TMUTIL and @ Sign

nimorin · November 1, 2016, 4:27pm

I was trying to set the destination volume in time machine via script using the statement below:

do shell script “tmutil setdestination "afp://” & uname & “:” & pword & “@” & mvol & “"” with administrator privileges

uname is username
pword is password
and mvol is the destination

This works unless the user has a @ sign in their password. I was wondering if there was an efficient way to handle this. I’m new to applescript as in I only started working with it this month. Shortly before posting this, I came up with opening a terminal window and passing the password through the window but it’s not a very clean way to do it.

A clip of my script is below. I left out the parts that define my variables since the main point is the @ sign in the password.



do shell script "echo tmutil setdestination -p '\"'afp://ESUDOM'\\'" & leftString(email, "@") & "@" & mvol & "'\"' > ~/tmutilscript" with administrator privileges

do shell script "echo echo PROCESS COMPLETE!  This window can be closed. >> ~/tmutilscript" with administrator privileges

do shell script "chmod 777 ~/tmutilscript" with administrator privileges

tell application "Terminal"

set currentTab to do script "sudo ~/tmutilscript"

delay 5

do script lpword in currentTab

delay 5

do script pword in currentTab

end tell

The first part creates a shell script. The second part executes the script and passes the local admin password and the domain password that contains the @ sign. As you can see, it’s kind of messy. It leave the terminal running in the background and there is that 5 second delay so that slower machines will run the script correctly. Without the delay, some machines were sending the password before the terminal was ready.

So I’m hoping there is a more efficient way to set up the time machine destination. Thank you.

Shane_Stanley · November 2, 2016, 6:30am

You can use this to percent-encode the name and password:

use framework "Foundation"
use scripting additions

set uname to "one@two"
set uname to current application's NSString's stringWithString:uname
set uname to (uname's stringByAddingPercentEncodingWithAllowedCharacters:(current application's NSCharacterSet's URLUserAllowedCharacterSet())) as text
--> one%40two
set pword to "two@one"
set pword to current application's NSString's stringWithString:pword
set pword to (pword's stringByAddingPercentEncodingWithAllowedCharacters:(current application's NSCharacterSet's URLPasswordAllowedCharacterSet())) as text
--> two%40one

nimorin · November 2, 2016, 3:31pm

Thank you. I’ll give that a try.

DJ_Bazzie_Wazzie · November 2, 2016, 3:50pm

Note: It’s probably for home use but be aware that passwords embedded in URLs can be seen all over the network, or even the internet when your machine is making backup over the internet. If you don’t want this you should use the -p option and with the expect shell command you can create yourself a interactive programmable shell.

nimorin · November 3, 2016, 3:47pm

It looks like the script recommended by Shane works although users need to be on Yosemite or higher. Mavericks users received a access denied error. After researching it, it could be fixed if I include the necessary routines in my script but we will just recommend that users update to a newer OS.

Thank you for the warning DJ. This will only be used on our local networks but the EXPECT shell command does sound interesting.