Is Restricted Software bugged or am I doing it wrong?

lashomb
Contributor II

Yesterday during my JumpStart, I did a test for Restricted Software for Apple Remote Desktop. I wanted general users to not be able to run this, so I set the process name to "Remote Desktop" and checked exact match. Later during the JumpStart when looking at the JSS log, I noticed it was killing Microsoft Remote Desktop Connection for some users. I deleted the restriction.

1 ACCEPTED SOLUTION

mm2270
Legendary Contributor II

I assume you're running version 9 since you mentioned checking "exact match" which is new in 9. My understanding was that this would prevent issues like the above. It may still not be working as expected though.

You could try a workaround I discovered with version 8. Maybe it still works with 9. Enter the process to look for as:
/Remote Desktop
Note the leading / character. What this does is tells it to look for items that use a path of /path/to/application/RemoteDesktop, which would mean Microsoft Remote Desktop shouldn't get picked up.

I haven't tested this at all under 9, so not sure if this would still work, but worth a try.

View solution in original post

4 REPLIES 4

mm2270
Legendary Contributor II

I assume you're running version 9 since you mentioned checking "exact match" which is new in 9. My understanding was that this would prevent issues like the above. It may still not be working as expected though.

You could try a workaround I discovered with version 8. Maybe it still works with 9. Enter the process to look for as:
/Remote Desktop
Note the leading / character. What this does is tells it to look for items that use a path of /path/to/application/RemoteDesktop, which would mean Microsoft Remote Desktop shouldn't get picked up.

I haven't tested this at all under 9, so not sure if this would still work, but worth a try.

lashomb
Contributor II

Ah, that makes sense with the behavior I guess, I didn't realize it was looking for an Application versus a running process.

I'll give it a try, although in this case, it might still fail, as /Remote Desktop would match /Remote Desktop Connection as well.

mm2270
Legendary Contributor II

Well, it is looking for a running process, but if you do something like ps axww you'll see the full path to any running processes in the last column, not just the process name.
On the other hand, doing ps axc shows you just the process name and excludes the rest of the path in that last column.
I guess (not certain) that JAMF is using something along the lines of the former, which is why the / path delimiter worked in a specific case I had run into.

And you're right that Remote Desktop Connection might also get picked up by it. I'm not sure how you'd get around that.

bentoms
Honored Contributor III
Honored Contributor III

What if you try: /Remote Desktop.app