Contact Form    |   Email    |    Site Map
RSS

Custom Preferences in Workgroup Manager

In Workgroup Manager (WGM) system administrators have the ability to customize client settings through a graphic user interface (GUI). While the GUI that WGM provides is pretty comprehensive, it doesn't address all of the features of the operating system, installed applications, or the utilities. However, managed preferences on OS X are binary XML files that can be easily altered and pushed out in the Details tab under WGM preferences pane.

Property List Editor

The easiest way to view binary XML files is by using Property List Editor (PLE) provided in Apple's Developer Tools. These tools are available on the Mac OS X server installation DVD. You can also run a utility through terminal, but for the scope of this article I'll keep it simple.

Managed Preferences

You can view what preferences are being pushed to the client by looking in the following location: ~Library/Managed Preferences/User. The following files are a few you might encounter, and a quick view in PLE will show you how the XML is structured:

  • com.apple.applicationaccess.plist
  • com.apple.desktopservices.plist
  • com.apple.dock.plist

Each time a client logs onto the network these files are refreshed from the server, and their presence is a good indication your server is functioning well.

Customized Preferences

Using Apple's advanced search features you can find literally hundreds of .plist files located in several locations: System Library, AdminLlibrary, User Library and even within applications themselves. Unfortunately, this doesn't mean that altering them and pushing them out from the server to the Managed Preferences will work 100% of the time. The operating system doesn't always recognize customized XML files in the managed preferences folder.

Through trial and error I'm able to share with you a few that do work, and are often needed by system administrators.

iTunes

iTunes has many features that are wonderful for individual use, but not so desirable on a school or business network. The following file will give you control over the music store, podcasts, radio, shared music, and supported content.

iTunes in Property List Editor

 

iPhoto

iPhoto has a feature that allows you to share your photo library and browse for others on the same network. While you can disable this functions within iPhoto itself, network administrators may want to disable this feature through servers preferences.

iPhoto in Property List Editor

 

Desktop Picture

You can specify the desktop picture of the client by altering the pathway in the following preference file, and specifying "never" for the change key value. In this instance, we've used Apple's default desktop picture Aqua Blue.

Desktop prefs in Property List Editor 

 

Dictionary

At first I thought placing parental controls on a dictionary was a little over-the-top. However a simple search on the "F" word brought back 42 very creative definitions not suitable for children.

Dictionary prefs in Property List Editor 

 

iChat

This setting allows a system administrator to limit the connection speed of iChat video/audio conferences assuring that no one user grabs the whole pipe. The connection variable ranges from 100 to 500 bits per second.

iChat prefs in Property List Editor 

 

Summary

Workgroup Manager offers a surprising amount of control outside the graphical user interface, and I suspect that universal support for XML managed preferences will become more standardized through each operating system update.

One word of advice before I sign off on this article. Be sure to test test test before deploying on a live environment.

0 Comments | RSS