Is there a way to scope a policy by a local user account?
I wanted to make a Policy to remove certain dock items from the local student account at each login but it does not seem to allow me to specify the local student account only.
Solved
Scope Policy by Local User Account
+3Best answer by tobiaslinder
You can do this by scoping it to the computers and then set a limitation for the user.
+14Not sure if this helps or not but what i have done in the past for guest accounts and local user accounts was Create a Smart group that finds machines with the Local User Accounts, For instance StuGuest.
Then i'd make a bash script to have dockutil add and remove items based on a default dock schema. with the [ plist location specification ] being the path to the home folder
Lastly, i'd set that script and smart group into a policy that runs on login if it has to always look a certain way.
+16You can do this by scoping it to the computers and then set a limitation for the user.
+16Pretty sure you need to have the policy set to a login trigger for this to work. Which in this particular case is probably what your after anyway.
+6@Look What do you do if you want a Self Service item only show up for a particular user, but NOT have that policy execute at login?
@stwrz Probably would have to duplicate the policy and have it only set to run via Self Service.
+11@stwrz .. following @chriscollins suggestion.. make sure you remember to exclude that particular user from the "Login" policy..
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.