Commit fdc38f88 authored by Peter NORTHUP's avatar Peter NORTHUP

Remove admin/user script versions, and mount-on-login agent. Adds c4504...

Remove admin/user script versions, and mount-on-login agent. Adds c4504 driver. Renames Share command, makes link on Desktop. Sources subscripts.
parent e8481a4a
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.user.loginscript</string>
<key>Program</key>
<string>/Users/Shared/mac-scripts/mountist.sh</string>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
#!/bin/sh
# Set up a fresh Macbook for IST. Run with sudo!
# run from /Users/Shared/mac-scripts
# note: slow login may be helped by putting IPs of domain controllers: DC1, W1521003, W1521007
echo "Are you running this from the administrator account, with sudo? If not, cancel now..."
function enter_yesno {
while true ; do
echo -n "${1} (Y/N)? " 1>&2
read -n 1 reply
echo
case "$reply" in
Y*|y*) return 0 ;;
N*|n*) return 1 ;;
esac
echo "Invalid input, try again ..." 1>&2
done
}
# hostname = "USER INPUT"
read -p "Enter hostname (e.g. 'mnadmn001'): " hostname
# username = "USER INPUT"
read -p "Enter future username: " username
# admuser = "USER INPUT"
read -p "Enter your AD admin username: " admuser
# admgroup = "USER INPUT"
read -p "Enter an AD group that should have admin access, if any (besides Domain Admins) - e.g. 'itgrp': " admgroup
# printer = "USER INPUT"
# read -p "Enter the building and floor, for default printer selection, if any. E.g. 'i21.eg' for Office West Ground Floor: " printer
# change computer name
scutil --set HostName $hostname
scutil --set LocalHostName $hostname
scutil --set ComputerName $hostname
# install xcode command line tools; probably already installed
xcode-select --install
# update everything
softwareupdate --install --all
# join to domain
dsconfigad -add IST.LOCAL -computer "`hostname -s`" -mobile enable -sharepoint disable -mobileconfirm disable -username $admuser -ou "OU=MacClients,OU=_IST_AUSTRIA,DC=ist,DC=local"
# set to fullname / password login window
defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool TRUE
# enable SSH
systemsetup -setremotelogin on
# dsconfigad -remove IST.LOCAL -computer "`hostname -s`" -username $admuser
# add domain admins to admin
dsconfigad -groups "Domain Admins"
# add user to admin
echo "When it asks for 'user password', give the password of the account you are using now to run the script.\n"
dseditgroup -o edit -n /Local/Default -u `whoami` -p -a "IST\\$username" -t user admin
# set scripts as executable
chmod 755 com.user.loginscript.plist mountist.sh mac_install_printers.sh
# root needs to own all-user LaunchAgents
chown root com.user.loginscript.plist
# loginscript.plist runs mountist.sh for all users on login
cp com.user.loginscript.plist /Library/LaunchAgents/com.user.loginscript.plist
# download, install browser certificates / istwlan cert
curl -O https://git.ist.ac.at/support/software/raw/master/IST.CA.CRT.pem
curl -O https://git.ist.ac.at/support/software/raw/master/IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST.CA.CRT.pem
rm IST.CA.CRT.pem
rm IST-Austria-Root-CA01.crt
# download, install OCS
# waiting on Thomas to update this
# download, install Tunnelblick - install config files?
curl -O https://git.ist.ac.at/support/software/raw/master/Tunnelblick.app.zip
unzip Tunnelblick.app.zip > /dev/null
mv Tunnelblick.app /Applications
rm Tunnelblick.app.zip
# download, install SeaFile
curl -O https://git.ist.ac.at/support/software/raw/master/Seafile.app.zip
unzip Seafile.app.zip > /dev/null
mv Seafile\ Client.app /Applications
rm Seafile.app.zip
# download, install MacPass
curl -O https://git.ist.ac.at/support/software/raw/master/MacPass.zip
unzip MacPass.zip > /dev/null
mv MacPass.app /Applications
rm MacPass.zip
# download printers, install
# when domain-joined adding printers is easy
if enter_yesno "Install printers?"
then
./mac_install_printers.sh
fi
if enter_yesno "Install common programs?"
then
./install-common-programs.sh
fi
......@@ -2,7 +2,7 @@
# Set up a fresh Macbook for IST. Run with sudo!
# run from /Users/Shared/mac-scripts
# note: slow login may be helped by putting IPs of domain controllers: DC1, W1521003, W1521007
echo "Are you running this with sudo from ~? If not, cancel now..."
echo "Are you running this with sudo? If not, cancel now..."
function enter_yesno {
while true ; do
......@@ -17,6 +17,9 @@ function enter_yesno {
done
}
# make sure we are in ~/.mac-scripts
mv `pwd` ~/.mac-scripts && cd .
# hostname = "USER INPUT"
read -p "Enter hostname (e.g. 'mnadmn001'): " hostname
# username = "USER INPUT"
......@@ -76,10 +79,10 @@ rm MacPass.zip
# when domain-joined adding printers is easy
if enter_yesno "Install printers?"
then
./mac_install_printers.sh
. ./mac_install_printers.sh
fi
if enter_yesno "Install common programs?"
then
./install-common-programs.sh
. ./install-common-programs.sh
fi
#!/bin/sh
# Set up a fresh Macbook for IST. Run with sudo!
# run from /Users/Shared/mac-scripts
# note: slow login may be helped by putting IPs of domain controllers: DC1, W1521003, W1521007
echo "Are you running this from the future user's account? If not, cancel now..."
