- Jamf Nation Community
- Products
- Jamf Pro
- Example of MCX export file
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Example of MCX export file
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-17-2011 07:38 AM
I got a few requests off the mailing list to share this. It is a highly managed MCX export of a basic student account which grants access to nothing. Furthermore, it also limits applications from being executed with in certain allowed file paths. For example, only /Applications and /Library/Application Support are allowed to run apps. This disallows the users from running any apps outside these file paths and since they do not have write privileges they cannot install apps in these paths. I will attach my MCX file.
So apparently you cannot attach a file that I can see, so here it is:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>.GlobalPreferences</key>
<dict>
<key>AppleShowAllExtensions</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<false/>
</dict>
</dict>
<key>com.apple.applicationaccess.new</key>
<dict>
<key>familyControlsEnabled</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>pathBlackList-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>pathBlackList-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>pathBlackList</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array>
<string>/Applications/Utilities/</string>
</array>
</dict>
<key>pathWhiteList-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>pathWhiteList-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>pathWhiteList</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array>
<string>/Applications/</string>
<string>/Library/Application Support/</string>
</array>
</dict>
<key>whiteList-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>whiteList-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>whiteList</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array/>
</dict>
</dict>
<key>com.apple.dashboard</key>
<dict>
<key>WhiteList-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>WhiteList-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>WhiteList</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array>
<dict>
<key>ID</key>
<string>com.apple.widget.addressbook</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Address Book</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.phonebook</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Business</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.calculator</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Calculator</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.dictionary</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Dictionary</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.espn</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>ESPN</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.flighttracker</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Flight Tracker</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.google</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Google</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.calendar</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>iCal</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.itunes</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>iTunes</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.cinema</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Movies</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.people</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>People</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.ServerStatus</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Server Status</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.SkiReport</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Ski Report</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.stickies</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Stickies</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.stocks</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Stocks</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.tilegame</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Tile Game</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.translation</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Translation</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.unitconverter</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Unit Converter</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.weather</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Weather</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.web-clip</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>Web Clip</string>
</dict>
<dict>
<key>ID</key>
<string>com.apple.widget.worldclock</string>
<key>Type</key>
<string>bundleID</string>
<key>mcx_DisplayName</key>
<string>World Clock</string>
</dict>
</array>
</dict>
<key>whiteListEnabled</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
</dict>
<key>com.apple.dock</key>
<dict>
<key>AppItems-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>AppItems-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>static-apps</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array>
<dict>
<key>mcx_typehint</key>
<integer>1</integer>
<key>tile-data</key>
<dict>
<key>file-data</key>
<dict>
<key>_CFURLString</key>
<string>/Applications/Safari.app</string>
<key>_CFURLStringType</key>
<integer>0</integer>
</dict>
<key>file-label</key>
<string>Safari</string>
</dict>
<key>tile-type</key>
<string>file-tile</string>
</dict>
<dict>
<key>mcx_typehint</key>
<integer>1</integer>
<key>tile-data</key>
<dict>
<key>file-data</key>
<dict>
<key>_CFURLString</key>
<string>/Applications/Address Book.app</string>
<key>_CFURLStringType</key>
<integer>0</integer>
</dict>
<key>file-label</key>
<string>Address Book</string>
</dict>
<key>tile-type</key>
<string>file-tile</string>
</dict>
<dict>
<key>mcx_typehint</key>
<integer>1</integer>
<key>tile-data</key>
<dict>
<key>file-data</key>
<dict>
<key>_CFURLString</key>
<string>/Applications/iCal.app</string>
<key>_CFURLStringType</key>
<integer>0</integer>
</dict>
<key>file-label</key>
<string>iCal</string>
</dict>
<key>tile-type</key>
<string>file-tile</string>
</dict>
<dict>
<key>mcx_typehint</key>
<integer>1</integer>
<key>tile-data</key>
<dict>
<key>file-data</key>
<dict>
<key>_CFURLString</key>
<string>/Applications/Preview.app</string>
<key>_CFURLStringType</key>
<integer>0</integer>
</dict>
<key>file-label</key>
<string>Preview</string>
</dict>
<key>tile-type</key>
<string>file-tile</string>
</dict>
<dict>
<key>mcx_typehint</key>
<integer>1</integer>
<key>tile-data</key>
<dict>
<key>file-data</key>
<dict>
<key>_CFURLString</key>
<string>/Applications/Firefox.app</string>
<key>_CFURLStringType</key>
<integer>0</integer>
</dict>
<key>file-label</key>
<string>Firefox</string>
</dict>
<key>tile-type</key>
<string>file-tile</string>
</dict>
</array>
</dict>
<key>DocItems-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>DocItems-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>static-others</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array/>
</dict>
<key>MCXDockSpecialFolders-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>MCXDockSpecialFolders-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>MCXDockSpecialFolders</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array/>
</dict>
<key>autohide</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>autohide-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>contents-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>largesize</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<real>128</real>
</dict>
<key>launchanim</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>launchanim-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>magnification</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<false/>
</dict>
<key>magnify-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>magsize-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>mineffect</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<string>genie</string>
</dict>
<key>mineffect-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>orientation</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<string>bottom</string>
</dict>
<key>position-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>size-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>static-only</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>tilesize</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<real>64</real>
</dict>
</dict>
<key>com.apple.finder</key>
<dict>
<key>AppleShowAllExtensions-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>FinderSpawnWindow</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<false/>
</dict>
<key>FinderSpawnWindow-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>InterfaceLevel</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<string>Full</string>
</dict>
<key>NewWindowTargetIsHome</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<false/>
</dict>
<key>NewWindowTargetIsHome-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>OpenInColumnView</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<false/>
</dict>
<key>OpenInColumnView-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowExternalHardDrivesOnDesktop</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowExternalHardDrivesOnDesktop-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowHardDrivesOnDesktop</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowHardDrivesOnDesktop-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowMountedServersOnDesktop</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowMountedServersOnDesktop-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowRemovableMediaOnDesktop</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>ShowRemovableMediaOnDesktop-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>WarnOnEmptyTrash</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
<key>WarnOnEmptyTrash-immutable</key>
<dict>
<key>state</key>
<string>always</string>
<key>value</key>
<true/>
</dict>
</dict>
<key>com.apple.systempreferences</key>
<dict>
<key>EnabledPreferencesPanes-Raw</key>
<dict>
<key>state</key>
<string>always</string>
<key>upk</key>
<dict>
<key>mcx_input_key_names</key>
<array>
<string>EnabledPreferencesPanes-Raw</string>
</array>
<key>mcx_output_key_name</key>
<string>EnabledPreferencePanes</string>
<key>mcx_remove_duplicates</key>
<true/>
</dict>
<key>value</key>
<array/>
</dict>
</dict>
</dict>
</plist>Tom
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-16-2014 04:50 PM
Hi Tom,
thanks for the file. I will like to implement this at the school where I work the restrict access to apps. Do I need to copy and paste the file, save it as a .manifest then use managed preferences/custom to upload the file? Not sure if that's the correct or whether I need to do it differently.
Regards,
henry
