For 10.4 Tiger, it was a bit easier to do since the $1 variable always returned the username of the person logged in, so scripting that was fairly easy. Just have to create a small shell script and write it into the LoginHook. The script can be anywhere, just remember to make it executable; here is the script:

#!/bin/tcsh -f
 
if ( $1 != "admin" ) then
    if ( $1 != "default" ) then
      if ( $1 != "root" ) then
        set usrname = $1
        rm -rf /Users/$1
        /usr/bin/ditto -rsrcFork "/Library/Profiles/default" /Users/${usrname}
        /usr/sbin/chown -R ${usrname} /Users/$1
        mkdir /users/${usrname}/Desktop/"H Drive"
        chown -R ${usrname} /users/${usrname}/Desktop/"H Drive"
        mount_smbfs //${usrname}@Server1/${usrname}$ /users/${usrname}/Desktop/"H Drive"
        mkdir /users/${usrname}/Desktop/"W Drive"
        chown -R ${usrname} /users/${usrname}/Desktop/"W Drive"
        mount_smbfs //${usrname}@Server2/${usrname}$ /users/${usrname}/Desktop/"W Drive"
    endif
    endif
endif
exit 0

This script does the following:
  • If the person logging in is the local admin, the default profile, or root, then do nothing and just log them in
  • If it's a regular user, the username is set with the $1 variable, and any existing profile for that user is deleted (to keep the system clean)
  • We used the ditto command to copy a fresh version of the default profile so everyone sees the same thing on every login
  • We then set permissions on the profile and create folders to hold the mount point
  • Mount the smb shares with the current user's credentials and give ownership
  • Done

Then when the user logs out we have another small script written to the LogoutHook


#!/bin/tcsh -f
 
if ( $1 != "admin" ) then
    if ( $1 != "default" ) then
            if ( $1 != "root" ) then
        set usrname = $1
        umount /users/${usrname}/Desktop/"H Drive" && rm -rf /users/${usrname}/Desktop/"H Drive"
        umount /users/${usrname}/Desktop/"W Drive" && rm -rf /users/${usrname}/Desktop/"W Drive"
        endif
        endif
endif
exit 0

All this really does is unmounts the user's shares cleanly and deletes the mount point folders we had placed on the desktop for easy access.

Many thanks to Mike Bombich for his wonderful script examples, they really helped us along the way

--- brianmacpherson brianmacpherson Jan 28, 2009