[MacTUG] OD Augmented Users with custom home path
Dani Roloson
daroloso at mfcf.math.uwaterloo.ca
Mon Nov 1 11:14:03 EDT 2010
Jim Johnston was able to get the OD Augumented AD accounts
to mount custom home path from NetApp appliance without toggling UNCpath
by adding the following:
The long and short of it:
- There is a Kerb negotiation with AD that does NOT
occur if we're using AD + OD w/ useuncpath disable
Here is a workaround:
-rw-r--r-- 1 root wheel 451 Oct 25 12:06 /System/Library/LaunchDaemons/ca.uwaterloo.TriggerADKerbWhenUsingOD.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>ca.uwaterloo.TriggerADKerbWhenUsingOD</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/TriggerADKerbWhenUsingOD</string>
</array>
<key>HopefullyExitsLast</key>
<true/>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
-rwxr--r-- 1 root staff 607 Oct 25 12:09 /usr/sbin/TriggerADKerbWhenUsingOD
#!/bin/csh -fb
set OF=/tmp/TriggerADKerbWhenUsingOD.log
while ( `ps axww | grep loginwindow | grep -v grep | wc -l` == 0 )
echo ==== $0 - no loginwindow daemon yet - sleeping 3 seconds >> $OF
sleep 3
end
echo ==== $0 loginwindow is running -- sleeping 40 seconds to stabilize >> $OF
sleep 40
echo ==== $0 -- enabling UNCpath >> $OF
dsconfigad -useuncpath enable >> $OF
echo ==== $0 -- Arbitrary lookup of known AD User >> $OF
dscl '/Active Directory/All Domains' read Users/fixmac > /dev/null
echo ==== $0 -- disabling UNCpath >> $OF
dsconfigad -useuncpath disable >> $OF
echo ==== $0 all done >> $OF
More information about the MacTUG
mailing list