IT Administrator Guide (MDM)
Deploying via Mobile Device Management (MDM)
Network Share Mounter is built for zero-touch deployment via solutions like Jamf Pro, Kandji, or Intune. You can centrally manage shares, enforce application settings, and deploy authentication setups using a standard macOS Configuration Profile.
Preference Domain: de.fau.rrze.NetworkShareMounter
1. The managedNetworkShares Array
The core of the payload is the managedNetworkShares array. Here you define the shares you want to mount for your users.
Note: You can use the %USERNAME% variable in paths, which will be automatically replaced with the current user’s macOS login name.
<key>managedNetworkShares</key>
<array>
<dict>
<key>networkShare</key>
<string>smb://fileserver.company.local/global</string>
<key>authType</key>
<string>krb</string> <!-- Use 'krb' for Kerberos or 'password' -->
<!-- NEW in V4: Centrally define the local mount point name -->
<key>mountPoint</key>
<string>Global-Company-Data</string>
</dict>
<dict>
<key>networkShare</key>
<string>smb://home.company.local/%USERNAME%</string>
<key>authType</key>
<string>password</string>
</dict>
</array>
(Note: The legacy networkShares array from version 2 is deprecated but still supported for backward compatibility).
2. Available Configuration Keys
Below is a comprehensive list of all available MDM keys you can deploy to configure the app’s behavior.
| Key | Type | Default | Description |
|---|---|---|---|
managedNetworkShares |
Array of Dict | - | Array containing dictionaries for each share (requires networkShare and authType, optionally mountPoint and username). |
autostart |
Boolean | false |
If true, the app will be launched automatically upon user login. |
canChangeAutostart |
Boolean | true |
If false, prevents the user from toggling the autostart option in preferences. |
canQuit |
Boolean | true |
If true, allows the user to exit the app via the menu bar. |
unmountOnExit |
Boolean | true |
If true, automatically unmounts managed shares when the app is quit. |
location |
String | /Volumes |
Path where network shares will be mounted. Leaving this blank to use the default is highly recommended. |
kerberosRealm |
String | - | Kerberos/AD Domain for user authentication (e.g., EXAMPLE.COM). Enables automatic AD/Kerberos ticket management. |
helpURL |
String | - | URL to your organization’s internal helpdesk or IT documentation. |
showMountsInMenu |
Boolean | true |
Lists mounted/unmounted shares directly in the menu bar for quick access. |
usernameOverride |
String | - | Overrides the %USERNAME% variable. Useful if the local Mac username differs from the AD/Network username. |
3. Menu Bar Customization
You can control exactly what the user sees in the menu bar. Use the following string keys and set their value to either hidden (removes the item completely) or disabled (grays the item out). If a key is not defined, the menu item is displayed normally.
menuConnectSharesmenuDisconnectSharesmenuShowSharesMountDirmenuShowSharesmenuSettingsmenuCheckUpdatesmenuAbout
Example Payload to hide settings and updates:
<key>menuSettings</key>
<string>hidden</string>
<key>menuCheckUpdates</key>
<string>hidden</string>
4. Software Update Management (Sparkle)
Network Share Mounter uses the Sparkle framework for self-updating. In enterprise environments, you usually want to disable this to manage updates via your MDM.
| Key | Type | Default | Description |
|---|---|---|---|
enableAutoUpdater |
Boolean | true |
Master switch for the update framework. Set to false to completely disable self-updates. |
SUEnableAutomaticChecks |
Boolean | true |
If enableAutoUpdater is true, this controls if the app actively searches for updates. |
SUAutomaticallyUpdate |
Boolean | true |
If true, downloads and installs updates automatically without prompting the user. |
Active Directory “SMBHome” Automounting
If your Macs are bound to an Active Directory domain, Network Share Mounter can automatically mount the user’s AD home directory without needing to define it in the profile.
Requirements:
- Mac must be bound to AD (
dsconfigad -showto verify) - Current user must be a network AD user
- The
SMBHome(orHomeDirectory) attribute must be populated in Active Directory for that user.
Advanced: UNIX Signals
You can trigger mounts/unmounts programmatically via UNIX signals sent to the app process (useful for custom Jamf scripts):
kill -SIGUSR1 PID: Triggers unmount of configured shareskill -SIGUSR2 PID: Triggers mount of configured shares