 |
 |
Locking Down OS X
|
|
|
|
|
Mac Elite
Join Date: Dec 2002
Location: Silicon Valley
Status:
Offline
|
|
I'm going over to help a school district out setting up their eMacs in a lab. The problem they were having is kids trashing applications, dragging stuff out of the dock, and downloading stuff everywhere.
What is the best solution to stop them from doing this, and a FAST way to get all machines to do this. Changing EVERY computer individually would take forever. Keep in mind, we also have Remote Desktop installed, but I don't think you can set permissions from this.
Is there any software like Windows had that when you log off of restart it resets the machine back to the way it was?
|
Anyone who would letterspace blackletter would steal sheep. - Frederic Goudy
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jun 2001
Location: Dundee, Scotland
Status:
Offline
|
|
Originally posted by Webscreamer:
I'm going over to help a school district out setting up their eMacs in a lab. The problem they were having is kids trashing applications, dragging stuff out of the dock, and downloading stuff everywhere.
What is the best solution to stop them from doing this, and a FAST way to get all machines to do this. Changing EVERY computer individually would take forever. Keep in mind, we also have Remote Desktop installed, but I don't think you can set permissions from this.
Is there any software like Windows had that when you log off of restart it resets the machine back to the way it was?
Could you get them to boot from a server?
http://www.apple.com/server/macosx/netboot.html
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2002
Location: Silicon Valley
Status:
Offline
|
|
Exactly... I looked into it. But they are running Windows and Linux servers. 
|
Anyone who would letterspace blackletter would steal sheep. - Frederic Goudy
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jun 2001
Location: Dundee, Scotland
Status:
Offline
|
|
Every time you restart a NetBoot-enabled computer, it is automatically restored to its original state: The system reads the startup disk image from the server, and all software and system settings return to the configuration in the NetBoot image.
http://images.apple.com/server/pdfs/...t_TB_final.pdf
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jun 2001
Location: Dundee, Scotland
Status:
Offline
|
|
Originally posted by Webscreamer:
Exactly... I looked into it. But they are running Windows and Linux servers.
But they only need one more mac to act as server.
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Oct 2003
Location: Far above Cayuga's waters.
Status:
Offline
|
|
i think the lab comps at uni here use deep freeze. well something like that. all i know is that there is a polar bear in the upper right of the screen.
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: Outfield - #24
Status:
Offline
|
|
Originally posted by Webscreamer:
Is there any software like Windows had that when you log off of restart it resets the machine back to the way it was?
Yes, but it would require touching each computer physically and/or through ARD.
LoginWindow Manager is a great Bombich tool that can run shell scripts at login/logout...
He even has some starter "Login/Logout scripts" that will refresh the image based off a "User Template" you designate/customize.
I have personally used this before on some images I made for a client and they absolutely loved it!
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2002
Location: Silicon Valley
Status:
Offline
|
|
Originally posted by d4nth3m4n:
i think the lab comps at uni here use deep freeze. well something like that. all i know is that there is a polar bear in the upper right of the screen.
...and this is made for Mac? I know their PCs in the building are using Deep Freeze, I didn't know it was for mac too.... interesting.
|
Anyone who would letterspace blackletter would steal sheep. - Frederic Goudy
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Oct 2003
Location: Far above Cayuga's waters.
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
Addicted to MacNN
Join Date: Aug 2004
Location: Outfield - #24
Status:
Offline
|
|
Yeah, Bombich's tools do the same thing...but for free!
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2002
Location: Silicon Valley
Status:
Offline
|
|
Deep Freeze is perfect... I'm hoping the Windows serial works on the Mac copy too... any ideas?
|
Anyone who would letterspace blackletter would steal sheep. - Frederic Goudy
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2000
Location: Cambridge
Status:
Offline
|
|
I used to manage a few hundred Macs for a small college. I created images that were heavily locked down via permissions (apps, Desktop, even the Home folder itself -- not recursively just the folder) and then restored the machines from a NetBoot server when the time came. When they were well locked down, however, I hardly needed to touch them unless I had some updates to deploy. In the long run, I'd look into some locked down static images to push out. If there's only a few computers, you can just get a FireWire drive or two and use the asr command line utility to push the builds. That should get you set for a full semester.
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
