+ Post New Thread
Page 1 of 4 1234 LastLast
Results 1 to 15 of 57
Mac Thread, How to create an OS X Default Profile/Template & Bind to AD - 10.5 - 10.8 in Technical; ...
  1. #1
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19

    How to create an OS X Default Profile/Template & Bind to AD - 10.5 - 10.8

    If you have any questions feel free to leave a note on this forum or email me at: Admin@TwistedMac.com



    This article will explain how to create a default user profile/template for OS X 10.6 Snow Leopard & OS X 10.5 Leopard as well a quick overview of how to bind your Mac to AD (Active Directory).

    Included is a AutorMator script that cuts out a tremendous amount of time with preparing an image for deployment.


    Why create a Default profile/template?
    If you a computer that multiple users log into it on a regular basis & you want all users to have an identical profile with looks, setting etc. then this article will show you how to do so.

    Binding to AD (Active Directory)
    With the new version of OS X Snow Leopard, Apple has now moved where the Directory Utility is found. It's now part of core services unlike OS X Leopard where it was found in the Utilities folder.


    Step 1 (Create default user profile/template ** OS X Snow Leopard & Leopard)

    With your “admin” user fully update OS X.
    ** Keep in mind that there are some applications out there that will not run or support past certain version of an OS X. If this does not apply then update to latest OS X version release.

    With your “admin” user install all needed applications that will be needed all check for any updates for those applications.

    From the “Accounts” panel create a new user. (For this document I will create a user named “default”)

    Enable “Root” user:

    Snow Leopard 10.6 - Go to the Accounts Panel -> Login Options -> Network Account Server & select “Join”. Next select “Open Directory Utility”.
    Once you have the “Directory Open” select ”Edit” from menu bar & select “Enable Root User” and give it a password.

    If you chose to the direct method to open “Directory Utility” is /System/Library/CoreServices/Directory\ Utility.app

    Leopard 10.5 - Go to /Applications/Utilities/Directory\ Utility.app
    Once you have the “Directory Open” select ”Edit” from menu bar & select “Enable Root User” and give it a password.

    Logout & then login into “default” user

    Organize the Dock with all your needed applications

    Adjust settings & preferences for:

    Dock
    Desktop/Finder/MenuBar
    System Preferences (Run through each option in System Preferences & adjust as needed)

    Run “ALL” applications that will be used on the system. Once each application has launched open it’s preferences and adjust as needed. (In most cases, it’s recommended to turn “off” “check for updates” if you do not want users getting prompted each time an application releases an update)

    Once you feel happy with your image and everything is set the way you want it, continue to step 2.

    Last edited by Dos_Box; 21st September 2012 at 02:19 PM.

  2. 4 Thanks to Carter:

    GrumbleDook (11th March 2011), mac_shinobi (6th August 2014), Mr_Andy (24th March 2011), Soulfish (12th March 2011)

  3. #2
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Step 2

    Now restart the computer and login as root.

    EDIT:
    ** Please see notes in post #23 about these scripts **
    OS X Leopard 10.5 - OS X Snow Leopard 10.6 -
    http://dl.dropbox.com/u/121843/OSX10...lt_profile.zip
    OS X Lion 10.7 - http://dl.dropbox.com/u/121843/OSX_1...lt_profile.zip

    This automator script does a lot for cleaning up the profile, copying all needed files, correcting permissions etc. It's very easy to adjust & update for future use.

    What the “default_profile” Automator script does:

    Deletes the old default profile and replaces it with the “default” user
    Clears out un-needed Caches
    Clears Recent Servers
    Clears Cookies
    Clears Documents Folder
    Clears Downloads Folder (in case you left files behind)
    Clears/Empty’s Trash (in case you left files behind)
    Removes Keychains
    Clears Managed Preferences (in case you logged in/tested with a remote user already)
    Corrects needed permissions on the new profile
    Runs “Repair Permissions”

    These commands could be run separately under a regular root user individually but I find it some much easier to click on the script and walk away. This will only work under root. You will get an error under any other user.

    I hope in the next week or so I will fix this up & find a way to have the user prompted for an admin password so this can be run under any admin user but for now use under the root user.

    Once you run this “default_user” script you are done. Shutdown the computer and image the computer.

    If you want to know how to manually bind your Mac to AD checkout Step 3.

    Last edited by vikpaw; 16th November 2011 at 06:06 AM. Reason: Alter links at OP request

  4. 4 Thanks to Carter:

    GrumbleDook (11th March 2011), Soulfish (12th March 2011), ste1988 (2nd March 2012), S_Hannah (9th November 2012)

  5. #3
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Step 3(Binding to AD / Active Directory ** OS X Snow Leopard & Leopard)


    Snow Leopard 10.6 - Go to the Accounts Panel -> Login Options -> Network Account Server & select “Join”. Next select “Open Directory Utility”.
    If you chose to the direct method to open “Directory Utility” is /System/Library/CoreServices/Directory\ Utility.app

    Leopard 10.5 - Go to /Applications/Utilities/Directory\ Utility.app

    Once Directory Utility is open double click “Active Directory”

    Once open enter in the needed info for your Domain, name computer & select what options you want or don’t want.

    Now simply select “Bind” and enter in a user/password that has Network Administrator access to your domain.

    You are now bound to your domain.

    It’s also a good idea to change the login window to “Name & Password” if there will be many users logging into the computer.

    Now restart your computer.

    Once restarted & sitting at your login window, the best way to know you are connect to your domain is to click 5 Times where you see your computer name. You should see a colored dot, which will give you your status. You want to see Green.

    Now try logging in using an AD/Active Directory account.

    Enjoy


  6. 2 Thanks to Carter:

    GrumbleDook (11th March 2011), Soulfish (12th March 2011)

  7. #4
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Here is a quick video on what my "default_profile" script does when it is run. This script does a lot for cleaning up the profile, copying all needed files, correcting permissions etc.



    Last edited by Carter; 11th March 2011 at 10:50 PM.

  8. 4 Thanks to Carter:

    A5Ben (22nd March 2011), GrumbleDook (11th March 2011), mac_shinobi (6th August 2014), Soulfish (12th March 2011)

  9. #5
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    If anyone needs for information on this please ask away


  10. #6

    Join Date
    Mar 2011
    Location
    Syracuse
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Run shell script error

    Hello,

    The application you created looks like it is right up my alley, however when i run it (as root) I get a:

    " The action "Run Shell Script" encountered an error. Check the action's properties and try running the workflow again."


    Do you have any suggestions? I am running this on an iMac running 10.6.6

    thanks
    DK

  11. #7
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Quote Originally Posted by kahnibus View Post
    Hello,

    The application you created looks like it is right up my alley, however when i run it (as root) I get a:

    " The action "Run Shell Script" encountered an error. Check the action's properties and try running the workflow again."


    Do you have any suggestions? I am running this on an iMac running 10.6.6

    thanks
    DK
    Are you trying to run the script via terminal with a normal administrator or do you have the "root" user enabled to log into to run this?

    I'm going to adjust this script to run under any user but haven't had the time to sit down to figure out how to prompt for admin password.


  12. #8

    Join Date
    Mar 2011
    Location
    Syracuse
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by Carter View Post
    Are you trying to run the script via terminal with a normal administrator or do you have the "root" user enabled to log into to run this?

    I'm going to adjust this script to run under any user but haven't had the time to sit down to figure out how to prompt for admin password.

    Hello there.

    I have a root user enabled. I logged in from the login window using the root user, I have also tried the terminal...and get this error:

    admins-iMacesktop root# cd TwistedMac_default_profile\ 2.app/Contents/MacOS/
    admins-iMac:TwistedMac_default_profile 2.app root# ls
    admins-iMac:MacOS root# ls
    Application Stub
    admins-iMac:MacOS root# ./Application\ Stub
    2011-03-28 20:30:33.937 Application Stub[203:903] No application name for definition file at path: /Library/Automator/Office.definition
    2011-03-28 20:30:41.305 Application Stub[203:903] Automator Launcher is missing or damaged

    any help is greatly appreciated.

    Thanks

  13. #9
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Odd..... not sure what's up with that. Try opening up AutoMator then open up the script. Here you should see all the steps and commands to be used in this script. If it opens here try re-saving the file.


  14. #10

    Join Date
    Mar 2011
    Location
    Syracuse
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Carter,
    No luck with that either...it opened up just fine in Automator, and I saw all the commands. I saved it as an app just fine but running it same thing.

  15. #11
    Carter's Avatar
    Join Date
    Sep 2010
    Location
    Canada
    Posts
    269
    Thank Post
    10
    Thanked 66 Times in 41 Posts
    Rep Power
    19
    Not sure why your getting those messages ... your running by just double clicking it right? I'll have a look tomorrow at the script to see if for some reason it's corrupt. used it today myself at work and was fine but will have another look tomorrow once back in the office.


  16. #12

    Join Date
    Mar 2011
    Location
    Syracuse
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks.

    Currently in our setup that damn keychain issue keeps popping up. I am hoping your automator app will solve this.

    thanks

  17. #13

    Join Date
    Mar 2011
    Location
    Syracuse
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi Carter,
    I got this to work, however....

    When an LDAP user logins into the computer they get prompted with "The System was Unable to unlock your Keychain" .....any ideas?

    I have gone into the "default" user and deleted the Keychain, restarted and ran your script again. The keychain error is still present.

    thanks for any help

  18. #14

    Join Date
    Apr 2011
    Location
    Brixham, Devon, UK
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    I have a simpler question ..

    Hi all. Sorry to jump in here.

    I don't need to set up a default profile as such. But I have a simple need to add one other user, - but copy the same profile as the administrator's to use for that user. I only want to do this once and I thought that OS X might just have a simple way of doing this, - but I can't find one.

    Any ideas?

    TIA

  19. #15

    Join Date
    Apr 2011
    Location
    London
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Wanting to take this further

    Hey Guys,

    I have created my default template in a similar fashion as described above, however, I would like to be able to have my users choose which language they want and use the default template associated with that language, however, when I remove the AppleSetupDone it defaults to English without asking, so the other language templates are redundant.

    Any ideas?

SHARE:
+ Post New Thread
Page 1 of 4 1234 LastLast

Similar Threads

  1. Has anyone used Access to create a school report template?
    By laserblazer in forum General Chat
    Replies: 1
    Last Post: 24th May 2011, 09:25 PM
  2. Edit the Default User Template?
    By Zoom7000 in forum Mac
    Replies: 3
    Last Post: 5th September 2010, 11:34 PM
  3. Mandatory Profile & Default Printer
    By chrisjako in forum Windows Server 2000/2003
    Replies: 0
    Last Post: 25th February 2010, 10:11 AM
  4. Create Custom ADM Template
    By robbied69 in forum Windows
    Replies: 5
    Last Post: 5th September 2008, 05:37 PM
  5. Default template user 4 module
    By crazy in forum EduGeek Joomla 1.0 Package
    Replies: 2
    Last Post: 11th January 2008, 09:40 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •