Question

Restrict non admins from changing their passwords....

Forum|Forum|10 years ago
May 29, 2015
3 replies
23 views

+15

tep11
Valued Contributor

I'm looking for a simple way to restrict non-admin accounts from accessing the Users & Groups pref pane (students pulling shenanigins on public workstations). A simple password reset policy doesn't work because students change the name on the account to all kinds of things. I've tried a few techniques outlined here in the nation (chmoding the Accounts.prefPane, manually uploading a plist file) with little success. Configuration Profiles are great, but they disable the prefPane for all users. I can't scope to users, because they are all local. Does anyone have a workaround? I'm sure it's obvious and I'm just missing it...

Any help would be much appreciated!

D

+11

dmw3
Valued Contributor
Forum|Forum|10 years ago
May 29, 2015

@tep Will "Parental Control" do what you want

Like

+27

Chris_Hafner
Jamf Heroes
Forum|Forum|10 years ago
May 29, 2015

Parental controls or use simple finder can both do that. That's what I tend to use on open public iMacs around here. You could also use some sort of tripwire system that nukes the unit every night... Speaking of which. Does anyone still use radmind or anything else like that now-a-days?

Like

T

+15

tep11
Author
Valued Contributor
Forum|Forum|10 years ago
May 30, 2015

Thanks @dmw3 & @Chris_Hafner I'll give parental controls a go. We have a refresh script, but we want something for in between classes. I had a policy that would delete the user account and re-add it on logout, but that takes too long.

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded