Help

Allow Non-Admin Changes To Network Preferences in 10.6

ernstcs
Contributor III

Posted on ‎11-18-2010 10:02 AM

Hello,

For those of you I was able to meet with and talk to yesterday at the user
conference, it was great to see you! Great event! Nice job John Wetter and
William Smith with your presentations.

And on to business. The subject says it all. I'm not seeing this anywhere.
Found an unanswered question on the Apple Discussion Boards.

Can it be done? Can you allow non-admin users make changes to network
preferences in Snow Leopard?

Thanks,

Craig E

0 Kudos
Reply
5 REPLIES 5

tlarkin
Honored Contributor

Posted on ‎11-18-2010 10:24 AM

I imagine if you fuss with the /etc/authorization file you can make it so, though keep in mind you can also have security issues with that as well. Looks like there are some files in /Library/Preferences/SystemConfiguration that may allow users to set certain things if you allow write privileges to those files via /etc/authorization.

Use at your own risk and post back if it works or not as I am curious

0 Kudos
Reply

ernstcs
Contributor III

Posted on ‎11-18-2010 10:37 AM

I didn't see anything specific in authorization, first place I looked. Not so sure I want to mess with anything outside of that file because of the holes I may open up on security.

Thanks, Tom.

Craig E

0 Kudos
Reply

CasperSally
Valued Contributor II

Posted on ‎11-18-2010 10:39 AM

Anyone know if any of the conference materials will be made public on the web?

0 Kudos
Reply

talkingmoose
Moderator
Moderator

Posted on ‎11-18-2010 11:59 AM

Thanks, Craig! Now, if only I could get a PTO group for our company to
On 11/18/10 12:02 PM, "Ernst, Craig S." <ERNSTCS at uwec.edu> wrote:
build our machines...

--

William Smith
Technical Analyst
Merrill Communications LLC
(651) 632-1492

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎11-18-2010 02:29 PM

I've literally today finished a script that unlocks each secure preference pane & allows the everyone group to unlock if locked. We hide/block any prefs panes we don't want changed & will run the below soon on every mac to allow people to change the network & energy saver pref panes (only secure one's we currently do not block through OD).

I know it edits the /etc/authorization file, but seems to work so far.

#!/bin/bash

#Backup the original authorization file
/bin/cp /etc/authorization /etc/authorization.original.backup

#Modify /etc/authorization to allow any member of the everyone group access to printing
/usr/libexec/PlistBuddy -c "Set :rights:system.preferences:group everyone" /etc/authorization
/usr/libexec/PlistBuddy -c "Set :rights:system.preferences:shared true" /etc/authorization

Regards,
Ben Toms
IT Support Analyst GREY Group
The Johnson Building, 77 Hatton Garden, London, EC1N 8JS
T: +44 (0) 20-3037-3819 |
Main: +44 (0) 20 3037 3000 | IT Helpdesk: +44 (0) 20 3037 3883

0 Kudos
Reply