Category Archives

2 Articles

Posted by admin on

OS X Mount Active Directory Home Drive Automatically (Working Solution for OS X 10.10)

Prior to OS X 10.9 Mavericks here at the college we would use the option in the “Directory Utility” app to mount the Active Directory home drives. This was done by checking off “Use UNC path from Active Directory” but with OS X 10.9 Mavericks & OS X 10.10 Yosemite there was the adoptions of SMB2 which does not play well with Microsoft’s version of SMB. We would have drives mounting but not the drives we wanted. We would normally want their home folder mounted as (ex. /studentname) but instead it was now being mounted as (ex. share/studentname). This is how we’ve been running for the past two years and haven’t had much luck fixing it. 

Today with the help of a co-worker we were able to come up with an AppleScript that fixes this. Below is the simple script that I saved as an executable app and placed into the /Library/Scripts folder in our images. From here I added the app as a login item in the default profile. Once any user logs in the script would check to see what the users name is then look to Active Directory to poll what their Home Drive is. Next the script converts the backwards slashes “\” (used in the Windows World) to forward slashes “/” (Unix World) then mounts the drive. 

I’ve been testing this on a number of stations and now have it deployed out to some of our labs. 

If you want to use this script you need to make sure you go into “Directory Utility” and un-check “Use UNC path from Active Directory” since we no longer need this and now relying on this AppleScript to do the work.

In the script provided you will need to change “DOMAIN” to your campus domain. For an example our college it’s just “CAMPUS”.

Here’s the script below to use or feel free to download it:

Download http://twistedmac.com/mount_aduser_home_drives.zip

 

 

 

set username to do shell script “whoami”

set homepath to do shell script “dscl ‘/Active Directory/DOMAIN/All Domains/’ -read /Users/” & username & ” | grep SMBHome: | cut -c 10- | sed ‘s/\\\\/\\//g’ “

tell application “Finder”

       try

            mount volume “SMB:” & homepath

      end try

end tell

 

 

When I have the free time I want to convert this into a .plist script to use with launch daemon instead of relying on an app in the login items to make it a little cleaner. Until then this will do the trick and something that I’ve been looking into for some time now without success. 

Hope this helps out others that have been looking for a similar solution.

 

Posted by admin on

Deep Freeze Alternative for Mac

Deep Freeze Alternative for Mac

For comments and questions please visit the edugeek forum here http://www.edugeek.net/forums/mac/154805-deep-freeze-alternative-mac.html#post1326919

This past year I’ve been looking to step away from using Faronics Deep Freeze and find an alternative that will handle a similar task of cleaning the user profiles after a restart, set time or day of the week. Sure Deep Freeze has a lot of benifits but we wanted to look into a cheaper solution. For the past few months I’ve been running this setup in our busiest area at our campus (our student commons) and it has been working great.

 

Why do we need it?
In the run of a day or week we can have countless users logging into a mac desktop using Active Directory credentials and over time the user profiles can eat away at the HD space. That said your average user is browsing the net and so their user profile may only be a small percentage but mixed in with users that dump files onto the desktop or other areas this space can build up fast. This is where Deep Freeze came into play. Deep Freeze would clean up the computer after a restart or set schedule to help keep the comptuer HD clear of un wanted files.

 

What do these scripts do?
With the below scripts in place they essentialy remove any unwanted users. By default the script is set to remove all users except for the “Administrator” & “Shared” user. All other users will be removed. This can be adjusted easily to add other local users. The script included is set to run at 3:30am every Saturday morning. We went with this since most computers are sitting with a 1TB HD and we do not expect computer to fill up that quick. Having it set to a week also gives users a grace period for their files. If they forget to copy/backup files one day they will still be there the next day (unless it’s the next day that the scipt is set to run). The other benifit is that if there is a power bump their files will still be located on the computer once it is turned back on.

 

How do these scripts work?
There are three files as listed below. #1 is the launchd file that will run on schedule to run to run the primary script that does the work. File #1 is the file you can edit to adjust the time or day you wish to have the script run. ** Keep in mind, if you make changes after the script is deployed you will want to make sure you unload the .plist file and then reload the updated file.

File #2 is the actual script that does thew work to remove the users. There arre two main steps. The first step will remove all uses except for “Administrator” & “Shared”. The second step dumps the files located in /private/var/folders/*. This folder contains cache files from the users that have logged in. We do not want to remove the fodler itself, just the contents.

 File #3 is a simple command script that loads file #1. We use deploy studio for deployment so having this as part of the workflow just loads #1 script so we do not need to send out the command over ARD or manually. 

 

Download 
To get started you will need to download the needed files which are found here http://twistedmac.com/mactech_cleanusers.zip

 

How to use these files using Deploy Studio 

On your Deploy Studio server go to your “DeployStudio” shares. This folder is normally at the root of your HD as the shares folder for Deploy Studio. (This can also be named something else or located elsewhere but most often this is the name and location. In the “Files” folder you need to copy the first two files “com.mactech.cleanusers.plist” & “delete_non_admins.sh”. Next go to the scripts folder and copy the ”load_cleanusers.command” file to this location.

From here open up the “DeployStudio Admin” application. For deployment you need to add these files into a workflow and run these files during post ghost. 

To add the two files “com.mactech.cleanusers.plist” & “delete_non_admins.sh” you need to add “File Copy” into your workflow twice as seen in this image.

filecopy

 

Since we already added the need files you just need to choose the “File” dropdown menu and pick the files as you can see in these images. As seen in the images you want to make sure each file is placed into the correct location. “com.mactech.cleanusers.plist” will be copied to “/Library/LaunchDaemons” & “delete_non_admins.sh” will be copied to “Library/Scripts”. Also make sure you “Automate” these tasks.

filecopy3

 

 

filecopy2

 

The next step in the workflow is to add “Generic”. With this step in the workflow select the “Command” dropdown menu and choose “load_cleanusers.command”. Make sure you check off “Postponed execution” & “Automate”.

generic

 

 

generic2

 

From here the script will be loaded when the computer finishes post ghost.

The script by default that’s included is set to wipe all users except for the “Administrator” & the “Shared” user. If you have other users that you want keep on the system you can alter the “delete_non_admins.sh” script to reflect users you want to keep on the computer. You wouldn’t normally install this on laptops or individual computers but if you do make sure this script reflects the users that need their profiles keep.

As this script sits it is set to wipe the other users every Saturday Morning at 3:30am. You can easily change this by opening the “com.mactech.cleanusers.plist” file and adjusting the “StartCalendarInterval”.

Hope this helps those out that are looking for a DF alternative.

Carter