Help

Restricting Mountain Lion

barber
New Contributor

Posted on ‎04-25-2012 06:42 AM

Anyone got any ideas how i can restrict my mobile users installing Mountain Lion? There admins and due to being offsite i have to allow them access to Software Updates. I've looked through Configuration profiles. Does anyone else have this dilemma? Possibly a feature request if nobodies got an easy idea. - Thanks

0 Kudos
Reply
5 REPLIES 5

talkingmoose
Moderator
Moderator

Posted on ‎04-25-2012 07:00 AM

Allowing users access to Software Update doesn't get them access to Mountain Lion. Right now, that only comes with having an Apple developer account.

I'm afraid that if these are offsite users and admins then they can do whatever they want. All you can do is make them aware of your policy not to run Mountain Lion on company hardware and make sure you've got someone in upper management who will back your policy.

0 Kudos
Reply

mm2270
Legendary Contributor III

Posted on ‎04-25-2012 07:03 AM

I haven't looked at Mountain Lion yet, but I'd imagine something similar to how folks blocked Lion installation would work, i.e, use a Restricted Software item that looks for and shuts down any process called "Install Mac OS X" Unless Apple is using some other process that is not like what they did with Lion, that should do it for you.

Edit: In thinking about your post again, I just wanted to mention that users being 'mobile' or 'remote' does not necessarily mean they have to have full admin rights. There are ways of giving standard users the ability to do many admin level functions, such as adding printers, installing some software, making changes to certain System preferences they would otherwise be blocked from and more. But still limiting them from being full blown admins.
You can also put Software Update into Self Service if you're using that, although if these people don't have a way to connect to your JSS when offsite, that may be problematic.

0 Kudos
Reply

MarkMelaccio
Contributor II
Contributor II

Posted on ‎07-24-2012 06:28 AM

We killed ours by restricting "Install OS X Mountain Lion" for now, as when we do deploy ML, it will be thru imaging, and not thru the installer.

0 Kudos
Reply

teknikal35
New Contributor III

Posted on ‎02-18-2013 05:35 AM

You can create a restricted policy to block and Mountain lion install on a machine or scope, the action can kill the process and delete the installer even if its on an external device . you can also show a message on the target workstation screen to this effect saying the company policy does not allow the install of Mountain Lion on your machine without Contacting IT SUPPORT FIRST .

0 Kudos
Reply

Nix4Life
Valued Contributor

Posted on ‎02-18-2013 04:27 PM

Or What I do..YOU install it YOU support it..I will not touch the machine if they have an issue.. working great for pas 3 yrs

just my .02

0 Kudos
Reply