Manage OS X Clients for more Control

Recently, I was asked about a way to restrict the use of some applications on end User machines.

Often, one of the reasons you would need to this involve blocking Torrent software or specific software, which goes against your policy.

With a Mac OS X 10.8 Server environment, it was simple

(Depending on the type of binding you are using authenticated vs anonymous, you can push these restrictions, to the users, the group of users, or the machines themselves which then affects anyone on the machine)

On your Open Directory Master

Go to Workgroup Manager 10.8

STEP 1: Select the Group tab

STEP 2: Select the group of Users you want to affect with this restriction

STEP 3: Click on the Preferences Logo

STEP 4: Select Applications

STEP 5: Go to the Legacy tab

STEP 6: Move the Manage Option from Never to Always

STEP 7: Select Allow all Applications except these

STEP 8: Drag and Drop the application you want to block into the list

STEP 9: Uncheck the bottom option to Allow Approved Apps to launch non-approved Apps

STEP 10: Apply Now

And you are done.

All that is left is to make sure the intended users logs out and logs back in and the new restrictions will take effect.


skitch skitch-1


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s