Systems+Client+Management

April 27, 2010 Systems Client Management

Apple Workshop Client Management: http://www.apple.com/server/documentation

Leopard Admin Tutorials and Tips and tricks http://www.apple.com/education/it-professionals/resources

An environment where students can learn and teachers can teach...

Evaluating, deploying, managing hardware and software


 * 1) Evaluate user needs: Pull in curriculum people to determine what the hardware and software needs are
 * 2) Create images: test configurations - we are using the basic system all year and know what we want based on what we have running currently
 * 3) Image systems

Apple Remote Desktop: Can send Unix and script commands to clients Comes with a Widget that will give you an observe window. Install this widget on a computer and be able to remotely observe what is going on.

Software: if you have software that is installed by just dragging it to the apps folder, use package maker to create a package that can be pushed out with ARD. You can use this to get a font out to clients.

Imaging: cloning Could run a routine so computers come out with individual name

Package based imaging: take a system, add packages

Place a universal disk image on the network that includes Disk Utility and other utilities on it so we can put any computer onto an ethernet cable and start it up from this image.

Set up a local Software Update Server: Would we need this in every building or can it work across buildings?

WebHelpDesk: Download one license for free. Track incidences. Users can open a browser and submit a request. Connected to GSX to track parts.


 * Needs:** We need a way to backup teachers' and administrators' systems without them having take any action.

iPod Configuration Utility:

Wireless application DIstribution for in house apps only Mobile device management: Remote configuration, remote settings updates, remote monitoring, remote wipe and lock
 * Coming Soon: iPhone OS v4**

Local: user lives on that computer Student Network user: home directory stored on network Mobile/Local: Mobile account with non-synched home directory They only use the server connection to authenticate Mobile: Local home directory on their computer but backed up to server Local directory is "mobile" and the server home is called "original" External Mobile Accounts Mobile account with "floating" home directory. This could be a flash drive.

Guest Account: Totally generic, non-permanent account **guest1**
 * Locally created home directory according to what is set at the server
 * ** All data wiped out at logout **

To manage clients you can create groups nested inside of groups. They share some of the settings but not all.

System Profiler - Managed clients can tell you exactly what settings have been set.

Key managed settings: Applications Management:

Applications vs. Folders

Don't use the Applications pane and set certain applications!

Use Folders and set paths to certain things. Anything in the applications is OK

Can't launch apps out of home directory. If you put in ~/ then any application they copy to their home directory will not run.

Automator: put it in Utilities Move: Grapher and Podcast Catcher to Applications folder

Login: access control lists - Specify access to computer by group or user list

Mobility Rules Synching: with Leopard you can choose what you want to sych more specifically

Printing - managed preferences - You can allow the user to create/add a printer Be sure to check off ONLY SHOW MANAGED PRINTERS.

Servers: Change access control list to Network Users: Deny That way only noone can log into the server without the admin login.

Allow/deny applications

Allow: /applications Disallow:

Control Widgets by assigning what they can use: Dashboard

Media Access Eject all removable media and set it so you don't allow them to mount disk images so when they download applications they can't use them.

Create home directory using : set it up to use the network the first time so users get the right dock, bookmarks, and other setttings. Then reset it to use the mobile home directory.

Turn off access to the iTunes store but leave access to iTunes U