Login/Logout Hooks for a shared user account with Active Directory.
We are a former MacAdministrator school (their lack of support for 10.6 being the primary reason). In it's place, we're planning on using Mac OSX Server and ARD to manage clients, authenticating through Active Directory. We'd like to emulate how MacAdmin functions for a few features. One is the static home folder for all users. We've been successful setting that up so that a new user is presented with a fully customized starting environment, dock layout and first application runs already in place. We used this walkthrough to achieve these results. "Michael's Mac - Create a Custom Environment for Leopard's New Guest User"
We have run into some issues that we are close to solving but are hoping someone has run into and can help us resolve.
The login.keychain file need to be deleted on logout otherwise the next user gets a keychain error on login. (Continue to login, Change Keychain PW, and Use new Keychain are options on error window)
We think creating a logout hook to delete this and any other files we want replaced with defaults is possible, however we have not found out how to implement this yet.
We have seen scripts that destroy the user on logout however we would like some persistence of files so that if a user inadvertently forgets to backup files they would be able to get it off the local machine after a reasonable amount of time.
We have found the following resources on logout/login hooks but could use a bit more hand holding in creation and editing of these scripts.
At this point we don't know how to get the scripts into the machine so they run on logout as well as the exact wording of the scripts.
"System Startup Programming Topics: Customizing Login and Logout"
"Bombich.com: Mac OS X Management Custom Shell Script Library"
"Bombich.com: Implementing Login and Logout hooks for System Management"
Media Services Coordinator,
School of the Museum of Fine Arts