OS X Leapord - Restricting users from Active Directory

1 reply [Last post]
Macintrash's picture
Offline
Joined: Dec 20 2003
Posts: 29

Hey all,

Havn't posted here in a while.
Need your help;

We have bought a few new 24" iMac's here at school with the latest version of Leapord.
All of the student and staff accounts are on Active directory and I need student to access machines but have similar restrictions as they do on XP desktops.

We have managed to join the Mac to the domain, Bind with Active Directory and students are able to log on, have their home drive mapped and print etc - there are no restrictions as to what the user's can do on the machines however.
I realise the Mac's don't use the group policies etc in AD, but is their any way I can lock down the students locally? Parental Controls only works for local users.
In the past I have used created a generic logon (local) and locked it down.

Has anyone come across this challenge before?

Cheers
Kurt

__________________

Kurt Senior, RN, BSc.Nur

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Reverend Darkness's picture
Joined: Dec 20 2003
Posts: 502
Mac's and AD - Commercial Solution

I haven't been around for a while, but this is right up my alley:

There is a commercial solution by Thursby Software called ADmitMac ( http://www.thursby.com/admitmac/ ). ADmitMac replaces Apple's Active Directory plug-in with a more robust solution.

Not only can ADmitMac allow the Macs to be joined to the domain, but has three different options for Home Folder use, and integrates with Apple's Workgroup Manager to store MCX on the AD. This means you can modify managed preferences and have them apply without the need for an OD server.

Also, ADmitMac is installed on the Mac, so there is nothing to install on your server, and no changes to be made to your current AD setup.

They have a free eval available, and if you have any questions, call them and ask for "Jim". Trust me, he's the go-to guy for this stuff.

I know that there is cost involved, and I won't pretend to blow it off as insignificant, but IMHO, it's the best solution out there.

__________________

When I see lightning, you know it always brings me down... because it's free, and it's me who's lost and never found.