Help

Add to keychain file

Not applicable

Posted on ‎02-25-2008 06:53 AM

Hello,
Does anyone know how to build a package or script that will edit all
users keychain file. We are starting to use a wireless network which
consists of WPA and a RADIUS server. I need to add a certificate and
user authentication to everyone's key chain. Does anyone know how to do
this with Casper?

Thanks,

Adam Lalicker
<mailto:adam.lalicker at k12.sd.us?subject=Response%20to%20you%20E-Mai:> Computer Support Specialist
Information Technology
Rapid City Area Schools
5200 Cleghorn Cyanon
Rapid City, SD 57702
605-394-6629
Adam.lalicker at k12.sd.us

0 Kudos
Reply
3 REPLIES 3

milesleacy
Valued Contributor

Posted on ‎02-25-2008 06:58 AM

I believe the keychain is one area that can't be managed. As a security
feature, keychains don't trust outside sources. This is why keychains
go out of sync with accounts if you reset their passwords.

If I am mistaken I'd love to see some instructions on manipulating
keychains.

Thanks,
Miles Leacy
Senior Macintosh Technician
Polo Ralph Lauren
miles.leacy at poloralphlauren.com

0 Kudos
Reply

tlarkin
Honored Contributor

Posted on ‎02-25-2008 07:55 AM

The keychain will accept customized certificates. You could write a
simple shell script that copies the one out from a working machine into
each user's home directory and then set the casper policy to run once
per a user.

So, I would configure everything you need it to be on a test machine,
snap shot it with composer, and see if it works.

However, I can't say that I have done this before, so its a guess that
it would work. However, keychains are stored in ~/Library/Keychains for
each specific user.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

"Leacy, Miles (US)" <Miles.Leacy at PoloRalphLauren.com> 02/25/08 8:58

AM >>>
I believe the keychain is one area that can't be managed. As a security
feature, keychains don't trust outside sources. This is why keychains
go out of sync with accounts if you reset their passwords.

If I am mistaken I'd love to see some instructions on manipulating
keychains.

Thanks,
Miles Leacy
Senior Macintosh Technician
Polo Ralph Lauren
miles.leacy at poloralphlauren.com

0 Kudos
Reply

Not applicable

Posted on ‎02-25-2008 08:06 AM

Hi Adam,
On 25 Feb 2008, at 14:53, <Adam.Lalicker at k12.sd.us> <Adam.Lalicker at k12.sd.us > wrote:

It would be worth looking into what certtool can do. This command line tool is designed to manage certificates and may do what you need.

Hope this helps,

James

-- James Nairn mailto:jwrn3 at cam.ac.uk
Macintosh Systems Specialist University of Cambridge Computing Service
Pembroke St, Cambridge, CB2 3QH Tel (01223 7)63486

0 Kudos
Reply