Skip to main content
Question

Setting local prefs via MCX

A
  • Anonymous

Hi all,

I'm working on setting up some 10.5.8 workstations, and I'm trying to use
MCX to set Preferences on a generic local user to lock down certain
settings. We do not use directory authentication (and please don't tell me
why I should set it up ­ it just doesn't work for our purposes right now) -
I'm trying to do this on a local machine level. I used Workgroup Manager to
import all the settings, and it works fine on the machine I set it up on.

I started working with this as a guide:
http://managingosx.wordpress.com/2008/02/07/mcx-dslocal-and-leopard/ -
however, it talks about Group settings, but doesn't specifically mention
User level settings.

I can get the Preferences in place on the other computers just fine, but
does anyone know what files are needed to have MCX enforce that local user's
settings on a localhost level to make those settings permanent?

Thanks!
-- Christopher Kemp
CNN Central Engineering

    2 replies

    A
    • Anonymous
    • 0 replies
    • August 15, 2010

    Update: I was able to get this to ALMOST work by:

    1. Overwriting the user's ~/Library/Preferences/ directory with the one set up on the test machine;
    2. Overwriting /private/var/db/dslocal/nodes/Default/ directory with the one from the test machine;
    3. Checked 'Update ByHost Files' in Casper Remote;
    4. Fix passwords for the generic user & generic admin user's accounts.

    Now, by doing these steps the settings DO actually work - I say 'almost
    work' because I want to know why Step #4 is necessary? I tried this a couple
    of times on a clean install, and both times I ended up munging the passwords
    for these two users ( thank goodness my Casper admin user's password
    survives!). However, the password should be exactly the same for the users
    on both machines. I even went back to my original machine, added the correct
    passwords in Workgroup Manager, and re-built my DMG Sources from scratch ­
    but it still kills the password.

    Anyone got any ideas? I'm new to dealing with MCX settings, so any insight
    is appreciated.

    T
    Forum|alt.badge.img+31
    • tlarkin
    • Honored Contributor
    • 2721 replies
    • August 16, 2010

    You are doing local computer policy correct? If you load Work Group
    Manager on your system and point it to the local directory services you
    should be able to create policy. Create a guest computer and do so. Then once you are done, highlight that guest computer and export it. You later can toss that file in Casper and script out importing of MCX

    You can use dscl to import MCX files. In fact, you may even be able to
    export those MCX files in WGM and then import them into the JSS? I have
    not tried that, but I think that is what Casper does. It just reads XML
    files to enforce MCX, and most likely it uses the built in Apple stuff
    to do it.

    -Tom

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings