[Casper] Request for Feature

Ernst, Craig S. ERNSTCS at uwec.edu
Thu Apr 3 09:30:07 PDT 2008 

Hello,

I know this may not be an option for people, but we basically depend on Active Directory permissions to handle this. A group in AD is created and then only that group is applied to that particular group of machines with a script under AD administrators.

I imagine a similar thing can be done with Open Directory groups, but I don't use OD here at the moment.

I attached a sample of what we use.

NOTE: I have a sleep in here because this normally runs At Reboot. I could configure this in the Configuration in the JSS, and I do, but an issue that started with 10.4.11 and dsconfigad is that when the JAMF start up script does the binding that includes an admin group, the admin group portion fails. This script waits 60 seconds later when it tries again. This seems to work fine then.

Craig Ernst
Systems Management & Configuration
----------------------------------
University of Wisconsin-Eau Claire
Learning & Technology Services
105 Garfield Ave
Eau Claire, WI 54701
Phone: (715) 836-3639
Fax: (715) 836-6001
----------------------------------
ernstcs at uwec.edu



On 4/3/08 10:44 AM, "NATHANIEL.LINDLEY at spps.org" <NATHANIEL.LINDLEY at spps.org> wrote:



I second Dusty's request.   Scope based rights for building techs to their
network segment(s).

AND, lets have custom searches be able to save "by user" or "for all"
Each school wants their own custom searches, but doesn't need to share them
with the rest of the district.



Nathaniel Lindley

++++++++++++++++++
Learning Systems Specialist
Educational Technology
Saint Paul Public Schools
Saint Paul, Minnesota
nathaniel.lindley at spps.org
phone:  651-603-4929



             "Dorey, Dustin"
             <Dustin.Dorey at dis
             trict196.org>                                              To
             Sent by:                  <casper at list.jamfsoftware.com>
             casper-bounces at li                                          cc
             st.jamfsoftware.c
             om                                                    Subject
                                       [Casper] Request for Feature

             04/03/08 10:41 AM








Not sure if anyone else has requested this before. Or if I'm just missing
something.  But it would be great if there was a way to set up an admin to
have access only to a certain group of machines.     i.e. we have many
different schools in our district and I would like it if our building level
admins had only access to the machines on their subnet or if we could
create a smart group that they were only allowed to administer or something
like that.

Dustin Dorey
Technology Support Cluster Specialist
ISD 196 Apple Valley, Rosemount, Eagan
14445 Diamond Path West
Rosemount, MN 55068
(952) 423-7971
dustin.dorey at district196.org
 _______________________________________________
Casper mailing list
Casper at list.jamfsoftware.com
http://list.jamfsoftware.com/mailman/listinfo/casper




_______________________________________________
Casper mailing list
Casper at list.jamfsoftware.com
http://list.jamfsoftware.com/mailman/listinfo/casper

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080403/35fadb8d/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: script-AD_Add_LabAdmins.sh.txt
Type: application/octet-stream
Size: 290 bytes
Desc: script-AD_Add_LabAdmins.sh.txt
Url : http://list.jamfsoftware.com/pipermail/casper/attachments/20080403/35fadb8d/attachment-0001.obj

More information about the Casper mailing list