Jamf Nation Community

tim_rees · ‎01-14-2016

Hi All,

I'm trying to run the following script on El Cap to do user folder redirection:

#!/bin/sh

# Determine USERNAME variable

username=$(ls -l /dev/console | awk '{print $3}')

# Determine NETHOME variable

netvol=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f4)
netfolder=$(dscl '/Active Directory/DOMAIN/All Domains' -read /Users/$username SMBHome | cut -d'' -f5)
nethome=$(echo "/Volumes/"$netvol"/"$netfolder)

# Redirect the Documents folder

if [ ! -d $nethome/Documents ]
    then
        mkdir $nethome/Documents
fi

rm -Rf /Users/$username/Documents
ln -s $nethome/Documents $HOME/Documents

# Redirect the Desktop folder

if [ ! -d $nethome/Desktop ]
then
mkdir $nethome/Desktop
fi

rm -Rf /Users/$username/Desktop
ln -s $nethome/Desktop $HOME/Desktop

# Redirect the Downloads folder

if [ ! -d $nethome/Downloads ]
then
mkdir $nethome/Downloads
fi

rm -Rf /Users/$username/Downloads
ln -s $nethome/Downloads $HOME/Downloads

exit 0

The issue I have is with the rm command lines, I get permission denied. Has anyone else seen this with deleting User folders? and if so, is it a SIP issue, and is there a way around it?

I have a lot of Multiuser lab machines for students, and I'm trying to stay away from Portable Home Directories.

Thanks,
Tim

thoule · ‎01-15-2016

That's not SIP. I suspect you have a locked filed in the folder or something. Try deleting manually and see where you run into the error.

Swift · ‎01-15-2016

This is probably due to ACLs on the folders. You can remove all ACLS with chmod -N as follows:

/bin/chmod -fN /Users/$username/Desktop

Also, I'm guessing that you have "Force Local home directory on startup disk" enabled.
If so, as far as I'm aware - the network home is not available until after you have logged in. I don't know how you are implementing the script, but if this is part of some kind of LoginHook then

mkdir $nethome/Desktop - isn't going to succeed

Finally, I don't want to confuse matters, but if your not in charge of the shares, you can never be sure how the network home will be mounted.

I have the following SMBHome: MyServerDataStudent HomesActiveSiteB eststudent

...That the mount command show is mounted as follows:
//teststudent@MyServer/Data/Student%20Homes/Active/SiteB/teststudent on /Volumes/Data

...Meaning that network home for teststudent would be:
/Volumes/Data

If you are in charge of the shares - then you'll know exactly how they mount and this won't be an issue.

Hope this helps.

tim_rees · ‎02-11-2016

Finally got back to this!!

Thanks @Swift the chmod -fN does the trick!!

Jamf Nation Community

Suspected SIP issue - User Folders