I am not sure when this actually started, but I am seeing the issue on all the current macOS. I suspect it may be one of the rapid security releases.
The issue I am seeing is this. I have an Automator file that helps students connect to a server share where the students can share large files with their instructors. Another set of files are preferences for various applications. Historically, I have used the User Template to make sure all new users get these files in the various labs that use them. We use Active Directory user accounts for all users on our district computers. Also, our lab computers clear out any student accounts upon restarting as their user accounts can fill up a hard drive in less than a week. What is happening is the file permissions are getting set incorrectly, which is making the files not usable by users.
So I have a policy that deploys these files that I have created in Composer and have the FEU and FUT boxes checked. When the policy runs, existing accounts (locally created accounts, as well as any AD accounts that might be already on the computer) get the files with proper permissions applied. The problem happens with new users, the permissions for all of these files are incorrect when copied over to the new user folder. All these files are in the User Template (all locations) with the correct permissions. When they are copied over to the new folder, the permissions on these files change to the user having rw and everyone having custom. This renders the file unusable. I have no idea why this is happening and have been scratching my head trying to get around this. The files should have user as rw, admin as r, and everyone as r. Anyone else seeing this? Any clean way to get around it?
Depending on when this broke, I doubt its RSR related as Apple has not released an RSR in a couple of months. Permissions are a messy thing, assuming file ownership is not an issue you can set permissions to 777 or world writable, readable and executable. Generally speaking, 777 is the last thing you want to use, but it should world.
The permissions for the associated files are correct in the user template. They are getting set incorrectly when the OS copies them into the new users profile. My money is still on one of the RSR's as we didn't have any issues last semester, whereas we are now. The only thing these computers have had done to them are the RSR's.
Template issues can refer to a variety of problems, and these can arise in different contexts, such as software development, graphic design, or document formatting.
It's important to note that macOS is a complex operating system with frequent updates, and specific issues related to templates could vary depending on the application or use case.
Changes to Permissions: Apple has made changes to the permission system in some macOS versions, making it more restricted. This may have an impact on the ability to customize user templates or necessitate additional steps to complete specific customizations.
Profiles and Mobile Device maintenance (MDM): As the emphasis on MDM has grown, some aspects of user template maintenance have transferred to MDM systems. Certain settings may become more centralized and managed via MDM profiles as a result of this.
Apple occasionally deprecates certain features or settings in favor of newer ones. Customizations based on deprecated features may not function as expected in newer macOS versions.