Meeting Notes - Sep 19, 2001
By: Mikio Moriyasu - Revised: 2006-10-05 devinSection Links
Ambrosia Software's Snapz Pro X by Scott Doenges
The information in Scott's presentation can be found here.Hi-Resolution Systems' Mac Administrator 2.0 By Mikio Moriyasu
Additional, more detailed information regarding Mac Administrator and its operation will eventually be made available in a dedicated page that will be part of the main Mac Managers website at: http://www.macos.utah.edu. A link will be added to this page when the site is active.What is Mac Administrator?
Mac Administrator is a system management tool from Hi-Resolution Systems that is designed to give system administrators the ability to remotely conduct a variety of administrative, maintenance, management, and security functions on either individual machines or groups of machines using variety of GUIs, menus, and windows . A few of these functions include the following:
- Operate user authentication operations using existing, commonly available authentication servers.
- Regulate & monitor the network accessibility of users or groups of users.
- Regulate & monitor usage privileges on individual machines or groups of machines by users or groups of users.
- Regulate & monitor the general activities of users or groups of users while accessing the network and using machines.
- Regulate, monitor, & record the general activity of individual machines or groups of machines.
- Remotely install, remove, upgrade, & regulate applications, folders, & files on individual machines or groups of machines.
Authentication Software - Mac Administrator is designed to integrates with existing network infrastructures. As a result, user authentication can be done with either existing users and passwords on existing servers or MacAdministrator's own users/passwords database. On the client machines, authentication software consists of following users “Authenticator Plug-ins”.
- AppleTalk Filing Protocol (AFP)
- Kerberos
- NetWare Directory Services (NDS)
- POP
- Override Authenticator: Mac Admin specific authentication that provides access to machines when of authentication servers are not available.
Configuration Manager - This is the primary administration application for Mac Administrator. It is essentially an interface with which system administrators can modify data contained in files located in the Client Control Database and subsequently establish Mac Administrator's operation. It can be located and run on any machine which has access via the network to the Client Control Database which is stored on the server. As a result, full remote administration of the users and machines on the network is available for the system administrator.
Users - These are accounts that establish individual user identifications and configurations for access to the network. Some of the information that is given in the accounts are the User's Name, Password, Login clearance mode, & total Print Credits available. The accounts also identify if the user belongs to a specific Users Group Profile.
User Group Profiles - This is a feature of Mac Administrator that Allows system administrators to group together users who share similar software needs or requirements. The user account functions that are managed in the Group Profiles include the following:
- Login-Startup-Logout configuration.
- Password configuration controls
- Printer assignments and printing configurations
Machines - These are accounts that provide system administrators with basic operational information on each Client machine managed by Mac Administrator. This information is listed below:
Machine Group Profiles - Like the Users Group Profiles, this feature allows system administrators to group together and manage Client machines that share similar software configurations. The primary features that are managed in the Group Profiles include the following:
- Machine Name
- Login/No Login mode enabled or disabled
- Is a user logged in and when did he log in
- Name of user who is logged in
- Any Login Errors encountered during login
- Machine Ethernet Address
- Assigned Machine Group Profile
- Naming assignments
- Login/No Login mode configurations
- Assign a “TimeTable”
Mac Admin feature that controls which users can use which machines at what times. In a lab setting, the administrator can "lockout" all users except those who will be attending a function that is taking place in the lab at a specific time.- Assign/Remove “Distribution Sets”
These are collections of applications, folders, or files that are specifically assigned to a given Machine Group Profile. The distribution of these files to the machines assigned to the Group Profile is not influenced by the logged in users.- Assign an “Agent Control File”
This is an interface that allows system administrators to determine what Agents run, when these Agents run, and on what Client machines they run on.
Agent Control File - Mac Administrator Agents are software components that perform a variety of maintenance and data recording tasks both to and from Client machines. The Agent architecture is such that it is both extendible and flexible. Agents can be assigned to run on either Machine Startup or Shutdown, User Login or Logout, or at pre-specified times. These assignments are made using a comprehensive user interface known as the Agent Control File which lists all available agents and when they are scheduled to run. For some agents, the control file will automatically limit when they can be scheduled either because their operation certain times is not necessary or will disrupt the operation of other agents. Listed below are the Agents that ship with Mac Administrator 2.0 and a brief description of their function.
- Unmount And Eject - Unmounts any file server volumes, and ejects any ejectable disks.
- Mac Administrator Maintainer - Ensures that the MacAdmin Client machine's local information is up to date.
- Common Restore - Will download from the Server anything stored in the "Common Files" folder, and anything stored in the "Distribution Sets" folder which matches the machine's Distribution Set configuration.
- Folder Sweep - Will delete old files from the specified folders and/or empty the Trash.
- Mac Administrator Agent Scheduler - Launches any other Agent which are scheduled to run at a specific time.
- Mac Administrator Hardware Audit - Performs a hardware audit of the Mac Admin Client machine.
- Mac Administrator Software Audit - Performs a software audit of the Mac Admin Client machine.
