Jamf Nation Community

Theslingman · ‎10-24-2014

Our macs are bound to AD, is there a way to have users home directories mount something other than SMBHome?

E.g. I want users to be automatically dropped into smb://server/share/username/macosx

Rather than smb://server/share/username (which is what SMBHome is set to in AD currently)

Thanks for any advice.

GaToRAiD · ‎10-25-2014

This is something you should be able to do in AD, you can set the home directory. You can either manually type the home directory for each user, or you can assign a script to do it. Shouldn't be hard to do with the use of some variables to say what the username is.

Theslingman · ‎11-14-2014

We're predominately a Windows environment, so we have home directories set in AD that are suitable for users of our central Windows service. However, we'd like our Mac users to mount a variation of SMBHome.

Is there a way to do that does anyone know? I'm happy to consider extensions of our AD schema or third-party products if that is what is required...

davidacland · ‎11-14-2014

First you need to switch off the "Use UNC path to derive network home location" (assuming you don't want the SMBHome attribute used at all), this can be done with this command:

dsconfigad -useuncpath disable

Then you have a login script that reads a different attribute:

dscl /Active Directory/YOURDOMAIN/All Domains -read /Users/$USER YourAttribute

You can use sed, awk & tr to clean up the resulting string as needed.

You can then use either "osascript", "mount_afp" or "mount -t smbfs"

If it is a set path (i.e. not different per user) it would just be a login script or configuration profile to mount the volume as a login item.

Let me know if you need any more info or an example script.

Theslingman · ‎11-16-2014

Thanks, I'd be very interested in seeing an example script!

So would I be right in saying that if we go down this route, I wouldn't be able to take advantage of portable home directories/HomeSync as such? I've seen the advice about avoiding it altogether but we really would like to try it out in our environment first.

davidacland · ‎11-17-2014

Here's a link to our mounthome script:

https://github.com/amsysuk/public_scripts/tree/master/mount_SMBHome

You can trigger it at login using a LaunchAgent.

You could add on other scripts using Rsync if you want the data automatically synced up or down. Personally I've had better success just presenting the drive to the user and letting them decide what does and doesn't go in there.

Theslingman · ‎12-01-2014

Thanks a lot for this, it looks like something we could definitely use!

Am I correct in saying that the script would be better run via a LaunchAgent rather than Casper, as scripts are run as root in the latter?

If so, could you confirm what the appropriate permissions should be for the LaunchAgent and script - it didn't run when I did a quick and dirty test.

mm2270 · ‎12-01-2014

Yes, LaunchAgents run scripts/apps as the logged in user. Casper does run scripts as root by default, and you would need to script around that in most cases.
When making Launchd items, I suggest using an application like LaunchControl to create them. It takes the guesswork out of permissions, ownership and some of the syntax stuff that can trip you up when creating them manually.