Skip to main content
Solved

Unlock System Preferences in 10.9?

  • November 13, 2013
  • 10 replies
  • 35 views
M
Forum|alt.badge.img+9

I came across a problem we have with Mavericks in reguards to the unlock of system preferences.
As our users are non admin users on there machines they can acess some system resources like Network settings without them.

After testing Mavericks we came across that this is not working any longer in the know way via the authorization file.
According to AFTP548.com it's using a DB now for this purpose.

But even with this solution provided here: http://www.afp548.com/2013/10/22/modifying-the-os-x-mavericks-authorization-database/ it's not working.

The error we get is: NO [-60005]

The clients has been upgraded from 10.8 to 10.9.
Any ideas about this?

Thanks for your help

Best answer by Chris

I think you need to have

security authorizationdb write system.preferences allow

before trying to unlock single PrefPanes.
After that you can do for example

security authorizationdb write system.preferences.datetime allow

to unlock Date&Time Prefs.

To unlock Network Prefs, you need

security authorizationdb write system.preferences.network allow
security authorizationdb write system.services.systemconfiguration.network allow

    10 replies

    G
    Forum|alt.badge.img+10
    • gregneagle
    • New Contributor
    • November 13, 2013

    Are you calling `security authorizationdb` as root or via sudo? Hard to diagnose when you don't show your work!

    C
    Forum|alt.badge.img+13
    • Chris
    • Valued Contributor
    • Answer
    • November 13, 2013

    I think you need to have

    security authorizationdb write system.preferences allow

    before trying to unlock single PrefPanes.
    After that you can do for example

    security authorizationdb write system.preferences.datetime allow

    to unlock Date&Time Prefs.

    To unlock Network Prefs, you need

    security authorizationdb write system.preferences.network allow
security authorizationdb write system.services.systemconfiguration.network allow
    M
    Forum|alt.badge.img+9
    • maiksanftenberg
    • Author
    • Valued Contributor
    • November 13, 2013

    Thanks Chris.
    After a reboot this works like charme.

    Is there a source where I can find all system.preferences files that might be able to be unlocked?

    Cheers,
    Maik

    C
    Forum|alt.badge.img+13
    • Chris
    • Valued Contributor
    • November 13, 2013

    Here's a list for Mountain Lion

    http://www.dssw.co.uk/blog/2013/05/27/authbuddy-introducing-our-new-authorization-rights-tool-for-mac-os-x/

    M
    Forum|alt.badge.img+9
    • maiksanftenberg
    • Author
    • Valued Contributor
    • November 13, 2013

    Thanks Chris.
    Hope that some of them are still working in 10.9

    Cheers,
    Maik

    M
    Forum|alt.badge.img+7

    Sorry to necro post, but Is there a way to enable only a certain piece of the networking Preference Pane? Specifically, the proxies section. My users are also not Admins but require to make changes to the proxy settings for testing. Is there any way to do this easily? A script was written to allow this via the command line, but unfortunately it only allows entry of 1 proxy at a time. A GUI solution would work the best. Any ideas?

    C
    Forum|alt.badge.img+5
    • calum_rmit
    • New Contributor
    • March 18, 2014

    pretty sure you cant have that level of granularity. i would suggest creating an application/script available via self service that prompts the user for the proxy servers and then writes that out using networksetup. using self service should allow the script/application to run with elevated privileges for non-admins

    G
    Forum|alt.badge.img+1
    • gchallis
    • New Contributor
    • March 19, 2014

    jrserapio said:
    " Is there a way to enable only a certain piece of the networking Preference Pane? Specifically, the proxies section"

    I've used Locations for that purpose in the past. The only difference between each Location is the proxy entry. Quick & easy to flip between proxies and can also be scripted with networksetup.

    S
    Forum|alt.badge.img
    • shan11
    • New Contributor
    • April 3, 2014

    Hi Chris can you please help me in unlocking the sharing panel in system preference "security authorizationdb write system.preferences.sharing allow" didn't work.

    M
    Forum|alt.badge.img+7

    Thanks for the replies. Calum - That is a good idea. I will see if i can get something like that going. Basically the userbase is Developers who dont have admin rights. gchallis - Thanks for the response, but i would need to have an overwhelming amount of different locations to meet their needs going that route. The users change their proxies constantly for testing, which makes it a bit more difficult.

    Terms & ConditionsCookie settingsAccessibility statement