- Mac Administrator Usage Monitor - Monitors and records which applications are being used, for how long, and by which user.
- Mac Administrator Listener - Receives the remote commands which can be sent from the Mac Admin Configuration Manager application.
- Restore Common Prefs - Distributes preferences common to all Client machines.
- Restore Documents - Restores users' work.
- Restore User Prefs - Restores users' preference files.
- Save Documents - Saves users' work.
- Save Machine Data - Uploads to the Server any audit files stored on the Mac Admin Client machine.
- Save User Prefs - Saves users' preference files.
- User Group Restore - Distributes files based on User Group.
- Automount - Mounts the remote volumes as specified in the AutoMount preferences.
- Close Finder Windows - Closes any Finder windows which are currently open.
- Configure Protection - Configures the Protection Software.
Protection Software - The Mac Administrator Protection software is designed to maintain all or part of a Client machine in a fixed state. Depending on the extent to which the system administrator wished to "lock down" the machines, this maintenance can encompass the Hard Drive file structure, the Desktop, and even the Trash can. Protections” are assigned to machines or groups of machines using “Protection Configuration Files”.
OS components & features that can be managed:Printing - As every user must login in order to access a machine, system administrators can monitor and control users printing actions in the following ways:
OS operations that can be managed.
- Chooser Devices
- Compact Discs
- Control Panels
- Copying and Installation to and from the Hard Disk.
- Folder naming, relocation, creation, addition, deletion, and locking on the Hard Disk.
- Netscape download prevention.
- Software launch controls
- Start-up & System controls - Shift Key disable, Hard Disk write protection, Screenshot disable, & AppleTalk Off disable
- Assign specific printers to each User Group
- Assign a maximum number of pages per printing action on a per user basis
- Assign a maximum amount of “credit” to be charged on a per page basis.
Pros
- Gives system administrators a wide range of deal of remote centralized management and protection control over the machines on the network.
- Provides system administrators with powerful tools to manage and maintain, applications, folders, and files.
- Yet, Mac Administrator is flexible enough to allow for specific individual or group needs.
- Gives system administrators the ability to monitor, manage, a variety of users activities.
- Extensive documentation & reliable and knowledgeable support people
- Installation and removal is very straight forward.
- Graphical User Interfaces for all configurable settings and functions.
- Drag and drop addition of Apps, Folders, & Files (sort of).
- The various "copy" Agents will copy down items to the Client machines according to the folder structure. For example, Prefs located in a System Folder - Preferences folder in the "Common Prefs" Folder on the server will be copied down to the Preferences folder on the Hard Disk.
- Users can take their settings with them from machine to machine.
- Can be used in concert with RevRdist to a point.
- The application is very complex and requires a great deal of configuration time.
- Familiarization and testing period is high recommended before widespread implementation can occur.
- Each time a user logs in, depending on the degree of system protection and complexity of the User Group Profile, the actual login time is as long as a standard cold startup.
- Features available for such applications as RevRdist or netOctopus may not be available with Mac Administrator because of its extensive management functions.
- May not be suitable for labs with large number of machines or in labs where public access is required.
- Application, Folder, & File distribution methods not as flexible or as configurable as some may want
- Protections not as flexible as some may want.
- Agents not be as flexible as some may want.
A detailed demonstration of Mac Administrator will be available within the next month at: www.macos.utah.edu.
Click on the “Documentation” button.You can also visit the Hi-Resolution Software product home page at: http://www.hi-resolution.com.
Click on “Mac Administrator”
Other Issues
A few additional issues were brought up during the course of the meeting:- James' presentation on Customizing Apple Software Restore has been rescheduled for a future Mac Manager's meeting.
- If there is a topic you would like to see discussed at a future Mac Managers Meeting, please contact us here.
- Meetings
- Directions
- Next Meeting
- Previous Notes
- Dec 15, 2004
- Nov 17, 2004
- Oct 20, 2004
- Sep 15, 2004
- Jul 21, 2004
- Jun 16, 2004
- May 19, 2004
- Apr 21, 2004
- Mar 17, 2004
- Feb 18, 2004
- Jan 21, 2004
- Nov 19, 2003
- Oct 15, 2003
- Sep 17, 2003
- Aug 20, 2003
- Jun 18, 2003
- May 21, 2003
- Mar 19, 2003
- Feb 19, 2003
- Jan 15, 2003
- Nov 20, 2002
- Sep 18, 2002
- Jul 17, 2002
- Jun 19, 2002
- May 15, 2002
- Apr 17, 2002
- Mar 20, 2002
- Jan 16, 2002
- Dec 19, 2001
- Nov 21, 2001
- Oct 17, 2001
- Sep 19, 2001
- Aug 15, 2001
- Jun 20, 2001
- May 16, 2001
- Mar 21, 2001
- Feb 21, 2001
- Jan 17, 2001
- Dec 20, 2000
- Previous Topics
©2022 - University of Utah -
Marriott Library -
ITS - Apple Infrastructure
Disclaimer - 295 South 1500 East, Room 1705J, SLC, UT 84112 - 801.581.6494