There are a bunch of things that need to be done to make a Mac "lab worthy". Hers is a list: It is currently in the processes of being revised.

  • Disable Bluetooth
    • Turn off Bluetooth
    • Hide status from the menu bar
    • Uncheck all Bluetooth settings
    • Turn off all sharing
  • Disable Airport
    • Hide status from the menu bar
    • Turn off Airport
    • Prevent non-administrators from turning on Airport
    • Remove Airport / wireless from the list of network services

  • Remove all but "Built-In Ethernet" from the Network Port Configuration
  • Make sure ethernet is set for dhcp address lookup
    • Turn IPV6 "off"
    • make sure there is no manual DNS address - it will override the desired dhcp seting
  • Disable automatic/periodic Apple Software Updates
  • Disable remote control infrared receiver
  • Disable automatic login
  • Require password to unlock each system preference
  • Energy Saving
    • If we put client machine to sleep ARD admin thinks it is offline
      • uncheck "Put hard disk(s) to sleep if poossible"
      • set "Put the computer to sleep when inactive" to never
      • schedule start up or wake or shutdown or sleep ??
    • set "Restart automatically after power failure"
  • Remove/Disable undesired software
    • Quicken
    • iLife and components - iPhoto, iMovie HD, iDVD, Garage Band, iWeb
      • to remove these items from the dock (avoid "?" appearing in the Dock) you have to edit /System/Library/CoreServices/
    • MS Office eval
    • iWork eval
    • Big Bang Board Games
    • Internet Connect
    • Network Utility
  • Enable Remote Desktop Control
  • Enable Directory Access Services - Bonjour(obsolete@Leopard), LDAPv3 (but not configured), SMB/CIFS(obsolete@Leopard)
  • Disable Directory Access Services - Active Directory (configured after install)(obsolete@Leopard, off by defaut), Apple Talk(obsolete@Leopard), {BSD Flat File, Netinfo} ((obsolete@Leopard - both are locked on, but Netinfo is now local directory), SLP(obsolete@Leopard). The Directory Utility is found under /System/Library/CoreServices/Directory Utility/Contents/MacOS.
  • Install X11(obsolete@Leopard - installed by default) default X11 does not work. Need to install Xquartz
  • Install Xcode (note, for Leopard, buried within optional installs). Xcode is now an sandboxed App and not in Developers directory
  • Use a local NTP server
  • Customize the ssh_config file
    • set ForwardX11Trusted yes
    • set ForwardX11 yes
    • set GssapiAuthentication yes
    • set GssapiDelegateCredentials yes
    • set-up the kerberos options?? - not required
  • Set-up appropriate defaults for Thunderbird and Firefox
    • Disable auto-updates on the clients (push them from golden image instead)
    • Set mail server defaults, etc??
  • Fix automount ST#64553
    • Using Lingon - under System Daemons -, "un-tick" Enabled
    • as root, edit /etc/auto_master, and "hash out" so it looks like:

         #/net -hosts -nobrowse,nosuid
         #/home auto_home -nobrowse
         #/Network/Servers -fstab

  • Configure snmp ST#64089: get standard /etc/snmp/snmpd.conf, fix ownership, and make sure service is running (Lingon)
  • Fix "Open Mail Relay" using Lingon - as in MacStandardInstall ST#63833
  • Provide standard xhbin and Shells
  • Install NHR package (Network Home Redirector) and NHRUW Scripts from empire using ARD from Ian's machine; fix permissions on scripts - still needed even though Leopard Open Directory is doing the redirecting of ~/Library/Caches
    • the NHR package "enables" login/logout hooks (MacLoginLogoutHooks), and copies an initial version of the scripts that are the "Target" of the hooks; the scripts are then replaceable; the scripts are heavily documented, with a chronological summary at the beginning, and details where specifically required
  • Install Symantec Anti-Virus, there is now a 10.2.x for Leopard
    • Suppress scanning ALL network drives
  • Customize /etc/openldap/ldap.conf for Leopard ST#64465 TLS_REQCERT = never

-- JasonTestart - 21 Mar 2006

-- Main.iturner - 27 Aug 2009 - Sept 2009

Edit | Attach | Watch | Print version | History: r22 < r21 < r20 < r19 < r18 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r22 - 2015-03-27 - EdwardChrzanowski
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback