Posted on 10-14-2016 10:18 AM
When I run the following line from the terminal it (of course) works just fine.
open smb://phs-fs1/HOME/testphs
But when I apply the following policy it does not (screenshot). (No errors, nothing). Multiple people log into our machines I so I use the JAMF placeholder $3 for the logged in username.
This is a simple mount, not rocket science, what is going wrong?
Posted on 10-14-2016 10:30 AM
We tried configuration profiles and it was nothing but unsuccessful. We use David Cland's script from JAMF Nation. Once configuring it, you could run it via a policy. It works great.
Here it is:
#!/bin/bash
theuser=$(/usr/bin/who | awk '/console/{ print $1 }')
/usr/bin/osascript > /dev/null << EOT
tell application "Finder"
activate
mount volume "smb://zfssa1/home_staff/${theuser}/"
end tell
EOT
echo $theuser
killall cfprefsd
defaults write com.apple.finder ShowMountedServersOnDesktop true
killall -HUP Finder
More information here: https://jamfnation.jamfsoftware.com/discussion.html?id=14262#responseChild86562
Posted on 10-14-2016 11:06 AM
When I run your script above via the terminal it works great, but when I run it via a login policy I get the dreaded 5014 error:
Posted on 10-15-2016 12:56 PM
@RobertBasil Are you using Windows Server?
Posted on 10-15-2016 01:13 PM
No, we are hosted by JAMF.
Posted on 10-15-2016 02:15 PM
P.S. I have it set to run during login and ongoing.
Posted on 10-16-2016 11:56 AM
I was asking if your storage server (which I am assuming you are mounting) is Windows. Can you set it as just a login script, we use a different MDM so it is hard to replicate your exact setup.
Posted on 10-16-2016 02:03 PM
One thing I can see about that script is it has no wait for Finder function, you might find running as a login policy that it's happening too soon.
Try running it from Self Service and see if it runs that way, if it does the issue probably relates to the timing of it during login.
Posted on 10-17-2016 07:30 AM
We are connecting to AD for login in and the shared drive is assigned to a windows share.
No, I cannot see it as just a login script.
Posted on 10-17-2016 09:41 AM
I'll give that a shot, thanks.
Posted on 10-17-2016 02:51 PM
Unless someone has another method I believe you have to use a launchagent to launch the script so that it collects the correct user name.
Posted on 10-17-2016 04:11 PM
You can definitely do it straight out of Casper in an AD evironment at least, this is my current script for doing on either a login trigger or from Self Service (it's an evolution on the same script I have posted before). You pass it a share path and all scoping is done by Casper and to avoid complication it's probably best to use the same AD group you use to control access to the share (i.e. there is no error checking in the script to see if you actually have access, it just tries to mount it).
#!/bin/bash
#2017 Version Samuel Look
#All care no responsibility
#Mounts the requested share if it doesn't already exist if left blank it will attempt to mount AD SMBhome
#Accepts shares in the form smb://server/share
#Intended to be run as a Login policy from Casper on AD bound machines only and has only been tested in this context.
##### Start seperate process #####
(
##### SUBROUTINES #####
Share_Path_Valid() {
if [[ -z "$Share_Path" ]]; then
Machine_Domain=$(dscl /Active Directory/ -read . SubNodes | awk '{print $2}')
Share_Path="$(dscl "/Active Directory/$Machine_Domain/All Domains" -read /Users/$Current_User SMBHome | awk '!/is not valid/' | sed -e 's/SMBHome: /smb:/g' -e 's/\///g')"
fi
if [[ "$Share_Path" ]]; then
logger "Sharemount:$Share_Name Path check PASS $Share_Path"
return 0
else
logger "Sharemount:$Share_Name Path check FAIL"
return 1
fi
}
#####
User_Ready() {
Loop_End=$((SECONDS + 60))
Current_User=$(stat -f%Su /dev/console | awk '!/root/')
while [[ -z "$Current_User" ]] && [[ $SECONDS -lt $Loop_End ]]; do
sleep 10
Current_User=$(stat -f%Su /dev/console | awk '!/root/')
done
if [[ "$Current_User" ]]; then
logger "Sharemount:$Share_Name User check PASS $Current_User"
return 0
else
logger "Sharemount:$Share_Name User check FAIL"
return 1
fi
}
#####
Finder_Ready() {
Loop_End=$((SECONDS + 60))
while [[ -z "$(ps -c -u $Current_User | awk /CoreServicesUIAgent/)" ]] && [[ $SECONDS -lt $Loop_End ]]; do
sleep 10
done
if [[ "$(ps -c -u $Current_User | awk /Finder/)" ]]; then
logger "Sharemount:$Share_Name Finder check PASS"
return 0
else
logger "Sharemount:$Share_Name Finder check FAIL"
return 1
fi
}
#####
Not_Mounted() {
if [[ -z "$(mount | awk '/'$Current_User'/ && //'$Share_Name' /')" ]]; then
logger "Sharemount:$Share_Name Mount check PASS $Share_Name"
return 0
else
logger "Sharemount:$Share_Name Mount check FAIL already mounted"
return 1
fi
}
#####
Mount_Drive() {
True_Path=$(echo $Share_Path | sed 's//////'$Current_User'@/g')
logger "Sharemount:$Share_Name Attempting to mount $True_Path"
osascript<<END
tell application "Finder"
mount volume "$True_Path"
end tell
END
}
##### START #####
Share_Path=$4
Share_Name="$(echo $Share_Path | awk -F"/" '{print $NF}')"
if User_Ready && Finder_Ready && Share_Path_Valid && Not_Mounted; then
Mount_Drive
else
logger "Sharemount:$Share_Name Conditions not met to attempt drive mounting $Share_Path"
fi
##### End seperate process #####
) &
##### FIN #####