Skip to main content
Question

Adding new network interfaces without giving users admin rights

B
Forum|alt.badge.img+26

So I'll preface this by noting I'm taking the "lazy" approach to a problem.

We have provided MacBook Airs to all of our teaching staff at two schools. We also have them Thunderbolt 2 Express docking stations with Ethernet Adapters.

All seems to work well provided the teachers use the same dock they are issued. Problem is when they switch rooms. El Cap sees a dock in a different room as a new network interface and promptly asks for admin password.

Simple question is this...how do I cede the rights to add new network interfaces to a given AD group on a local MacBook.

It probably involves using the 'security' command and editing the authorization database. Any advice on which keys, strings, or help with the command syntax is highly sought after. I can't cede admin rights themselves, but I'm open to any creative solution that might hit the problem hard.

Thank you in advance,
Blackholemac

    2 replies

    H
    Forum|alt.badge.img+16
    • hkabik
    • Honored Contributor
    • 330 replies
    • April 9, 2016
    #!/bin/sh

security authorizationdb write system.preferences allow
security authorizationdb write system.preferences.network allow

    That will give them admin access to the Network System Preference Pane.

    J
    Forum|alt.badge.img+3
    • Jaxson75
    • New Contributor
    • 9 replies
    • May 11, 2016

    How about remove it after the user did what was needed, or can this be scripted with a self removal of the rights?

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings