We’ve all had that age old problem of trying to mount a network drive within an Active Directory environment, but if you map via the standard Finder you expose the user to the root of the mounted folder, which in turn could cause a very unhappy Information Security manager!

There is a way to restrict the network folder to just the folder the user requires, you can do this by making a directory on the fly and mounting the network share in a location within the folder using the mount_smbfs command:

For example:

try
    do shell script "mkdir /Volumes/DRIVELETTER"

end try

try
    do shell script "mount -t smbfs //firstname.lastname:*userspassword*@serveraddress/folder$/folderA/folderB/folderC /Volumes/DRIVELETTER"

end try

Once you’ve modified your AppleScript to the User you can make the script executable and read-only not revealing any passwords and not allowing modifications and place this as a LoginItem for when the User logs into the Mac.

On the sad note: When the User’s Active Directory password expires, you’ll just have to modify the AppleScript once more.

If you have any questions, drop a comment below or if you can improve it i’d be more than happy to have a look.