Starting with NoMAD v. 1.1, you can configure NoMAD to show users a collection of shares. This menu is configured via an additional configuration file, menu.nomad.shares.plist. This plist file can be rather complex, as you may be tempted to provided a number of shares, and then break out each share for only certain groups and then add variable substitution as well. Thus, we’d caution you to test this first before pushing it out to production.
The preference domain is menu.nomad.shares. You can place an xml version of the file in ~/Library/Preferences/menu.nomad.shares.plist for testing purposes, although for long-term use it’s highly recommended to push this out via a configuration profile.
There are 3 top-level objects in the file.
Note: the use of [ ] around an object types denotes an array of that type of object.
1. Version – This is the version number of the file format. Currently, the only version is 1.
2. HomeMount – This is a dictionary of attributes for scenarios where the user’s home profile should be mounted:
Groups – [String] – Only mount the home for members of these AD groups.
Mount – Bool – Mount automatically or not.
Options – [String] – Array of mount options defined below.
3. Shares – [Dictionary] – An array of dictionaries with each dictionary defining a mount point and associated attributes. The contents of each dictionary are as follows:
AutoMount – Bool – Is the share automatically mounted.
ConnectedOnly – Bool – Is the share only mounted when on the AD domain.
Groups – [String] – An array of AD group names. This share will only auto-mount for members of that group.
LocalMount – String – A local mount point.
Name – String – The name of the share as it will appear in the NoMAD menu item.
Options – [String] – Array of mount options defined below.
URL – String – The actual URL of the mount point in the form of “smb://dc1.nomad.test/Homes”.
First off, huge thanks to @frogor for figuring these out. Note that most of these are probably neither very safe, nor useful. Please use at your own risk. The primary ones that most admins will care about are MNT_RDONLY, MNT_DONTBROWSE and MNT_NOEXEC.
"MNT_RDONLY" - Mounts the share read only
"MNT_SYNCHRONOUS" - All I/O to the file system should be done synchronously.
"MNT_NOEXEC" - Prohibts execution of code from the share
"MNT_NOSUID" - Do not allow set-user-identifier or set-group-identifier bits to take effect.
"MNT_NODEV" - Do not interpret character or block special devices on the file system.
"MNT_UNION" - Causes the namespace to appear as the union of directories of the mounted filesystem with corre-
sponding directories in the underlying filesystem.
"MNT_ASYNC" - All I/O to the file system should be done asynchronously.
"MNT_CPROTECT" -
"MNT_EXPORTED" - Filesystem is exported
"MNT_QUARANTINE" - File system is quarantined
"MNT_LOCAL" - File system is stored locally
"MNT_QUOTA" - Quotas are enabled
"MNT_ROOTFS" - Identifies the root filesystem
"MNT_DOVOLFS" - Filesystem supports volfs (deprecated flag in Mac OS X 10.5)
"MNT_DONTBROWSE" - Does not display the share in the Finder
"MNT_IGNORE_OWNERSHIP" - Ignore ownership information on file system objects
"MNT_AUTOMOUNTED" - Set flags on the mountpoint to indicate that the volume has been mounted by the automounter.
"MNT_JOURNALED" - Mount filesystem journaled
"MNT_NOUSERXATTR" - User extended attributes not allowed
"MNT_DEFWRITE" - Filesystem should defer writes
"MNT_MULTILABEL" - Support for individual labels
"MNT_NOATIME" - Do not update the file access time when reading from a file.
For the URLs, you can use variable substitution to allow for custom mounts without having to create even more XML. NoMAD understands <<domain>>, <<fullname>>,<<serial>>,<<shortname>>,<<upn>> and <<email>>.
Using any of these in a URL will swap out that variable for the corresponding value from the users’s AD account.
This is what you will see if viewing the file via the defaults command:
{ HomeMount = {
Groups = ( "Domain Users" );
Mount = false;
Options = ( );
};
Shares = (
{ AutoMount = false;
ConnectedOnly = true;
Groups = ( "Share Mounter Test" );
LocalMount = "";
Name = "File Server 2";
Options = ( );
URL = "smb://dc2.eng.nomad.test/Files";
},
{ AutoMount = true;
ConnectedOnly = true;
Groups = ( );
LocalMount = "";
Name = "Home Shares";
Options = ( );
URL = "smb://dc1.nomad.test/Homes";
},
);
Version = "1";
}
And here is an XML version of the same:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>HomeMount</key> <dict> <key>Groups</key> <array> <string>All</string> </array> <key>Mount</key> <true/> <key>Options</key> <array/> </dict> <key>Shares</key> <array> <dict> <key>AutoMount</key> <true/> <key>ConnectedOnly</key> <true/> <key>Groups</key> <array/> <key>LocalMount</key> <string></string> <key>Name</key> <string>DC1 files</string> <key>Options</key> <array/> <key>URL</key> <string>smb://dc1.nomad.test/Files</string> </dict> <dict> <key>AutoMount</key> <true/> <key>ConnectedOnly</key> <true/> <key>Groups</key> <array/> <key>LocalMount</key> <string></string> <key>Name</key> <string>Home Shares</string> <key>Options</key> <array/> <key>URL</key> <string>smb://dc1.nomad.test/Homes/<<shortname>></string> </dict> </array> <key>Version</key> <string>1</string> </dict> </plist>