Currently Being ModeratedOct 4, 2013 9:13 AM (in response to kobayashi maru)
It isn't entirely clear to me what yo're asking.
Are you asking for a script to pull a username/password from Active Directory and somehow pass that into the AFP mount? If so, that's not going to happen. There is no way (at least, by design) that AD is going to tell you any user's password. Passwords should be securely encrypted on the server and not ever possible to pass back to a client.
If you mean you want the script to know every user's password then that's a security nightmare waiting (no, asking) to happen.
On the other hand, if you're just asking for a way to mount an AFP using the current user's credentials (without necessarily knowing who that user is), then I may be missing something else... namely that should happen anyway - at least, if you're using Keychain on the clients then the client system already knows the user's credentials for the server and can auto-fill them, alternatively if you're running Kerberos in your domain then the authentication should be handled automatically at the server level. In other words, unless you're trying to mount a sharepoint under a different user's credentials, there shouldn't be a need to craft a script to do anything unusual, hence my question as to your use case.
Currently Being ModeratedOct 4, 2013 10:03 AM (in response to kobayashi maru)
You are crossing domains there. You can configure Activie Directory to automount Active Directory shares. You can configure Open Directory to automount AFP shares. Without being a managed account, under the control of some server, the only way to cross domains with credentials is via the keychain. You could probably write a script to copy credentials from one record in the keychain to another, but that will still have to be run on each machine.