[Casper] User Environment for group of users

Ryan Harter rharter at uwsp.edu
Mon Oct 6 12:12:30 PDT 2008 

Hi Nathaniel-

This seems to be an interesting situation.  This might not be the best  
(or supported) approach, but I can tell you how I would approach it.

What I would do is make a generic, custom user home directory into a  
package a la Composer.  Don't just grab the changes though, grab to  
whole 'example' user directory.  Then make a policy like you normally  
would limiting the scope to the AD group you want and have it run a  
script with the following, for example:

#!/bin/bash

$USER=$3

# This next one may take some modification depending on how you  
connect to AD
$USERHOME=`dscl localhost read /Active\ Directory/All\ Domains/Users/ 
$USER NFSHomeDirectory | cut -d' ' -f2`

# Remove an existing home directory
rm -rf $USERHOME

# Mount package and copy contents (similar to how Casper works)
mkdir /tmp/packages
mount_afp afp://user:password@server/share /tmp/packages  # For us  
it's "mount_afp afp://user:password@xsrv1/CasperShare /tmp/packages"

# Mount (or "attach") the package
hdiutil attach /tmp/packages/Packages/<package name>.dmg

# ditto out the contents into the user's home directory
ditto /Volumes/<package name> $USERHOME
# Change ownership
chown -R $USER $USERHOME

# Cleanup
hdiutil detach /Volumes/<package name>
umount /tmp/packages

exit 0

This script will obviously have to be modified to match your  
infrastructure, but will mount the package and copy the contents to  
the user's home directory.  If this policy only runs for the users in  
a certain AD group (via the policy scope) then you should have the  
solution that I think you are looking for.

This method of mounting the package and using ditto is what Casper  
used to use for package installation and is currently used as the  
fallback if asr (the current copy method) fails.  Unfortunately, I  
don't have the experience with ASR to show you how to use that.

I cannot stress enough that I just typed this script into this email.   
It is not something that I use in practice and it's possible that  
there might be errors is it so make sure you test it before you use it  
(should be good practice for anything you use).

Hope it helps, let me know if I can help any further.

Ryan Harter
UW - Stevens Point
Workstation Developer
715.346.2716
Ryan.Harter at uwsp.edu

On Oct 6, 2008, at 12:40 PM, NATHANIEL.LINDLEY at spps.org wrote:

>
> Craig,
>
> Sorry, I'm not clear myself in some ways.
> when a user from an AD group called "online testers" logs in to a  
> computer I want a policy activated by that login to set the desktop,  
> dock, system settings and install the test application software  
> package.   The dock will be empty except for that one test  
> application, some finder prefs (don't show connected servers" and a  
> different background desktop to show that it isn't a standard user.   
> So the Application package isn't unique to the user but the Dock and  
> such are unique to the user who is a member of this group.  I don't  
> want this online testing User Environment settings to be applied to  
> other users on the computer or the User template on the computer.   
> Just these few testing users who will get local home directories  
> made on the computer when they login-per the AD plugin settings.
> Does that help?
> -Nathaniel
>
>
>
> "Ernst, Craig S." <ERNSTCS at uwec.edu>
> Sent by: casper-bounces at list.jamfsoftware.com
> 10/06/08 12:32 PM
>
> To
> Casper List <casper at list.jamfsoftware.com>
> cc
> Subject
> Re: [Casper] User Environment for group of users
>
>
>
>
>
> Hi Nathaniel,
>
> Can you clarify the language here a bit for me...particularly the  
> per user stuff.
>
> Do you have additional settings that need to get applied to just  
> these users (and not anyone who applies this particular package),  
> AND a unique dock you want for these users as well?
>
> Craig E
>
>
> On 10/6/08 12:04 PM, "Nathaniel Lindley"  
> <NATHANIEL.LINDLEY at spps.org> wrote:
>
>
> We've started preparing for our online testing deployment and I'd  
> like to trigger installs of software and user environment settings  
> based on a login of certain users or a group of users.
> For example, when "testing1" logs in who is a member of the AD group  
> "online testing users"  they should trigger the install of the  
> testing software, User ennvironment settings and turn off some  
> services (like anti-virus).   So I can get the policy to trigger at  
> the users login and the software to install, but the User  
> Environment stuff doesn't seem to work, because I created the  
> package  in Compuser using a generic "student" account.  Then the  
> desktop,dock plists get placed for the local student account and not  
> for the "testing1" account.  I don't want to fill User Template or  
> Existing Users on the machine b/c I only want it for this group of  
> users.   Do I need to create a UEV package for each testing user? or  
> can I apply the UEV package to a group of users based on login name  
> or group membership?  and have it fill their user preferences?
> Do I need to write some custom scripts instead?
>
> Version 6.01
>
> Thanks
> -Nathaniel
>
>
> Nathaniel Lindley
>
> ++++++++++++++++++
> Learning Systems Specialist
> Educational Technology
> Saint Paul Public Schools
> Saint Paul, Minnesota
> nathaniel.lindley at spps.org
> phone:  651-603-4929_______________________________________________
> Casper mailing list
> Casper at list.jamfsoftware.com
> http://list.jamfsoftware.com/mailman/listinfo/casper
>
> <ATT00001.txt>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20081006/1b25d01d/attachment.htm

More information about the Casper mailing list