Posted on 02-05-2015 12:38 PM
Would someone be willing to look at my ARD line from my FB script? For some reason the primary admin account doesn't have SSH access.
It's created with the createadmin tool 1.24, I can login to the user and everything else, the results from kickstart say that the user was added, but I still can't SSH in unless I go into sharing and enable all users.
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw <password> -users admin1,admin2 -privs -all -allowAccessFor -specifiedUsers -restart -agent -menu
Starting... Activated Remote Management. admin1: Set user remote access. admin2: Set user remote access. Set the client options. Setting allow all users to NO. Setting all users privileges to 1073742079. Done.
Solved! Go to Solution.
Posted on 02-06-2015 06:48 AM
It might be easier with dseditgroup:
/usr/sbin/dseditgroup -o edit -a admin1 -t user com.apple.access_ssh
If you do it as root it shouldn't ask for a password.
Posted on 02-05-2015 12:50 PM
In the past I have broken down this from one line into maybe three or four different iterations. I've not tried for instance to use multiple -clientopts in the command. Now this has nothing to do at all with ssh access. You have to validate your admin user is part of the administration group... and also make sure that ssh is enabled and allowed for admins only.
Posted on 02-05-2015 01:10 PM
I didn't think ARD kickstart could do anything with SSH?
I normally enable ssh with:
systemsetup -setremotelogin on
and control access with the com.apple.access_ssh group.
Posted on 02-06-2015 06:17 AM
i tried adding the user manually via
dseditgroup -o edit -n /Local/Default -u admin1 -p <password> -a admin1 -t user com.apple.access_ssh
but it pauses on waiting for the users password and doesn't allow the script to finish.
Posted on 02-06-2015 06:48 AM
It might be easier with dseditgroup:
/usr/sbin/dseditgroup -o edit -a admin1 -t user com.apple.access_ssh
If you do it as root it shouldn't ask for a password.
Posted on 02-06-2015 07:56 AM
Perfect! thank you @davidacland