Delay during blue screen before loginwindow

[Rusty Myers]

[QUOTE][u]Quote by: Patrick+Fergus[/u][p]Silly question (but boy did this one get me for a few hours), have you created your admin’s user record (/var/db/dslocal/nodes/Default/users/etcadmin.plist) [i]before[/i] trying to set the ARD rights? The record has to be there first. After that, you should be able to set the privileges and read them back:[code]defaults read /var/db/dslocal/nodes/Default/users/etcadmin naprivs
(
“-2147483395″
)[/code]”naprivs” would mean “Network Assistant privileges” for those unlucky enough to remember Apple Network Assistant. Maybe ARDAgent horks if you’re “specifying users” but you don’t have any users enabled? Also, I created a custom installer, and the postflight_kickstart_entries file here:

~/Desktop/Custom\ Remote\ Desktop\ Installer.mpkg/Contents/Installers/RemoteDesktopClient.pkg/Contents/Resources

Has the “specifiedUsers” command [i]after[/i] the privilege-granting command (backslashed for readability):[code]-configure -users ‘etcadmin’ -access -on -privs -DeleteFiles -TextMessages -OpenQuitApps \
-GenerateReports -RestartShutDown -SendFiles -ChangeSettings
-configure -allowAccessFor -specifiedUsers[/code]Perhaps order of operations is important?

– Patrick

[/p][/QUOTE]

If “created your admin’s user record” comes with creating the Account, then yes. I use createUser to make my account and then the ARD script comes afterwards in the build train. I will need to run another build to be sure that the user record is created, unless you know that it’s not until after first boot.

I see what your saying about the order. I assume my order is correct because the commands work when run after first boot from the terminal.

Thanks!
Rusty

[Rusty Myers]

[QUOTE][u]Quote by: knowmad[/u][p]ok, silly/dumb questions because I am not awake yet….. (maybe I should wait and read after coffee…. nah I’ll just ask)
1) you are referring to etcadmin ….. is that because your account is named etcadmin or because your account is hidden (why you would put it there I don’t know) in the etc folder….?

Am I correct in assuming it would read something like this if my account was named ACCOUNTNAME: (grabbed code from an earlier example in the thread but it should suffice to understand the situation)
[code]
#!/bin/sh

#Enable ARD for ACCOUNTNAME
“$3″/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk “$3” -configure -allowAccessFor -specifiedUsers
“$3″/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -targetdisk “$3” -activate -configure -access -on -users “ACCOUNTNAME” -privs -all -restart -agent

exit 0[/code]

2) creating the permissions you are referring to is done separately from creating the accounts in dslocal?

3) Please break this down into a time line of when your doing what…. ie something like adding events to this list:
a) instadmg
b) reboot/firstboot
c) boot script
d) login script
because I am am not following something and I think it is in that time line.

Thank you,
Knowmad – asking the dumb questions so you don’t have to.
[/p][/QUOTE]

1) ETC=Education Technology Center, it’s our admin account. Local admin, all the Apple defaults. You are correct in your assumption of the code, the user I want to give permissions to would be in the “ACCOUNTNAME” location.

2) The users is created first, then the ARD permissions are assigned. They are done separately.

3) Events:

instadmg train:
OS X 10.5
OS X Update 10.5.5 + Base Updates
Custom Packages:
CreateUser package with etcadmin account
Office 2008
ARD package
Misc. Apps
ClearReg package
First boot

I don’t currently have any scripts running on first boot/reboot/login. I am trying to get ARD to activate during the build, instead of after. It’s not that I can’t get it to work with launchd, but it’s that I wasn’t going that route at the moment.

Thanks,
Rusty

[Author]

Posts