Automatically mount a network drive upon login

Question

Automatically mount a network drive upon login

Hi All,

Can anyone help!
I want to automatically mount a network drive when a network user logs in.
Client OSX10.4.9
Network drive/share is samba based.
Network user is LDAP based (Novell eDirectory)

I currently have the following working:
An eDirectory (LDAPv3) user logs in & authenticates ok.
Mounting the network drive/share works ok MANUALY, with the following
smb://IPorDNS
user is then prompted for their password (I want this automated @ login preferably)

What I need is some help automating this smb mounting @ login time using the users ldap Username/Password. I guess this would need to be done using an Applescript of sorts, but I'm stuck as to how to take this forward..!

cifs://workgroup;Username:Password@IPorDNS/profile
The above works manually, but how do I go about swapping the Username:Password for environment variables, and then packaging this into a script/application that runs during login..???

I guess I may as well ask about this too, as it's all related. When I get the above working I want to point the users Home path(profile) to it, so that anything the user does on the desktop/pictures/documents/etc are stored on this networked drive, hope this makes sense. Any suggestions?

TIA
Danny

Macbook Pro Mac OS X (10.4.9)

Posted on Jun 13, 2007 10:22 AM

Reply

Answer 1

Camelot

Level 9

59,975 points

Jun 13, 2007 10:58 AM in response to Portuguese Danny

Are you trying to mount the user's home directory off the server? or just other subdirectories?

Either way, it might be best to modiify the LDAP side of things to add a series of mounts. That way the OS will automatically mount the appropriate drives when the user logs in and you don't have to worry about shell scripts.

There are numerous online guides to doing this. A quick search digs up this one which seems to cover it.

If you don't do it through the directory, there is no easy/secure way to handle the password element. You can easily handle the username ($USER), but you can't easily determine the user's password, and would have to update any script-based solution if the password changed.

The other option is to use the user's login items - mount the directories once then open System Preferences -> Accounts and select the Login Items tab.

You can drag here any item that you want to open automatically, including the mount points, and the OS will automatically reopen them when the user logs in next time.

The downside to this approach is that it will only handle things mounted in /Volumes, so if you're trying to mount your sharepoints elsewhere it isn't an option.

Reply

Answer 2

Jun 13, 2007 6:22 PM in response to Portuguese Danny

Is eDirectory and the samba server using kerberos? If they are, you shouldn't need to enter a password to mount the share. You should already have rights based on your login authentication to eDirectory. You can enter klist at the terminal to see if your being granted a kerberos ticket, however that doesn't mean the samba server supports it.

Reply

Answer 3

Jun 15, 2007 9:16 AM in response to Camelot

Hi Camelot,

Yes, I want to mount the User home directory off the server.

I want to mount it on the Mac client's filesystem at /Users/HERE

Once I logon/authenticate as a ldap user i can successfully mount their HomeDir MANUALLY by doing the following:

cifs://workgroup;username:password@IPorDNS/profiles

The above places an Alias on the Mac desktop but mounts the HomeDir as follows: /Volumes/profiles/HERE

But I need it to mount as follows: /Users/HERE

TIA
Danny

Macbook Pro Mac OS X (10.4.9)

Reply

Answer 4

Jun 15, 2007 9:25 AM in response to LittleSaint

Hi LittleSaint,

I'm not too sure if the Mac client is using Kerberos! When I run 'klist' I get:
klist: No Kerberos 5 tickets in credentials cache
klist: No Kerberos 4 tickets in credentials cache

Although it replies 'No Kerberos' it also says there are '5 & 4 tickets in credentials cache'

Also, as I NEED to enter a password when manually mounting the HomeDir I'm guessing that the Mac is not using Kerberos to authenticate against eDir/Samba...

TIA
Danny

Reply

Answer 5

Camelot

Level 9

59,975 points

Jun 15, 2007 11:27 AM in response to Portuguese Danny

>Although it replies 'No Kerberos' it also says there are '5 & 4 tickets in credentials cache'

No it doesn't.

I think you're reading it as:

<pre class=command>klist: No Kerberos. 5 tickets in credentials cache</pre>

What it says is more correctly read as:

<pre class=command>klist: No "Kerberos 5 tickets" in credentials cache</pre>

In other words, it doesn't have any Kerberos version 5 tickets.

As for the other part of the question, since you're trying to mount the user's home directory it's not practical to try to fix this at the client side - anything you do per-user will be executed after they've logged in, and are already using their local home directory.

The right fix for this is to modify the eDirectory LDAP schema to include the user's home directory path. That way the OS will automatically mount the sharepoint when the user logs in.

Off hand I can't find a specific document related to eDirectory, but Apple have tech notes on integrating with other directories including Active Directory and other LDAP-based solutions. A deeper poke on their support site might dig up some better results.

Reply

Answer 6

Jun 15, 2007 4:15 PM in response to Camelot

Without Kerberos, you would still need a secondary authentication to the server in order to mount the share. LDAP (eDirectory) provides primary authentication to login, but you still need authorization to mount the share, that's where Kerberos comes in. Unless eDirectory provides some other sort of single sign-on, but I'm not aware of any that OS X supports other than Kerberos.

Reply