Solved

Storing Windows domain credentials in Mac OS X Keychain

Posted on 2013-06-14
10
904 Views
Last Modified: 2014-06-06
Hi there:

We have a Windows 2008 R2 domain, mainly PC workstations, but Mac OS X clients too.

When connecting to smb:// shares from Mac it always asks for Windows credentials and has the option to save them in keychain.

However it always asks for the credentials every time I connect to the same device, which is always time consuming and annoying. Would be great if the credentials were actually persistent in the keychain.

Anyone have any ideas? Would save some valuable time!

Thanks

BH
0
Comment
Question by:butterhook
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 7

Expert Comment

by:PaulNSW
ID: 39247242
Have you tried running the KeyChain first aid?

Utilities ->KeyChain Access
0
 
LVL 1

Author Comment

by:butterhook
ID: 39247694
Thanks - will have a look!
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39248960
If the first aid doesn't help. Look in the keychain if there is an entry for the share. If there is, delete it and try again.

On ML i've seen this a couple of times. That why I create scripts to mount the shares with the users credentials. You can create an AppleScript to ask for the Share he wants and then enter his credentials, so he can reuse the AppleScript to create more script to mount his shares.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:butterhook
ID: 39249694
Thanks Xa - Do you have any example AppleScripts or a link to a place that indicates how to create them?
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249778
Hi Butter,

I can give you one. I'll post it for an smb share and afp share when I'm in front of my Mac :) will be within a couple of minutes or so.
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249803
set x to POSIX file ((POSIX path of (path to me)))
set x to x & "Contents:Resources:Scripts:"

--display dialog (x as text) & "run_share.sh"
--display dialog FileExists((x as text) & "run_share.sh")

if FileExists((x as text) & "run_share.sh") then
      --set mypath to POSIX file ((POSIX path of (path to me)) & "/..")
      set mypath to POSIX file ((POSIX path of (path to me)))
      set mypath to POSIX path of the mypath
      set mypath to get replaceText(" ", "\\ ", mypath)
      --set mypath to get replaceText("/main.scpt/..", "", mypath)
      
      set mypath to mypath & "Contents/Resources/Scripts/"
      --display dialog mypath
      
      do shell script mypath & "run_share.sh"
else
      set mypath to POSIX file ((POSIX path of (path to me)))
      set mypath to POSIX path of the mypath
      set mypath to get replaceText(" ", "\\ ", mypath)
      set mypath to mypath & "Contents/Resources/Scripts/"
      
      set displayString_server to "Please input the Servername/IP"
      set defaultAnswer_server to ""
      set response_server to display dialog displayString_server default answer defaultAnswer_server
      
      set displayString_share to "Please input the share name"
      set defaultAnswer_share to ""
      set response_share to display dialog displayString_share default answer defaultAnswer_share
      
      set displayString_username to "Please your username off the fileserver"
      set defaultAnswer_username to ""
      set response_username to display dialog displayString_username default answer defaultAnswer_username
      
      set displayString_password to "Please input your password off the fileserver"
      set defaultAnswer_password to ""
      set response_password to display dialog displayString_password default answer defaultAnswer_password
      
      
      set command to "echo 'mkdir /Volumes/" & (the text returned of response_share) & "
mount_smbfs //" & (the text returned of response_username) & ":" & (the text returned of response_password) & "@" & (the text returned of response_server) & "/" & (the text returned of response_share) & " /Volumes/" & (the text returned of response_share) & " ' >> " & mypath & "run_share.sh"
      do shell script command
      do shell script "chmod +x " & mypath & "run_share.sh"
      do shell script mypath & "run_share.sh"
end if

on replaceText(find, replace, subject)
      set prevTIDs to text item delimiters of AppleScript
      set text item delimiters of AppleScript to find
      set subject to text items of subject
      
      set text item delimiters of AppleScript to replace
      set subject to "" & subject
      set text item delimiters of AppleScript to prevTIDs
      
      return subject
end replaceText

on FileExists(theFile) -- (String) as Boolean
      tell application "System Events"
            if exists file theFile then
                  return true
            else
                  return false
            end if
      end tell
end FileExists

Past it in AppleScript editor and export it to a program. If you execute it, it will ask some questions and then it will mount the share. If you then dismount the share and rerun the program it will automaticly mount the share without asking questions.
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249804
if you want to do this with an afp share. You just need to change the line of mount_smbfs to the afp equilavant :)
0
 
LVL 1

Author Comment

by:butterhook
ID: 39314269
Sorry - I haven't had chance to look at this. Will do so when I can.
0
 
LVL 1

Author Comment

by:butterhook
ID: 39623690
Hi Xaelian, I managed to save the script and run it etc. but it seems to be having trouble creating the .sh file. Something to do with paths... Any advice? Would be great to get this working.
0
 
LVL 9

Accepted Solution

by:
Tim Lapin earned 500 total points
ID: 39976548
I wrote a simple applescript which is run at login time, via the "login items" in the Users & Groups System Preferences.  It has to be set up AFTER the user has logged in and from his/her account.  Once done, it should work from then on.

It looks like this:

----
set user_name to (short user name of (system info))
try
      mount volume "smb://" & user_name & "@<server-name>/<path to share>/"
end try
----

where:  <server-name>  =  fully qualified domain name of the server.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question