Anyone got any ideas how i can restrict my mobile users installing Mountain Lion? There admins and due to being offsite i have to allow them access to Software Updates. I've looked through Configuration profiles. Does anyone else have this dilemma? Possibly a feature request if nobodies got an easy idea. - Thanks
Question
Restricting Mountain Lion
+4
+36Allowing users access to Software Update doesn't get them access to Mountain Lion. Right now, that only comes with having an Apple developer account.
I'm afraid that if these are offsite users and admins then they can do whatever they want. All you can do is make them aware of your policy not to run Mountain Lion on company hardware and make sure you've got someone in upper management who will back your policy.
+24I haven't looked at Mountain Lion yet, but I'd imagine something similar to how folks blocked Lion installation would work, i.e, use a Restricted Software item that looks for and shuts down any process called "Install Mac OS X" Unless Apple is using some other process that is not like what they did with Lion, that should do it for you.
Edit: In thinking about your post again, I just wanted to mention that users being 'mobile' or 'remote' does not necessarily mean they have to have full admin rights. There are ways of giving standard users the ability to do many admin level functions, such as adding printers, installing some software, making changes to certain System preferences they would otherwise be blocked from and more. But still limiting them from being full blown admins.
You can also put Software Update into Self Service if you're using that, although if these people don't have a way to connect to your JSS when offsite, that may be problematic.
We killed ours by restricting "Install OS X Mountain Lion" for now, as when we do deploy ML, it will be thru imaging, and not thru the installer.
+7You can create a restricted policy to block and Mountain lion install on a machine or scope, the action can kill the process and delete the installer even if its on an external device . you can also show a message on the target workstation screen to this effect saying the company policy does not allow the install of Mountain Lion on your machine without Contacting IT SUPPORT FIRST .
+13Or What I do..YOU install it YOU support it..I will not touch the machine if they have an issue.. working great for pas 3 yrs
just my .02
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.