Want to highlight a helpful answer? Upvote!

Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: dermodyr
dermodyr Author
User level: Level 1
0 points

Adding a network password entry to login keychain via applescript

Hi,


Ive been happily adding "generic" and "application" entries to my login keychain by running an applescript on the login script.


e.g.


set MyName to do shell script "whoami"

set ThePassword to ""

set A4 to "Y009P001"

set A3 to "Y009P002"


try

set ThePassword to text returned of (display dialog "Please re-enter your password to connect to Shared Folders, and Printers." default answer "" with hidden answer)


do shell script "security add-generic-password -a MYDOMAIN" & "\\\\" & MyName & " -s " & A4 & " -w " & ThePassword & " -A"

do shell script "security add-generic-password -a MYDMAIN" & "\\\\" & MyName & " -s " & A3 & " -w " & ThePassword & " -A"


tell application "Finder"

mount volume "smb://MYDOMAIN;" & MyName & ":" & ThePassword & "@nas-w403" & "/" & MyName

mount volume "smb://MYDOMAIN;" & MyName & ":" & ThePassword & "@staffwx/staffcommon"

end tell

end try


However I really need to add a SMB "network" password to the login keychain but security command-line doesnt seem to support it.


Can anybody help me please

iMac, Mac OS X (10.7.2)

Posted on Nov 10, 2011 8:48 AM

Reply
10 replies
User profile for user: twtwtw
twtwtw
User level: Level 5
4,936 points

Nov 14, 2011 5:55 AM in response to dermodyr

a couple of points:


on Snow Leopard (I haven't looked at my Lion partition yet) security as an add-internet-password command. Is this not what you're looking for?


also, you need to decide whether you are writing a shell script or an applescript - constant use of do shell script is ugly code and introduces a lot of opportunities for breakage. Both shell scripts and applescripts are fine, but trying to do both is a headache in the making.


the applescript version looks like this:


set MyName to short user name of (system info)

set ThePassword to ""

set A4 to "Y009P001"

set A3 to "Y009P002"


try

set ThePassword to text returned of (display dialog "Please re-enter your password to connect to Shared Folders, and Printers." default answer "" with hidden answer)


tell application "Keychain Scripting"

set newKey to make new Internet key with properties {name:"SMB password 1 for some org", account:MyName, service:A4, password:ThePassword, protocol:SMB}

set newKey to make new Internet key with properties {name:"SMB password 2 for some org", account:MyName, service:A3, password:ThePassword, protocol:SMB}

end tell

mount volume "smb://MYDOMAIN;" & MyName & ":" & ThePassword & "@nas-w403" & "/" & MyName

mount volume "smb://MYDOMAIN;" & MyName & ":" & ThePassword & "@staffwx/staffcommon"

end try


To make it a shell script write it as a shell script and run the display dialog command through osascript.

Reply
User profile for user: dermodyr
dermodyr Author
User level: Level 1
0 points

Nov 15, 2011 3:11 AM in response to twtwtw

Hi tw,


Thanks for your reply. Yes this is on Lion, on SL the Internet key seemed to work fine for me however now its a "network" key. I've tried your script above (eventually got Keychain Scripting app onto Lion) but I still get the same problem.


Basically its a windows network printer Im connecting to. Here is a screenshot.

The key on the left is the key I create though the script and the key on the right is the key I need to create.


User uploaded file

Reply
User profile for user: twtwtw
twtwtw
User level: Level 5
4,936 points

Nov 15, 2011 5:34 AM in response to dermodyr

Well, it's not a completely sound idea to import old utility apps into a new OS - results can be unpredictable. sorry, I hadn't realized that the new Keychain app (Keychain Access) dropped the applescript dictionary entirely. Apple developers needing a head-smacking...


at any rate, if it works, it works. but either way, I think you're overthinking this. the 'kind' field is just a text field. in unix you specify its contents with the -D option


-D 'network password'


in Keychain Scripting use the description property:


set newKey to make new Internet key with properties {..., description:"network password"}

Reply
User profile for user: dermodyr
dermodyr Author
User level: Level 1
0 points

Nov 16, 2011 2:44 AM in response to dermodyr

Ok I can set access control if I apply the -A flag to the shell script


do shell script "security add-internet-password -a " & "\\" & MyName & " -s " & A4 & " -w " & ThePassword & " -D " & TheKind & " -A"


However I cant seem to set the "where" attribute without changing the key name.


So I tried to create the key using the shell script and then edit it through keychain scripting to add the "where" attribute tw showed me earlier. But it doesnt work.


do shell script "security add-internet-password -a " & "\\" & MyName & " -s " & W403P001 & " -w " & ThePassword & " -D " & TheKind & " -A"

tell application "Keychain Scripting"

launch

tell current keychain

tell (some Internet key whose name is "W403P001") to set server to "staffwx"

end tell

end tell


Any ideas anybody?

Reply
User profile for user: twtwtw
twtwtw
User level: Level 5
4,936 points

Nov 16, 2011 6:51 AM in response to dermodyr

derm, you're starting to perplex me. are you reading the man page at all? the 'name' attribute defaults to the 'where' attribute unless you set it using the 'label' key (-l option). I also don't understand why the backslash is getting thrown into the mix (a " & "\\" & MyName) - do all your account names begin with backslashes?


at any rate, try something like this (and note the changes: multi-line string build so it's easier to see where errors creep in, avoiding variables except where they are strictly needed. these things make debugging do shell script much easier).


set cmd to "security add-internet-password"

set cmd to cmd & " -a " & myname

set cmd to cmd & " -l 'staff server'"

set cmd to cmd & " -s staffwx"

set cmd to cmd & " -r 'smb '"

set cmd to cmd & " -w " & ThePassword

set cmd to cmd & " -D 'network password'"

set cmd to cmd & " -A"


do shell scriptcmd

Reply

Adding a network password entry to login keychain via applescript

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up