Question

10.11 Dock User Template -- Maps, iBooks, Photos automatically added back

Forum|Forum|9 years ago
February 19, 2016
11 replies
43 views

wesleypettit
New Contributor

Howdy!

We have a default dock plist we're adding to the User Template for all newly created users in 10.11. The problems we're seeing is that OS X automatically adds Maps, iBooks, and Photos.

Any ideas on how to prevent this? The defaults plist within the Dock.app in /System/Library/CoreServices/ is no longer accessible for modification in 10.11. We've explored dockutil, and have found it to be highly inconsistent.

djwojo
Contributor
Forum|Forum|9 years ago
February 19, 2016

+1 for this one - I am going through what the JSS, Config Profile, Dockutil, etc etc etc can and can't do for 10.11(.3).

+24

mm2270
Legendary Contributor
Forum|Forum|9 years ago
February 19, 2016

Not entirely certain, but I believe these get added by way of the infamous dockfixup process. Yes, infamous, as in, we wish it would just go away and leave us alone already.

+16

hkabik
Honored Contributor
Forum|Forum|9 years ago
February 19, 2016

My dock load up still works in 10.11 without adding these... I just arrange a perfect dock and then package the ~/Library/Preferences/com.apple.dock.plist and deploy FUT and FEU.

+17

mbezzo
Valued Contributor
Forum|Forum|9 years ago
February 19, 2016

Hi,
It's not sexy, but I simply run a "remove from dock" policy on the dock items I don't want once the user logs in. It works in our workflow, so may not in others... But does the trick for us!

Thanks,
mbezzo

wesleypettit
Author
New Contributor
Forum|Forum|9 years ago
February 20, 2016

Thanks for the responses! It's definitely the dockfixup process, and SIP in 10.11 prevents us from from making the changes we utilized in 10.10. We're going to keep playing around with dockutil and and a run-once login policy. Hopefully we can figure out a way to make this process more reliable.

+14

Josh_Smith
Contributor
Forum|Forum|9 years ago
February 21, 2016

@wesleypettit I've been using the following script to modify dockfixup during 10.11 imaging to prevent the extra dock items. The trick is to run the script with an After priority in Casper Imaging....it will run after your base image is down but before the reboot (before SIP is enabled). There is logic to figure out which drive is the target drive, so it works for Netbook and Target Disk Imaging. The script assumes default HD names.

#!/bin/sh
if [ -e "/Volumes/Macintosh HD 1" ]
    then
            #Target mode imaging will show two drives named Macintosh HD
            DRIVEPATH="/Volumes/Macintosh HD 1"
    else
            #Netboot will show one drive named Macintosh HD
            DRIVEPATH="/Volumes/Macintosh HD"
fi

OSV=$(defaults read "$DRIVEPATH/System/Library/CoreServices/SystemVersion.plist" | grep "ProductVersion" | cut -d '"' -f2 | cut -c1-4)
if [ "$OSV" == "10.1" ]
    then
        OSV=$(defaults read "$DRIVEPATH/System/Library/CoreServices/SystemVersion.plist" | grep "ProductVersion" | cut -d '"' -f2| cut -c1-5)
fi

case "$OSV" in
    "10.7"|"10.8"|"10.9")
#this applies to 10.7-10.9
        /usr/libexec/plistbuddy -c "delete:add-app" "$DRIVEPATH/Library/Preferences/com.apple.dockfixup.plist" ;;
    *)
#This applies to 10.11+ (not imaging anything older)
        /usr/libexec/PlistBuddy -c "delete:add-app" "$DRIVEPATH/System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist"
#        I'm not removing the add-doc because I want it to add the Downloads folder, but if you want to remove it  on 10.11then uncomment the line below
#       /usr/libexec/PlistBuddy -c "delete:add-doc" "$DRIVEPATH/System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist" ;;
esac

I'm sure dockfixup will get updated with a minor upgrade (10.11.4) and add icons to an existing machine...but at least we can start clean for a new image.

+15

apizz
Honored Contributor
Forum|Forum|9 years ago
February 21, 2016

We have this problem with 10.10 Yosemite as well and setup something similar to @mbezzo where we have a policy triggered at login once per user per computer to remove those three apps. Not optimal, but it works.

+17

CasperSally
Honored Contributor
Forum|Forum|9 years ago
February 24, 2016

Thanks @Josh.Smith - this script works great for us. Smart to do it as an after script.

maurie_b
New Contributor
Forum|Forum|9 years ago
March 22, 2016

I created a custom Configuration Profile based on the Dock.plist I had with all the apps I wanted. I used this format for Downloads folder: <key>home directory relative</key><string>~/Downloads</string>.
I converted the plist to xml and then uploaded it to JSS as a Conf Profile and it works pretty well.

rcantrell
Contributor
Forum|Forum|9 years ago
March 23, 2016

@hkabik

Does your default dock include user specific folders. For example their documents, downloads, picture folders?

That's is where I run into trouble when using a template. The template user folders are hard mapped at that point in the template. If I try to deploy that plist to another user, that user gets the template user's folders mapped to their dock, which the user has no access to. I kind of get where this issue stems from since the plist tells you what folders get mapped.

What is weird is that this is no different in previous versions of OS X, at least since 10.6. It's like OS X just kind of understood what you meant but now, 10.11 is like, "nah dawg".

JasonAtCSUMB
Contributor
Forum|Forum|7 years ago
August 14, 2018

This https://support.apple.com/en-us/HT207568 and this https://medium.com/@opragel/how-to-customize-stop-dockfixup-on-macos-f349cd3c7b15

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded