffstoreak.sburg.org/Users/$3"
end tell
EOT`
isMounted=mount | grep -c "/Volumes/$USER"
if [ $isMounted -ne 0 ] ; then
writelog "Network share already mounted for $USER"
exit 0
elif
mount_script=`/usr/bin/osascript > /dev/null << EOT
tell application "Finder"
activate
mount volume "smb://staffstorelz.sburg.org/Users/$3"
end tell
fi
EOT`
exit 0
I have tried using just "fi" at the end without "exit 0" also tried with both "fi" than "exit 0" and get the same error
Trying to do this without using AD Extension Attribute 2 or MySides plugin. I'm happy with just having the drives on the desktop.
Thanks again for all your help it is greatly appreciated!!
Posted on 11-14-2019 12:21 PM
I think I'm in the right thread, but if I'm not, I apologize. We are trying to get a our staff to save to their network drives instead of the hard drive. The easiest thing would be to simply tell them to save to their Mac's Documents folder that maps to their Windows-based network drive. Would a script like the ones posted here help me accomplish this?