MacOSXHints has a hint on customizing the Dock for Leopard’s guest account.
This turns out to be yet another application of MCX records in the local directory service. The idea can be expanded to customize lots more things the Guest account can and cannot do – just use Workgroup Manager to manage preferences for the Guest account!
If you are thinking about deploying Microsoft Office 2008 in your environment, there are some preferences you should consider managing.
Microsoft has provided a high-level overview here. But it’s short on details. Here’s a few…
Continue reading “Managing Office 2008”
10.5.2 places a Time Machine menuextra in the menu bar for all users. 
We’re not encouraging the use of Time Machine in our organization. I’ve removed it from the default dock, and am managing the preference to prevent Time Machine from asking if you want to use each new external disk for backups. Users can still use Time Machine, we’re just de-emphasizing it. Therefore, I want to remove the Time Machine menu extra from the menu bar by default.
If you import the Preference Manifests in /System/Library/CoreServices/ManagedClient.app, you gain the ability to easily manage MenuExtras. But the Time Machine menu extra has not yet been added to the list of menu extras. No matter – you can edit it like so:
Just select Edit… from the popup menu and enter TimeMachine.menu instead of one of the pre-populated choices. You’ll see the little badge warning you that your entry does not match the manifest. That’s OK, it will still work. Setting the value to “false” will cause the TimeMachine menu to be removed from the menu bar at the next login.
I’m managing it once, so it’s off by default, but users can turn it back on if they want.
In an earlier article about putting MCX data into the local DS store, I mentioned that I’m using radmind to deliver the pieces to each client machine. Here’s a little more detail on that.
Continue reading “MCX, dslocal, and radmind”
New in Leopard is the ability to protect an account with FileVault as it is being created. When creating a mobile account, you can check the box to use FileVault, and this setting is easy to enforce with Workgroup Manager’s preference management as part of the Mobility settings.
If you use the Accounts preference pane to create a local account, you’ll see a new checkbox labeled “Turn on FileVault protection”, but it’s unchecked by default. What if your organization wants to ensure that all accounts — even purely local accounts — on laptops are protected with FileVault? With Workgroup Manager’s preference management, there does not seem to be a way to manage this setting in the Accounts preference pane. But you can manage it if you dig a little deeper…
Continue reading “Enforcing FileVault on local accounts”
Managing OS X 