Skip to main content
Question

Add to keychain file

  • February 25, 2008
  • 3 replies
  • 12 views
A
  • Anonymous

Hello,
Does anyone know how to build a package or script that will edit all
users keychain file. We are starting to use a wireless network which
consists of WPA and a RADIUS server. I need to add a certificate and
user authentication to everyone's key chain. Does anyone know how to do
this with Casper?

Thanks,

Adam Lalicker
<mailto:adam.lalicker at k12.sd.us?subject=Response%20to%20you%20E-Mai:> Computer Support Specialist
Information Technology
Rapid City Area Schools
5200 Cleghorn Cyanon
Rapid City, SD 57702
605-394-6629
Adam.lalicker at k12.sd.us

    3 replies

    M
    Forum|alt.badge.img+23
    • milesleacy
    • Valued Contributor
    • February 25, 2008

    I believe the keychain is one area that can't be managed. As a security
    feature, keychains don't trust outside sources. This is why keychains
    go out of sync with accounts if you reset their passwords.

    If I am mistaken I'd love to see some instructions on manipulating
    keychains.

    Thanks,
    Miles Leacy
    Senior Macintosh Technician
    Polo Ralph Lauren
    miles.leacy at poloralphlauren.com

    T
    Forum|alt.badge.img+31
    • tlarkin
    • Honored Contributor
    • February 25, 2008

    The keychain will accept customized certificates. You could write a
    simple shell script that copies the one out from a working machine into
    each user's home directory and then set the casper policy to run once
    per a user.

    So, I would configure everything you need it to be on a test machine,
    snap shot it with composer, and see if it works.

    However, I can't say that I have done this before, so its a guess that
    it would work. However, keychains are stored in ~/Library/Keychains for
    each specific user.

    Thomas Larkin
    TIS Department
    KCKPS USD500
    tlarki at kckps.org
    cell: 913-449-7589
    office: 913-627-0351

    "Leacy, Miles (US)" <Miles.Leacy at PoloRalphLauren.com> 02/25/08 8:58

    AM >>>
    I believe the keychain is one area that can't be managed. As a security
    feature, keychains don't trust outside sources. This is why keychains
    go out of sync with accounts if you reset their passwords.

    If I am mistaken I'd love to see some instructions on manipulating
    keychains.

    Thanks,
    Miles Leacy
    Senior Macintosh Technician
    Polo Ralph Lauren
    miles.leacy at poloralphlauren.com

    A
    • Anonymous
    • February 25, 2008

    Hi Adam,
    On 25 Feb 2008, at 14:53, <Adam.Lalicker at k12.sd.us> <Adam.Lalicker at k12.sd.us > wrote:

    It would be worth looking into what certtool can do. This command line tool is designed to manage certificates and may do what you need.

    Hope this helps,

    James

    -- James Nairn mailto:jwrn3 at cam.ac.uk
    Macintosh Systems Specialist University of Cambridge Computing Service
    Pembroke St, Cambridge, CB2 3QH Tel (01223 7)63486

    Terms & ConditionsCookie settingsAccessibility statement