10.9 Profile Manager - Restrictions on Apps

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

10.9 Profile Manager - Restrictions on Apps

The Mac OS X Server Mailing List mailing list
We’re looking to restrict a group of users in regards to the apps they can use.  I understand the list of specific Apps is based on the Apps installed on the server.  As we’re not interested in installed suites of Developer apps, I thought we could use the Allow Folder and Disallow Folder options.

My ideal setup would be



Essentially, this would block any apps where a Standard User would typically install - but give them access to a user-level bash and the ability to download home-brew, mysql and various command-line tools.

The issue is; "Disallow ~/" seems to supersede  “Allow ~/Library, ~/bin”, meaning a user cannot run apps within those folders - including bash.  Does anyone have a creative solution to such a problem?

Thanks in advance.

Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:

This email sent to [hidden email]