Skip to main content
Solved

Trying to unify management accounts

  • April 8, 2015
  • 5 replies
  • 23 views
C
Forum|alt.badge.img+17

At the start of our deployment we used Recon and scanned for machines on our numerous subnets and collected about 3/5th of the machines. They were all added using one of a number of possible local admin accounts, which became their management accounts.

Now we're trying to get them all to use the same management account.

My first thought was to push a new QuickAdd.pkg, with the management account we want on all the machines, to all the machines that don't have the account already. Easy enough, you'd think.

Instead of the management account being hidden though, it's plainly visible with a UID in the 500's (whatever the next number was).

Sigh.

Any suggestions? Is this possibly a bug? Doing this is a bit unusual I'll agree.

Best answer by psliequ

I might also suggest creating a new account with CreateUserPkg
which allows you to easily specify a low uid and hidden homedir if you're not yet fully at 10.10.

You can then perform a full inventory search in the JSS and change the management account for everyone under the Action button.

    5 replies

    damienbarrett
    Forum|alt.badge.img+19
    • damienbarrett
    • Honored Contributor
    • April 8, 2015

    I've had unpredictable behaviour with hiding management accounts in 10.10 unless I follow these instructions:

    https://derflounder.wordpress.com/2014/12/31/hiding-user-accounts-in-yosemite/

    You could easily script this to run after the QuickAdd package.

    P
    Forum|alt.badge.img+13
    • psliequ
    • Contributor
    • Answer
    • April 8, 2015

    I might also suggest creating a new account with CreateUserPkg
    which allows you to easily specify a low uid and hidden homedir if you're not yet fully at 10.10.

    You can then perform a full inventory search in the JSS and change the management account for everyone under the Action button.

    C
    Forum|alt.badge.img+17
    • cwaldrip
    • Author
    • Valued Contributor
    • April 8, 2015

    @damienbarrett I should have thought to check Der Flounder first. heading there now.

    @psliequ I'll look at this too.

    C
    Forum|alt.badge.img+17
    • cwaldrip
    • Author
    • Valued Contributor
    • April 8, 2015

    @psliequ Looks like i'm going to go your way. Add a new CreateUserPkg hidden account and then change the management account.

    Luckily we haven't really started deploying Yosemite yet. Is there a known issue with CreateUserPkg and 10.10?

    P
    Forum|alt.badge.img+13
    • psliequ
    • Contributor
    • April 17, 2015

    @cwaldrip, not that I'm aware of, though I haven't used it since 10.10.3 was released.

    Terms & ConditionsCookie settingsAccessibility statement