function enter_yesno {
while true ; do
echo -n "${1} (Y/N)? " 1>&2
read -n 1 reply
echo
case "$reply" in
Y*|y*) return 0 ;;
N*|n*) return 1 ;;
esac
echo "Invalid input, try again ..." 1>&2
done
}
# hostname = "USER INPUT"
read -p "Enter hostname (e.g. 'mnadmn001'): " hostname
# username = "USER INPUT"
read -p "Enter future username: " username
# admuser = "USER INPUT"
read -p "Enter your AD admin username: " admuser
# admgroup = "USER INPUT"
read -p "Enter an AD group that should have admin access, if any (besides Domain Admins) - e.g. 'itgrp': " admgroup
# printer = "USER INPUT"
# read -p "Enter the building and floor, for default printer selection, if any. E.g. 'i21.eg' for Office West Ground Floor: " printer
# set scripts as executable
chmod 755 com.user.loginscript.plist mountist.sh mac_install_printers.sh
# root needs to own all-user LaunchAgents
chown root com.user.loginscript.plist
# loginscript.plist runs mountist.sh for all users on login
cp com.user.loginscript.plist /Library/LaunchAgents/com.user.loginscript.plist
# download, install browser certificates / istwlan cert
curl -O https://git.ist.ac.at/support/software/raw/master/IST.CA.CRT.pem
curl -O https://git.ist.ac.at/support/software/raw/master/IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST.CA.CRT.pem
rm IST.CA.CRT.pem
rm IST-Austria-Root-CA01.crt
# download, install OCS
# waiting on Thomas to update this
# download, install Tunnelblick - install config files?
curl -O https://git.ist.ac.at/support/software/raw/master/Tunnelblick.app.zip
unzip Tunnelblick.app.zip > /dev/null
mv Tunnelblick.app /Applications
rm Tunnelblick.app.zip
# download, install SeaFile
curl -O https://git.ist.ac.at/support/software/raw/master/Seafile.app.zip
unzip Seafile.app.zip > /dev/null
mv Seafile\ Client.app /Applications
rm Seafile.app.zip
# download, install MacPass
curl -O https://git.ist.ac.at/support/software/raw/master/MacPass.zip
unzip MacPass.zip > /dev/null
mv MacPass.app /Applications
rm MacPass.zip
# download printers, install
# when domain-joined adding printers is easy
if enter_yesno "Install printers?"
then
./mac_install_printers.sh
fi
if enter_yesno "Install common programs?"
then
./install-common-programs.sh
fi
......@@ -10,11 +10,11 @@ c4502unzip=${c4502finisher%.gz}
c4503path='/Library/Printers/PPDs/Contents/Resources/RICOH MP C4503.gz'
c4503finisher=${c4503path%.gz}\ Finisher.gz
c4503unzip=${c4503finisher%.gz}
c4504path='/Library/Printers/PPDs/Contents/Resources/RICOH MP C4504.gz'
c4504finisher=${c4504path%.gz}\ Finisher.gz
c4504unzip=${c4504finisher%.gz}
c4504path='/Library/Printers/PPDs/Contents/Resources/SAVIN MP C4504'
c4504finisher=${c4504path}
c4504unzip=${c4504finisher}
if [ ! -f "$c4502path" ] || [ ! -f "$c4503path" ];
if [ ! -f "$c4502path" ] || [ ! -f "$c4503path" ] || [ ! -f "$c4504path" ];
then
# Check osx version and if Snow Leopard or less don't use dfs
# macversion=`sw_vers -productVersion | cut -d "." -f 2`
......@@ -25,6 +25,7 @@ then
# fi
# Download the printer files for Mac
curl -o ~/ricoh.pkg https://git.ist.ac.at/support/software/raw/master/ricoh-printer-drivers.pkg > /dev/null 2>&1
curl -o ~/ricoh-c4504.pkg https://git.ist.ac.at/support/software/raw/master/ricoh-c4504.pkg > /dev/null 2>&1
# If fails it probably means that the network is not connected and send an error message to the user.
if [ ! $? == 0 ];
then
......@@ -48,7 +49,10 @@ if [ -f ~/ricoh.pkg ];
then
sudo -S installer -pkg ~/ricoh.pkg -target / > /dev/null 2>&1
fi
if [ -f ~/ricoh-c4504.pkg ];
then
sudo -S installer -pkg ~/ricoh-c4504.pkg -target / > /dev/null 2>&1
fi
# Verify that we have a special driver with the options
# finisher SR3110 (FinEUPHRATESFBK) for c4502a
# DefaultOptionTray -> 2Cassette (lower paper trays)
......@@ -76,6 +80,7 @@ fi
# Verify that we have a special driver with the options
# finisher SR3150 (FinAMURBK) for c4504
# DefaultOptionTray -> 2Cassette (lower paper trays)
# NOT YET WORKING
if [ ! -f "$c4504finisher" ];
then
sudo cp -p "$c4504path" "$c4504finisher"
......@@ -106,3 +111,4 @@ sudo lpadmin -p printer-I21-o3 -D "Office Building West 3rd floor" -L "Office Bu
sudo lpadmin -p printer-I21-bt2-o2 -D "Lab Building West 2nd floor" -L "Lab Building West 2nd floor" -E -v socket://p2117102.ista.local:9100 -P "$c4503finisher" -o printer-is-shared=false
rm -f ~/ricoh.pkg
rm -f ~/ricoh-c4504.pkg
......@@ -115,5 +115,7 @@ fi
# Replace the imount script if it is not the current one
# curl -o $IMOUNT_COMMAND http://script.ista.local/mac/$IMOUNT > $LOG_FILE 2>&1
# chmod +x $IMOUNT_COMMAND
cd /Users/Shared/mac-scripts && git pull
cd $HOME/.mac-scripts && git pull
rm "$DESKTOP/Mount IST Shares"
ln -s $HOME/.mac-scripts/mount-shares.command "$DESKTOP/Mount IST Shares"
sleep 2
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment