Solved

Storing Windows domain credentials in Mac OS X Keychain

Posted on 2013-06-14
10
830 Views
Last Modified: 2014-06-06
Hi there:

We have a Windows 2008 R2 domain, mainly PC workstations, but Mac OS X clients too.

When connecting to smb:// shares from Mac it always asks for Windows credentials and has the option to save them in keychain.

However it always asks for the credentials every time I connect to the same device, which is always time consuming and annoying. Would be great if the credentials were actually persistent in the keychain.

Anyone have any ideas? Would save some valuable time!

Thanks

BH
0
Comment
Question by:butterhook
10 Comments
 
LVL 7

Expert Comment

by:PaulNSW
ID: 39247242
Have you tried running the KeyChain first aid?

Utilities ->KeyChain Access
0
 
LVL 1

Author Comment

by:butterhook
ID: 39247694
Thanks - will have a look!
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39248960
If the first aid doesn't help. Look in the keychain if there is an entry for the share. If there is, delete it and try again.

On ML i've seen this a couple of times. That why I create scripts to mount the shares with the users credentials. You can create an AppleScript to ask for the Share he wants and then enter his credentials, so he can reuse the AppleScript to create more script to mount his shares.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 1

Author Comment

by:butterhook
ID: 39249694
Thanks Xa - Do you have any example AppleScripts or a link to a place that indicates how to create them?
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249778
Hi Butter,

I can give you one. I'll post it for an smb share and afp share when I'm in front of my Mac :) will be within a couple of minutes or so.
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249803
set x to POSIX file ((POSIX path of (path to me)))
set x to x & "Contents:Resources:Scripts:"

--display dialog (x as text) & "run_share.sh"
--display dialog FileExists((x as text) & "run_share.sh")

if FileExists((x as text) & "run_share.sh") then
      --set mypath to POSIX file ((POSIX path of (path to me)) & "/..")
      set mypath to POSIX file ((POSIX path of (path to me)))
      set mypath to POSIX path of the mypath
      set mypath to get replaceText(" ", "\\ ", mypath)
      --set mypath to get replaceText("/main.scpt/..", "", mypath)
      
      set mypath to mypath & "Contents/Resources/Scripts/"
      --display dialog mypath
      
      do shell script mypath & "run_share.sh"
else
      set mypath to POSIX file ((POSIX path of (path to me)))
      set mypath to POSIX path of the mypath
      set mypath to get replaceText(" ", "\\ ", mypath)
      set mypath to mypath & "Contents/Resources/Scripts/"
      
      set displayString_server to "Please input the Servername/IP"
      set defaultAnswer_server to ""
      set response_server to display dialog displayString_server default answer defaultAnswer_server
      
      set displayString_share to "Please input the share name"
      set defaultAnswer_share to ""
      set response_share to display dialog displayString_share default answer defaultAnswer_share
      
      set displayString_username to "Please your username off the fileserver"
      set defaultAnswer_username to ""
      set response_username to display dialog displayString_username default answer defaultAnswer_username
      
      set displayString_password to "Please input your password off the fileserver"
      set defaultAnswer_password to ""
      set response_password to display dialog displayString_password default answer defaultAnswer_password
      
      
      set command to "echo 'mkdir /Volumes/" & (the text returned of response_share) & "
mount_smbfs //" & (the text returned of response_username) & ":" & (the text returned of response_password) & "@" & (the text returned of response_server) & "/" & (the text returned of response_share) & " /Volumes/" & (the text returned of response_share) & " ' >> " & mypath & "run_share.sh"
      do shell script command
      do shell script "chmod +x " & mypath & "run_share.sh"
      do shell script mypath & "run_share.sh"
end if

on replaceText(find, replace, subject)
      set prevTIDs to text item delimiters of AppleScript
      set text item delimiters of AppleScript to find
      set subject to text items of subject
      
      set text item delimiters of AppleScript to replace
      set subject to "" & subject
      set text item delimiters of AppleScript to prevTIDs
      
      return subject
end replaceText

on FileExists(theFile) -- (String) as Boolean
      tell application "System Events"
            if exists file theFile then
                  return true
            else
                  return false
            end if
      end tell
end FileExists

Past it in AppleScript editor and export it to a program. If you execute it, it will ask some questions and then it will mount the share. If you then dismount the share and rerun the program it will automaticly mount the share without asking questions.
0
 
LVL 13

Expert Comment

by:Xaelian
ID: 39249804
if you want to do this with an afp share. You just need to change the line of mount_smbfs to the afp equilavant :)
0
 
LVL 1

Author Comment

by:butterhook
ID: 39314269
Sorry - I haven't had chance to look at this. Will do so when I can.
0
 
LVL 1

Author Comment

by:butterhook
ID: 39623690
Hi Xaelian, I managed to save the script and run it etc. but it seems to be having trouble creating the .sh file. Something to do with paths... Any advice? Would be great to get this working.
0
 
LVL 9

Accepted Solution

by:
Tim Lapin earned 500 total points
ID: 39976548
I wrote a simple applescript which is run at login time, via the "login items" in the Users & Groups System Preferences.  It has to be set up AFTER the user has logged in and from his/her account.  Once done, it should work from then on.

It looks like this:

----
set user_name to (short user name of (system info))
try
      mount volume "smb://" & user_name & "@<server-name>/<path to share>/"
end try
----

where:  <server-name>  =  fully qualified domain name of the server.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question