LoginFileShareMounter.py

#!/usr/bin/python
#serial_number=2016082201
#serial above is yyyymmdd## for when the script is updated
import subprocess
import sys
from SystemConfiguration import SCDynamicStoreCopyConsoleUser

### From https://gist.github.com/pudquick/1362a8908be01e23041d
import objc, CoreFoundation, Foundation

class attrdict(dict): 
    __getattr__ = dict.__getitem__
    __setattr__ = dict.__setitem__

NetFS = attrdict()
# Can cheat and provide 'None' for the identifier, it'll just use frameworkPath instead
# scan_classes=False means only add the contents of this Framework
NetFS_bundle = objc.initFrameworkWrapper('NetFS', frameworkIdentifier=None, frameworkPath=objc.pathForFramework('NetFS.framework'), globals=NetFS, scan_classes=False)

# https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/ObjCRuntimeGuide/Articles/ocrtTypeEncodings.html
# Fix NetFSMountURLSync signature
del NetFS['NetFSMountURLSync']
objc.loadBundleFunctions(NetFS_bundle, NetFS, [('NetFSMountURLSync', 'i@@@@@@o^@')])

def mount_share(share_path):
    # Mounts a share at /Volumes, returns the mount point or raises an error
    sh_url = CoreFoundation.CFURLCreateWithString(None, share_path, None)
    # Set UI to reduced interaction
    open_options  = {NetFS.kNAUIOptionKey: NetFS.kNAUIOptionNoUI}
    # Allow mounting sub-directories of root shares
    mount_options = {NetFS.kNetFSAllowSubMountsKey: True}
    # Mount!
    result, output = NetFS.NetFSMountURLSync(sh_url, None, None, None, open_options, mount_options, None)
    # Check if it worked
    if result != 0:
         raise Exception('Error mounting url "%s": %s' % (share_path, output))
    # Return the mountpath
    return str(output[0])
    
# mount_share('afp://server.local/sharename')    
###   

# get the logged in users name
username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]];
#print username

# find what groups they are a part of
groupMembership = subprocess.check_output(['ldapsearch', '-LLL', '-Q', '-H', 'ldap://dc.my.domain.com', '-b', 'dc=my,dc=domain,dc=com', '(&(objectCategory=Person)(objectClass=User)(sAMAccountName={0}))'.format(username), 'memberOf', '2>/dev/null'])

# clean up the output of the ldapsearch to end up with a list of group names
memberOf = groupMembership.splitlines()
grouplist = [x for x in memberOf if x.startswith('memberOf')]
#print grouplist

# groupList is our list of groups with their full DN -> memberOf: CN=GROUP1,OU=Distribution Lists,OU=Exchange,OU=US,DC=MY,DC=DOMAIN'
# need to clean up the names
groups = []
for name in grouplist:
	groups.append((name.split(',')[0])[13:])

# groups is a list of just the names i.e. groups = ['GROUP1', '', 'GROUP2', 'GROUP3']

# everyone in AM should get
if 'Domain Users' in groups:
	mount_share('smb://SERVER1.my.domain.com/Americas')
	mount_share('smb://SERVER2.my.domain.com/Dept')

if 'Citrix' in groups:
    mount_share('smb://SERVER021.my.domain.com/REIBMF')
    
if 'CorpServ' in groups:
    mount_share('smb://SERVER1.my.domain.com/corpserv')
    
if 'GlobalSvc' in groups:
    mount_share('smb://SERVER1.my.domain.com/GlobalSvc')
    
if 'Hotels' in groups:
    mount_share('smb://SERVER1.my.domain.com/hotels')
    
if 'InvMgt' in groups:
    mount_share('smb://SERVER1.my.domain.com/invmgt')
    
if 'OOS' in groups:
    mount_share('smb://SERVER1.my.domain.com/oos') 
    
if 'GSTax' in groups:
    mount_share('smb://SERVER563.my.domain.com/DTTAX')
    
if 'L\#Orlando' in groups:
	mount_share('smb://SERVER064.my.domain.com/Apps')
	mount_share('smb://SERVER064.my.domain.com/PubShare')
	mount_share('smb://SERVER064.my.domain.com/PrivShare')

if 'L\#Amoco' in groups:
	mount_share('smb://SERVER006.my.domain.com/Apps')
	mount_share('smb://SERVER006.my.domain.com/pubshare')
	mount_share('smb://SERVER006.my.domain.com/privshare')