Last active
April 9, 2016 20:47
-
-
Save Chalcahuite/7864b667afa93e7c32dc to your computer and use it in GitHub Desktop.
script to configure My Documents shares in Enterprise Connect.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# configureMyDocs.sh | |
# script to configure My Documents shares in Enterprise Connect if Mac is joined to domain. | |
# ©2015 by Sergio Aviles All rights reserved. | |
# version 1.0 2015-10-09 | |
#Define Logging | |
log_location="/Library/Logs/ces.log" | |
ScriptLogging() | |
{ | |
DATE=$(date +%Y-%m-%d\ %H:%M:%S) | |
LOG="$log_location" | |
echo "$DATE" " $1" >> $LOG | |
echo "$DATE" " $1" | |
} | |
ScriptLogging "----------Configuring My Documents shares for Enterprise Connect-----------" | |
##Variables | |
serial=$(ioreg -l | awk '/IOPlatformSerialNumber/ { print $4}' | tr -d '"') | |
apiun="APIUserName" | |
apipw=$4 | |
jssurl="https://jss.domain.com:8443" | |
EAID=131 | |
share="" | |
mdPath="" | |
domain="" | |
myDocs="My Documents" | |
if [[ ! $3 ]]; then | |
user=$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "\n");') | |
ScriptLogging "Found user $user." | |
else | |
user=$3 | |
ScriptLogging "Found user $user." | |
fi | |
if [[ ! $4 ]]; then | |
ScriptLogging "No API password passed. Aborting." | |
exit 1 | |
else | |
apipw=$4 | |
fi | |
#Define arrays that list departments to match user shares. | |
declare -a USERSHARE1=("Department 01" "Department 02" "Department 03") | |
declare -a USERSHARE2=("Department 04" "Department 05" "Department 06" "Department 07" "Department 08" "Department 09" "Department 10" "Department 11" "Department 12" "Department 13") | |
declare -a USERSHARE3=("Department 14" "Department 15" "Department 16" "Department 17" "Department 18" "Department 19" "Department 20") | |
declare -a USERSHARE4=("Department 21" "Department 22" "Department 23" "Department 24" "Department 25") | |
declare -a USERSHARE5=("Department 26" "Department 27" "Department 28" "Department 29" "Department 30" "Department 31") | |
declare -a USERSHARE6=("Department 32" "Department 33" "Department 34" "Department 35" "Department 36") | |
declare -a USERSHARE7=("Department 37" "Department 38" "Department 39" "Department 40" "Department 41" "Department 42") | |
##Functions | |
# get logged in user id | |
getuserID() | |
{ | |
UserID=$(dscl . read /Users/"$user" UniqueID | awk '$2 > 1000 {print $2}') | |
#echo $UserID | |
if [[ ${UserID} -gt 1000 ]];then | |
ScriptLogging "Network user detected. Proceeding." | |
else | |
ScriptLogging "$user is not a network user. Prompting for network user login." | |
user=$(osascript -e 'Tell application "System Events" to display dialog "Please enter a network user login" default answer "" with title "Enter NTlogin" with text buttons {"OK"} default button 1' -e 'text returned of result') | |
ScriptLogging "Entered user $user." | |
fi | |
} | |
# Get domain | |
# if Mac is joined to domain check that first, then see if it's in the JSS, prompt user for input if not. | |
getDomain() | |
{ | |
if [[ ${domain} = "" ]]; then | |
domain=$(dsconfigad -show | awk '/Active Directory Domain/ {print $5}' | sed 's/\./ /g' | awk ' {print $1}') | |
ScriptLogging "Joined domain is: $domain." | |
elif [[ ${domain} = "" ]]; then | |
ea=$(curl -k -u "$apiun":"$apipw" "$jssurl"/JSSResource/computers/serialnumber/"$serial"/subadd/extension_attributes) | |
domain=$(echo "$ea" | xpath "//*[id=$EAID]/value/text()" 2>/dev/null | awk -F/ '{ print $2 }') | |
ScriptLogging "Joined domain is: $domain." | |
else | |
ScriptLogging "Prompting user for domain info." | |
domain=$(osascript -e 'Tell application "System Events" to display dialog "Please enter a domain" with title "Choose Domain" with text buttons {"Domain1","Domain2"} default button 1' -e 'button returned of result') | |
ScriptLogging "Chosen domain is: $domain." | |
fi | |
} | |
#Get department memberships | |
getDept() | |
{ | |
if [[ ${domain} = "Domain1" ]]; then | |
ScriptLogging "Determining department memberships." | |
memberOf=$(dscl /Active\ Directory/Domain1/All\ Domains read /Users/"$user" dsAttrTypeNative:memberOf | awk -F= ' /OU=Department/ { print $2}' | sed 's/,OU//') | |
#echo "$memberOf" > /private/tmp/deptList.txt | |
ScriptLogging "User $user is a member of $memberOf." | |
elif [[ ${domain} = "Domain2" ]]; then | |
ScriptLogging "Determining department memberships." | |
memberOf=$(dscl /Active\ Directory/Domain2/All\ Domains read /Users/"$user" dsAttrTypeNative:memberOf | awk -F= ' /OU=Department/ { print $2}' | sed 's/,OU//') | |
#echo "$memberOf" > /private/tmp/deptList.txt | |
ScriptLogging "User $user is a member of $memberOf." | |
else | |
ScriptLogging "No department membership info available. Skipping." | |
fi | |
declare -a dept=( "$memberOf" ) | |
} | |
#determine path of user's MyDocuments to test if exists. | |
findShare() | |
{ | |
mdpath=() | |
if [[ "$domain" = "Domain1" ]]; then | |
for udept in ${USERSHARE1[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share1" | |
share="USR-SHARE1" | |
mdpath[0]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE2[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share2" | |
share="USR-SHARE2" | |
mdpath[1]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE3[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share3" | |
share="USR-SHARE3" | |
mdpath[2]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE4[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share4" | |
share="USR-SHARE4" | |
mdpath[3]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE5[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share5" | |
share="USR-SHARE5" | |
mdpath[4]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE6[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share6" | |
share="USR-SHARE6" | |
mdpath[5]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
for udept in ${USERSHARE7[*]}; do | |
if [[ "$udept" = *"${dept[*]}"* ]]; then | |
#ScriptLogging "Share is USR-Share7" | |
share="USR-SHARE7" | |
mdpath[6]="Domain1.forest.com/dfsshare/$share/$user" | |
fi | |
done | |
elif [[ "$domain" = "Domain2" ]]; then | |
share="USR-SHARE" | |
mdpath[0]="Domain1.forest.com/dfsshare/$share/$user/" | |
fi | |
} | |
#define mount command to test if a users's My Documents exists. | |
mountMyDocs() | |
{ | |
for Path in ${mdpath[*]}; do | |
ScriptLogging "Testing $Path/$myDocs." | |
osascript -e "try" -e "mount volume \"smb://$user@$Path/$myDocs\"" -e "end try" | |
if [[ $? = 0 ]]; then | |
myDocsPath="$Path/$myDocs" | |
ScriptLogging "Found My Documents at $myDocsPath for $user." | |
break | |
fi | |
done | |
} | |
existsMyDocs() | |
{ | |
if [[ "$domain" = "Domain1" ]]; then | |
mountMyDocs | |
ScriptLogging "Testing to see if $mdPath exists for $user." | |
elif [[ "$domain" = "Domain2" ]]; then | |
mountMyDocs | |
ScriptLogging "Testing to see if $mdPath exists for $user." | |
fi | |
} | |
verifyMyDocs() | |
{ | |
if [[ "$myDocsPath" = "" ]]; then | |
ScriptLogging "No My Documents exists for this user. Aborting." | |
exit 0 | |
else | |
ScriptLogging "Found a My Documents for this user. Proceeding." | |
fi | |
} | |
# add My Docs shares for Domain1 domain | |
addMyDocs() | |
{ | |
if [[ "$myDocsPath" != "" ]]; then | |
/usr/libexec/PlistBuddy -c "add :shares:dict:path string smb://$mdpath" /Users/"$user"/Library/Preferences/com.apple.Enterprise-Connect.plist | |
ScriptLogging "Adding My Documents drive for $user." | |
else | |
ScriptLogging "No drives available to map for $user." | |
fi | |
} | |
#Fix permissions and relaunch cfprefsd | |
cleanup() | |
{ | |
#fix permissions | |
chown -R "$user" /Users/"$user"/Library/Preferences/com.apple.Enterprise-Connect.plist | |
ScriptLogging "Fixing permissions." | |
#refresh cfprefsd | |
killall cfprefsd | |
ScriptLogging "relaunching cfprefsd." | |
#unmount MyDocs if mounted. | |
osascript -e 'tell application "Finder" to eject (every disk whose ejectable is true)' | |
} | |
##Execute | |
getuserID | |
getDomain | |
getDept | |
findShare | |
mountMyDocs | |
existsMyDocs | |
verifyMyDocs | |
addMyDocs | |
cleanup | |
ScriptLogging "-----END-----" | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment