Posted on 11-01-2012 02:51 PM
Hey all. My only remaining hang up (that I'm aware of) for my using 10.8 in my labs at this point is getting a few general network shares mapped for users at login, these are not their home shares (those mount fine with the AD plug-in). Has anyone successfully used the last version of the mountNetworkShare script from the resource kit or are you using your own custom version of it that works with 10.8? For some reason the user is getting prompted to enter in their credentials as if the kerberos information isn't being handle properly from their AD login. Thanks.
Solved! Go to Solution.
Posted on 11-01-2012 07:55 PM
So here's the script I'm using. It uses the Kerberos ticket to mount shares. Those things that I'm case pattern matching to are the AD groups I was talking about that determine what team share (U drive for us)
#!/bin/sh
# Filename: mountShares.sh
# Purpose: Mount file shares automatically with Kerberos ticket
# Author: Jared F. Nichols
#Find the logged in user
user=`ls -la /dev/console | cut -d " " -f 4`
#Find their P drive server
server=`dscl . -read /Users/$user | grep SMBHome: | cut -d '' -f 3`
#Set this temp string because 'defaults' is literal and won't resolve variables
tmpStr='<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/'$user'</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
#Mount the user's P drive
sudo -u $user jamf mount -server $server -share $user -type smb
#Write the P drive to the dock
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add $tmpStr
#P drive dispensed with, let's do the U drive.
id=`id $user`
echo $id
case $id in
*EQPOD_LOGIN*)
sudo -u $user jamf mount -server cifsbos01 -share eqshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/eqshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*PGRShared*)
sudo -u $user jamf mount -server cifsbos03 -share pgrshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/pgrshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*730Hishared*)
sudo -u $user jamf mount -server cifsbos02 -share hishared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/hishared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*NLD_TsoLogon*)
sudo -u $user jamf mount -server cifsbos03 -share tsoshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/tsoshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*FIUsers*)
sudo -u $user jamf mount -server fiprdfileinv -share shared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/shared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
esac
#Kick the Dock in the ass. Nothing else to see here, folks.
killall Dock
Posted on 11-01-2012 06:32 PM
I am having similar issues here: https://jamfnation.jamfsoftware.com/discussion.html?id=5810
Trying to work through them slowly. My snippet of code was pulled out from the mountNetworkShare as we could not get that working on our 10.7 clients. Attempting to get something working on 10.8
Posted on 11-01-2012 06:32 PM
Posted on 11-01-2012 06:54 PM
Custom. Our team shares are based on AD group membership. you can do an ```
id
``` and case out for particular groups to mount particular shares. I can post up some script snippets in a few.
Posted on 11-01-2012 07:55 PM
So here's the script I'm using. It uses the Kerberos ticket to mount shares. Those things that I'm case pattern matching to are the AD groups I was talking about that determine what team share (U drive for us)
#!/bin/sh
# Filename: mountShares.sh
# Purpose: Mount file shares automatically with Kerberos ticket
# Author: Jared F. Nichols
#Find the logged in user
user=`ls -la /dev/console | cut -d " " -f 4`
#Find their P drive server
server=`dscl . -read /Users/$user | grep SMBHome: | cut -d '' -f 3`
#Set this temp string because 'defaults' is literal and won't resolve variables
tmpStr='<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/'$user'</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
#Mount the user's P drive
sudo -u $user jamf mount -server $server -share $user -type smb
#Write the P drive to the dock
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add $tmpStr
#P drive dispensed with, let's do the U drive.
id=`id $user`
echo $id
case $id in
*EQPOD_LOGIN*)
sudo -u $user jamf mount -server cifsbos01 -share eqshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/eqshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*PGRShared*)
sudo -u $user jamf mount -server cifsbos03 -share pgrshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/pgrshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*730Hishared*)
sudo -u $user jamf mount -server cifsbos02 -share hishared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/hishared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*NLD_TsoLogon*)
sudo -u $user jamf mount -server cifsbos03 -share tsoshared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/tsoshared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
*FIUsers*)
sudo -u $user jamf mount -server fiprdfileinv -share shared -type smb
sudo -u $user defaults write /Users/$user/Library/Preferences/com.apple.dock persistent-others -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Volumes/shared</string><key>_CFURLStringType</key><integer>0</integer></dict><key>showas</key><integer>2</integer></dict><key>tile-type</key><string>directory-tile</string></dict>'
;;
esac
#Kick the Dock in the ass. Nothing else to see here, folks.
killall Dock
Posted on 11-02-2012 12:55 AM
I use something completely different across 10.6.-10.8.
http://macmule.com/2011/09/08/how-to-map-drives-printers-based-on-ad-group-membership-on-osx/
Posted on 11-02-2012 04:09 AM
Always more than one way to skin a cat on our OS :)
Posted on 11-02-2012 05:47 AM
Thanks, Gents. I'll take a look and see what sticks. =D
My gosh, even fancy Dock work!
Posted on 11-02-2012 06:01 AM
So...this is right up there with the "why the hell didn't I think of that." and just using the mount piece built into the binary. Thanks, Jared AND Ben!
Posted on 09-15-2014 06:05 AM
@jarednichols My users will have Mac homes at SMBHome/osx, is there a way to adapt your script to get those areas mounted?
I'd like to use the jamf mount command if possible (bash beginner here).
Posted on 09-17-2014 03:36 AM
I think the issue here is that unless your “osx” folder is exposed as a share, it’s not going to work as you intend (or likely at all). When a client connects to a file server, it asks for the shares that it has exposed. The client is then allowed to mount one of those shares (unless it’s a hidden special share like c$ or something like that). It’s actually a security measure to prevent clients from mounting whatever folder on the filesystem that they like. If you knew there was a folder at “/Users/johnnyappleseed/documents/MyImportantStuff” but the only this shared was "/Users/Shared” and you could actually mount “MyImportantStuff” that’d be a bit of a problem, right?
So I know what you’re saying: “But ‘osx’ is nested within the share.” That doesn’t matter. To the server it’s not a listed share (hidden or otherwise) and it won’t let a client mount at that point.
It sort of begs the question: Why? Are there files so different on your Macs that you don’t want to expose them to Windows? Being able to mount where you want also would orphan some file access. /kthompson/documents (should it exist) wouldn’t be accessible as you’d have mounted at a sibling folder of ‘documents’ instead of a parent.
Posted on 09-20-2014 08:40 AM
Does it change anything if I say I can get to SMBHome/osx via Cmd+K in a network account without authenticating again?
Posted on 09-22-2014 01:04 AM
You must change the finder pref: "Show these items on the desktop" / Connected servers