From cody.smedsrud at successcharters.org Thu Jun 4 10:52:14 2009 From: cody.smedsrud at successcharters.org (Cody Smedsrud) Date: Thu, 04 Jun 2009 13:52:14 -0400 Subject: [Resourcekit] Problem with BindToOD Script Message-ID: I am encountering a couple of problems with the bindToOD script. When I attempt to run the script as the last step of the imaging process (on reboot) it does run. However, when you open the directory utility, there is a red light for the server. Deleting the server and manually entering the exact same information in directory utility results in a green light. Also, the machine is not added to workgroup manager (it doesn't matter if the script was run as part of an image or if the od server was entered into directory utility manually, the machine does not show up in wgm). If I run the script manually from terminal, it runs successfully and you get a green light in the directory utility. However, it still doesn't add the machine to workgroup manager. JAMF technical support suggested that I add a "sleep 45" command to the script. However, I don't know where in the script to place the command. Any suggestions would be much appreciated, Cody Smedsrud -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/resourcekit/attachments/20090604/c121028a/attachment.htm From lpnicholas at moravian.edu Thu Jun 4 11:11:34 2009 From: lpnicholas at moravian.edu (Nicholas, Lauren) Date: Thu, 4 Jun 2009 14:11:34 -0400 Subject: [Resourcekit] Problem with BindToOD Script References: Message-ID: I'm having similar problems... I think it might be the binding sequence in my imaging configuration. I was having some issues with ADmitMac in the firstRun policy, so for now, I took that out of the picture to get the OD binding to work first. Here is my config: MacintoshHD.dmg has a priority of 1. QuickAdd.pkg - priority of 2 createARDaccount.pkg - priority of 2 then two policies: enableARD.sh - After runPolicy - at Reboot the runPolicy is set as "ongoing" scope = all computers Scripts = bindtoOD.sh - priority set to "After" (I have included my bindtoOD.sh in this email) set to "reboot immediately" So, the machine reboots initially and then reboots again after a minute or so. The machine is NOT bound to OD when it comes back up. I get a Red Dot at the login screen (No network accounts available), however, if I go into Directory Services, I see the new entry "/LDAPv3/oracle.moravian.edu" in both the authentication and contacts tabs. However, in the Directory Services tab, I see no server in the list, and if I check in Workgroup Manager on Oracle, the machine is not there. Anyone have any ideas? - LAUREN NICHOLAS User Support Analyst - Hurd Campus Center for Information Technology - CIT Moravian College adjunct prof | graphic design & music ph. 610 861 1633 lpnicholas at moravian.edu From: resourcekit-bounces at list.jamfsoftware.com [mailto:resourcekit-bounces at list.jamfsoftware.com] On Behalf Of Cody Smedsrud Sent: Thursday, June 04, 2009 1:52 PM To: resourcekit at list.jamfsoftware.com Subject: [Resourcekit] Problem with BindToOD Script I am encountering a couple of problems with the bindToOD script. When I attempt to run the script as the last step of the imaging process (on reboot) it does run. However, when you open the directory utility, there is a red light for the server. Deleting the server and manually entering the exact same information in directory utility results in a green light. Also, the machine is not added to workgroup manager (it doesn't matter if the script was run as part of an image or if the od server was entered into directory utility manually, the machine does not show up in wgm). If I run the script manually from terminal, it runs successfully and you get a green light in the directory utility. However, it still doesn't add the machine to workgroup manager. JAMF technical support suggested that I add a "sleep 45" command to the script. However, I don't know where in the script to place the command. Any suggestions would be much appreciated, Cody Smedsrud -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/resourcekit/attachments/20090604/c0511680/attachment.htm From Louis.Sanchez at RoswellPark.org Thu Jun 4 12:10:59 2009 From: Louis.Sanchez at RoswellPark.org (Sanchez, Louis) Date: Thu, 4 Jun 2009 15:10:59 -0400 Subject: [Resourcekit] Firewall Configurations Message-ID: <6B3493ABEE194842A8EFC3FC3B23DE6A0E31EE8DCE@MSXMBCCR2.roswellpark.org> Has anyone used Casper to deploy several firewall configurations? I was thinking of a using a custom field with "" for standard firewall, "Web" for webdev firewall and etc. Using this I could leverage smart groups to do this. But I don't want to waste a field if I don't have to. Any ideas would be appreciated. Louis Sanchez Network Systems Specialist Roswell Park Cancer Institute X3350 This email message may contain legally privileged and/or confidential information. If you are not the intended recipient(s), or the employee or agent responsible for the delivery of this message to the intended recipient(s), you are hereby notified that any disclosure, copying, distribution, or use of this email message is prohibited. If you have received this message in error, please notify the sender immediately by e-mail and delete this email message from your computer. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/resourcekit/attachments/20090604/54e72932/attachment.htm From jcur at loc.gov Wed Jun 24 10:18:08 2009 From: jcur at loc.gov (Jade Curtis) Date: Wed, 24 Jun 2009 13:18:08 -0400 Subject: [Resourcekit] How can get locked out form changing Entourage settings? Message-ID: <4A42279002000076000867F3@ntgwgate.loc.gov> I am looking at the Entourage Setup script in the resource kit. What I am looking for is away to prevent a user from changing the setup and account info in Entourage. I have been looking at Entourage to do not see that there is an option to lock account settings, therefore a user can change or add any email account they like. Is there a policy or script that will refresh account setup deleting any account other then the main account the one that is tried to an Exchange server and have that account maybe refresh with out deleting the Mail? How to prevented users form changing Entourage settings? Jade From william.smith at merrillcorp.com Wed Jun 24 10:28:15 2009 From: william.smith at merrillcorp.com (Smith, William) Date: Wed, 24 Jun 2009 12:28:15 -0500 Subject: [Resourcekit] How can get locked out form changing Entourage settings? In-Reply-To: <4A42279002000076000867F3@ntgwgate.loc.gov> Message-ID: > From: Jade Curtis > Date: Wed, 24 Jun 2009 13:18:08 -0400 > > I am looking at the Entourage Setup script in the resource kit. What I am > looking for is away to prevent a user from changing the setup and account info > in Entourage. I have been looking at Entourage to do not see that there is an > option to lock account settings, therefore a user can change or add any email > account they like. Is there a policy or script that will refresh account setup > deleting any account other then the main account the one that is tried to an > Exchange server and have that account maybe refresh with out deleting the > Mail? That's simply not possible with Entourage and Entourage cannot be controlled with MCX. While you could create a script and a schedule to reset the settings, the user would have full control over them as well. Most of this information is stored within the Entourage Database file, which cannot be manipulated outside of Entourage itself. You'll need to block POP, IMAP and SMTP access at your proxy server. -- bill William M. Smith, Technical Analyst MCS IT Merrill Communications, LLC (651) 632-1492 From taugust04.lists at gmail.com Wed Jun 24 10:43:55 2009 From: taugust04.lists at gmail.com (Ted August) Date: Wed, 24 Jun 2009 13:43:55 -0400 Subject: [Resourcekit] How can get locked out form changing Entourage settings? In-Reply-To: References: Message-ID: <2CEC5497-B584-4923-8ADD-D9DB48433461@gmail.com> On Jun 24, 2009, at 1:28 PM, Smith, William wrote: >> From: Jade Curtis >> Date: Wed, 24 Jun 2009 13:18:08 -0400 >> >> I am looking at the Entourage Setup script in the resource kit. >> What I am >> looking for is away to prevent a user from changing the setup and >> account info >> in Entourage. I have been looking at Entourage to do not see that >> there is an >> option to lock account settings, therefore a user can change or add >> any email >> account they like. Is there a policy or script that will refresh >> account setup >> deleting any account other then the main account the one that is >> tried to an >> Exchange server and have that account maybe refresh with out >> deleting the >> Mail? > > That's simply not possible with Entourage and Entourage cannot be > controlled > with MCX. > > While you could create a script and a schedule to reset the > settings, the > user would have full control over them as well. Most of this > information is > stored within the Entourage Database file, which cannot be manipulated > outside of Entourage itself. > > You'll need to block POP, IMAP and SMTP access at your proxy server. I concur here that it's not an option in Enoturage to prevent/lock account settings from being changed. You will need to do this at a network level. You would want to do this at the network level regardless, since a user could easily download and run a second IMAP/ POP client like Thunderbird and run it from their home directory. It's a lot easier to control the network traffic than to prevent the software from being installed/configured at the client. -- Ted August Salve Regina University