Strange issue with script policy that mounts smb share

allanp81
Valued Contributor

I have a weird issue that I cannot figure out with printing on non-AD bound macs.

We use papercut queues and add them via SMB (we use LPD on AD bound macs). If I was to run a policy that mounts a volume to an smb share using a service account and then unmount at the end of the script, macOS seems to be somehow remembering these details so that if the user then sends a print job to the queue it seems to authenticate and submit as the service account.

I've checked the keychain passwords, klist etc. and see nothing that would explain why it sends the job as the service account and not prompt for the actual credentials. A reboot instantly clears this and then will prompt the user to authenticate with their credentials.

I'm baffled.

2 REPLIES 2

TSOAFTVPPC
Contributor

Are you logging in via the service account or just using the service account credentials to mount the share?

allanp81
Valued Contributor

@TSOAFTVPPC Only using the credentials to mount the share.