Prev: iPad
Next: Credit card jam, was: Black Screen of Death
From: Kathy Morgan on 2 Feb 2010 16:31 Daniel Cohen <dcohenspam(a)talktalk.net> wrote: > Kathy Morgan <kmorgan(a)spamcop.net> wrote: > > > > > Yes, if I'm not able to duplicate the Guest account and then further > > restrict the duplicate for child use, that's probably what I'll > > do--although if I can figure out a way to automate it that will be even > > better. > > I think I can work out the way to do what you want. I'm not knowledgable > enough in Unix to write a script you could rely on, but these > suggestions should give you an idea. > > Step 1. A shell script. (snip) I've started to learn Perl, which I'm fairly confident could do this, but haven't gotten to a point where I could write the script. I know almost no Unix, so I couldn't do it directly. However, I think Automator.app and an applescript to empty the trash could do most of what you suggest, without having to worry about Terminal being left open. I'd like to have them run on logout, but I can't see any way to do that, so I'll use your suggestion of putting them in the login items. I'll use the commands Kir�ly posted to block the Guest account and another restricted account from saving files to the /Users/Shared folder. > Comments. I didn't want files in the Library to be removed as some > preferences get a changed modification date at each login. So this > approach would be fine for dealing with normal or stupid people. It > isn't safe against a malicious person. I have some thought about that, > but there would still be loopholes. Oh, I'm glad you mentioned that! I hadn't thought of that, and was just going to do an Automator applet that removed all files with a recent modification date. I probably don't need to worry about a malicious person. I'm one of the two most knowledgeable Mac people in the area; I don't know how to screw up the system on purpose and the other guy wouldn't. In a worst-case scenario, I could just wipe the drive and reinstall. I've been experimenting on my own MBP, and strange things can happen when you start messing with Accounts in the System Preferences and Finder. I now have my Finder showing a user "Guest Copy" and no Guest user, but System Preferences shows a Guest account (but not Guest Copy). The Finder won't permit me to change the name of Guest Copy back to plain Guest, but I guess that doesn't matter because it gets treated by the system as Guest. -- Kathy
From: Kathy Morgan on 2 Feb 2010 16:31 Kir�ly <me(a)home.spamsucks.ca> wrote: > Kathy Morgan <kmorgan(a)spamcop.net> wrote: > > Hmmm...I see Apple makes available a free fully functional evaluation > > copy, so I could actually try it to see for myself how difficult or easy > > it is to administer and what kind of experience a guest user would have. > > Thanks for the suggestion; I will check it out. > > You don't need to buy OS X Server to get Workgroup Manager. Workgroup > Manager can be downloaded for free from Apple and it works fine on the > standard version of OS X. I downloaded the Workgroup Manager but was unable to use it to add a user. I keep getting an error message "Unable to create home directory. The home directory could not be created because an error occurred." Any ideas as to what I'm doing wrong? -- Kathy
From: JF Mezei on 2 Feb 2010 16:45 Kathy Morgan wrote: > I've started to learn Perl, which I'm fairly confident could do this, > but haven't gotten to a point where I could write the script. One issue that can be a show stopper is that many files are locked when a user is logged in, so your script may not be able to delete/replace files. This has to be done after the user has logged out, or REALLY early during login process (not sure if there are hooks for yoru own code to run before the files are locked). I posted a link to the various videos Apple has in a different topic. The workgroup manager can be of help to you by controlling what people can and can't do. There are also hints elsewhere on how to prevent people from changing any preferences.
From: JF Mezei on 2 Feb 2010 17:05 Kathy Morgan wrote: > I downloaded the Workgroup Manager but was unable to use it to add a > user. I keep getting an error message "Unable to create home directory. > The home directory could not be created because an error occurred." Any > ideas as to what I'm doing wrong? You are doing nothing wrong. This is a not very obvious portion of workgroup manager. Workgroup Manager creates the home directory location by adding the username to the selected shared mount points. (remember that in a server setting, workstations access their home directories via the network). There is a way to specify a totally separate directory, but you need to be careful how you do this because it will want to add the username after what you have specified. After you have set the location of the home directory, you need to "SAVE" the setting before you click on the "CREATE home directory" function. (this not only creates it, but also populates it with all the default directories such as Library etc. (and I think you need to click save again). You should see a "/Users" directory listed as a share point on a shandalone system. Just click on it to select it, and the WorkGroup Manager should just add the username to it to form the specification of the home directory.
From: Kathy Morgan on 2 Feb 2010 22:02
JF Mezei <jfmezei.spamnot(a)vaxination.ca> wrote: > Kathy Morgan wrote: > > > I downloaded the Workgroup Manager but was unable to use it to add a > > user. (snip) > > Workgroup Manager creates the home directory location by adding the > username to the selected shared mount points. (remember that in a server > setting, workstations access their home directories via the network). > > There is a way to specify a totally separate directory, but you need to > be careful how you do this because it will want to add the username > after what you have specified. > > After you have set the location of the home directory, you need to > "SAVE" the setting before you click on the "CREATE home directory" > function. (this not only creates it, but also populates it with all the > default directories such as Library etc. (and I think you need to click > save again). > > You should see a "/Users" directory listed as a share point on a > shandalone system. Just click on it to select it, and the WorkGroup > Manager should just add the username to it to form the specification of > the home directory. Well, I must not have done it exactly right, because the username didn't appear in the specification of the home directory, but it didn't give me the error message and now if I log out the newly created account shows up as one of the choices for logging in. It doesn't show up in the Finder or in the System Preferences Accounts pane, but I think I'm making progress. There are a number of oddities: Workgroup Manager doesn't show the guest account and doesn't find it when I do a search for it either by name or account ID number, but it is listed in System Preferences > Accounts. The list of users in the Finder doesn't match either the list in Workgroup Manager or the (different) list in System Preferences > Accounts. -- Kathy |