Jamf Nation Community

so don't propagate from /Users down?

I gotten into doing the propagate for the Users folder, and it works as well. Mainly I do it for Users since I need to do that for Applications, and as I am working on explaining this to others, it is easier to just tell them they need to do the propagate tights for all of the base folders.

Yeah, I do root:admin on the actual users home folder on down, same as /Users

We create all DMG's like this under our Administrator account, this is on all ours macs.

I just leave the perms as-is, when using FUT or FEU's it seems to correct the perms.

In my testing, the permissions on the files that will be filled are irrelevant; permissions are apparently set during installation (if installed by Casper).

Correct, when the binary copies it to the user template or to the existing users home directory it should inherit permissions properly. The most important part about ANY packages that have FUT/FEU is that you don't have more than one user home directory in it as the binary will take whatever the first one it finds to apply the settings. At least that was the behavior. We try to make sure we use the same username account for user files for all packages. We set permissions in packages just because it's cleaner (OCD) to have valid accounts on files all the time.