Go Back   The macosxhints Forums > OS X Help Requests > Networking



Reply
 
Thread Tools Rating: Thread Rating: 12 votes, 5.00 average. Display Modes
Old 02-29-2008, 10:07 AM   #1
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Question MAC OSX 10.5.2 Auto Map Network Drive

Hello all,

My environment consists of some MACs in a Windows Active Directory environment.

I'm trying to MAP to some shared drives via active directory username when the user logs into the MAC. I don't want the user to have to be prompted for a password as it should automatically use the active directory credentials.

Now I have some MAC computers running 10.4 where I had a script start up to map some network drives. This seemed to work fine for the most part.

I've recently got a new MAC running 10.5 where firstly my script no longer would work and secondly whenever mapping to a network drive I am prompted to login again. I no not want to have to save to the keychain as this will change when the user changes the active directory password.

Does anyone know how to get mapping drives working properly again?

Please let me know.
Thanks in advance!
plexter is offline   Reply With Quote
Old 02-29-2008, 01:38 PM   #2
giskard22
Moderator
 
Join Date: May 2003
Posts: 4,272
Would you like to show your script? You can use single lines of AppleScript to do this. You also didn't say what kind of shares you're using.

There have been many troubles with AD binding under 10.5. Supposedly 10.5.2 fixed the problems, but in my environment Kerberos still doesn't work for SMB shares.
giskard22 is offline   Reply With Quote
Old 02-29-2008, 03:26 PM   #3
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Thanks for the reply.

Not much point in showing the script as it no longer works in 10.5 something to do with the type of scripting no longer being supported.

The shares are SMB and I gather I am having the same issues as you are?

All I want is for the shared drives to map without any hassles or prompts when the active directory user logs into the MAC.
plexter is offline   Reply With Quote
Old 03-01-2008, 01:18 PM   #4
giskard22
Moderator
 
Join Date: May 2003
Posts: 4,272
For each share, you can make a one line AppleScript:

mount volume "smb://server/share"

Assuming Kerberos is working, and the user is logging in with a network account, that should just work if the script (saved as an application) is in the user's login items list.

Now, if it works for AFP shares but not for SMB, you're running into the same problem I am. But it doesn't seem to be widespread.

BTW, MAC is for network interface addresses. Mac is short for Macintosh.
giskard22 is offline   Reply With Quote
Old 03-03-2008, 12:12 PM   #5
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Hello again,

On the 'Mac' when I go to the terminal and type the exact same command as you wrote above, substituted with my real values of course, I get the following:

username$ mount volume "smb://path.com/share"

mount: realpath /Users/username/smb:: No such file or directory

Or if I run my script:

Code:
tell application "Finder"
     try
         mount volume "smb://path.com/share"
     end try
end tell
The script prompts me for a username/password to use.

However if I use this exact same script on Mac 10.4 or below the shares map perfectly fine without any prompts.


I also tried using just mount volume "smb://path.com/share" in a script and I get the same prompt.


Any ideas?

Thanks for your help.
plexter is offline   Reply With Quote
Old 03-03-2008, 05:41 PM   #6
giskard22
Moderator
 
Join Date: May 2003
Posts: 4,272
AppleScript commands must be run from Script Editor (or osascript). You can't just enter them in bash.

And as for Script Editor, I told you it was only one line. There's no need to 'tell application' or anything like that.

The 'mount volume' command seems to use the same login facilities as the Finder. If you have a saved user/password in a keychain, or if you have a Kerberos ticket, you will not be prompted.

Are the users obtaining a Kerberos ticket at login?
giskard22 is offline   Reply With Quote
Old 03-04-2008, 12:04 PM   #7
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Thanks,

I had done the one line as well as my other example in script editor.

Is there a way I can verify that the kerberos ticket was received on the Mac?

Thanks for your help.
plexter is offline   Reply With Quote
Old 03-04-2008, 12:19 PM   #8
giskard22
Moderator
 
Join Date: May 2003
Posts: 4,272
Try the Kerberos application in /System/Library/CoreServices.
giskard22 is offline   Reply With Quote
Old 03-04-2008, 03:32 PM   #9
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Hmm.. when I load the Kerberos program it shows the active directory username@domain.com with the amount of time left on the ticket. I presume that means its working.

Any thoughts?

Thanks
plexter is offline   Reply With Quote
Old 03-04-2008, 03:36 PM   #10
tlarkin
League Commissioner
 
Join Date: Mar 2003
Location: Bay Area, CA
Posts: 11,351
Did you have the script run as a log in hook?
tlarkin is offline   Reply With Quote
Old 03-04-2008, 03:46 PM   #11
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Not sure what you mean by log in hook. I had it set in the log in items or run it manually.

This has only been a problem with 10.5 not 10.4.
plexter is offline   Reply With Quote
Old 03-04-2008, 03:47 PM   #12
tlarkin
League Commissioner
 
Join Date: Mar 2003
Location: Bay Area, CA
Posts: 11,351
do they map the SMB via their personal credentials or by the same log in? Can you give more info on exactly how it is set up and your current infrastructure?
tlarkin is offline   Reply With Quote
Old 03-04-2008, 04:15 PM   #13
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
each user has their own credentials.
plexter is offline   Reply With Quote
Old 03-04-2008, 05:00 PM   #14
tlarkin
League Commissioner
 
Join Date: Mar 2003
Location: Bay Area, CA
Posts: 11,351
well, I am not scripting expert but you could perhaps (and this would take some work) create a log in hook that mounted the SMB drives.

or mount it manually once and then drag it down to the dock, then it should make an alias to that mount and the user can click on it. Haven't tested this in Leopard but it works in Tiger.
tlarkin is offline   Reply With Quote
Old 03-11-2008, 03:11 PM   #15
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Sorry for the late reply.

I wouldn't really know where to begin with doing any major scripting. Surely this is possible in a "less" complicated fashion? I just dont understand why its broken in the new version! :P
plexter is offline   Reply With Quote
Old 03-13-2008, 09:16 AM   #16
kaptagat
Major Leaguer
 
Join Date: Jul 2003
Posts: 329
I believe 10.5 doesn't work with kerberos in the same way that 10.4 did. I remember reading somewhere that it will only send the kerberos ticket to a server that requests one. Leopard's AD integration is on the whole quite frankly appalling, made even worse in my view, because everything worked fine with tiger.

I have also found that login items doesn't work with AD users. Apple say they are aware of this and are working on a solution to it.
kaptagat is offline   Reply With Quote
Old 03-13-2008, 01:54 PM   #17
giskard22
Moderator
 
Join Date: May 2003
Posts: 4,272
10.5.2 seems to have fixed almost everyone's major AD issues. I don't know anything about the login items issue.
giskard22 is offline   Reply With Quote
Old 03-13-2008, 02:19 PM   #18
tlarkin
League Commissioner
 
Join Date: Mar 2003
Location: Bay Area, CA
Posts: 11,351
well each user could mount it manually once, and then drag that mounted volume to the dock, and then they can just click the alias to map it after log in.
tlarkin is offline   Reply With Quote
Old 03-13-2008, 05:00 PM   #19
plexter
Prospect
 
Join Date: Feb 2008
Posts: 12
Yeah thats the same feeling I had; don't get why they broke it. I was hoping there was something I was missing or just a simple work around but it doesn't seem like it.

Hopefully the next update will resolve this.
plexter is offline   Reply With Quote
Old 06-02-2008, 03:29 PM   #20
commuterkid
Registered User
 
Join Date: Jun 2008
Posts: 1
Well, 10.5.3 still didn't solve this issue. However, I am having a hard time with creating a LoginHook that will interact with my script. I'm not strong in programming and I'm just curious as to how the LoginHook can take the login credentials, then use them to be able to map network drives. This is 10.5.3.
commuterkid is offline   Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -5. The time now is 08:43 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.