I manage several computer classrooms where the instructors use ARD to
observe and control the students stations. I did not want to give them
administrative access to these stations and so I had to figure out a
method to disable ARD from requiring admin access. The following
solution has been mentioned on the archives but I believe nobody was
able to get it to work. I've tested and it works fine in my
environment.
Paste the xml code below into /etc/authorization. Be sure to back it up
before making changes so that you can restore from backup in single
user mode if necessary.
The following allows any group you designate to have access to ARD, in
this example the staff group is designated:
<key>system.netassistant.</key>
<dict>
<key>class</key>
<string>user</string>
<key>comment</key>
<string>Allow group staff to launch Apple
Remote Desktop.</string>
<key>group</key>
<string>staff</string>
<key>mechanisms</key>
<array>
<string>builtin:authenticate</string>
</array>
<key>shared</key>
<false/>
<key>timeout</key>
<integer>300</integer>
</dict>
Or you could do the follow which allows any user to launch ARD without
prompting for a password. I prefer this method because ARD still asks
for the keychain password which stores the computer list.
<key>system.netassistant.</key>
<dict>
<key>class</key>
<string>rule</string>
<key>comment</key>
<string>Allow all users to launch Apple Remote
Desktop.</string>
<key>rule</key>
<string>allow</string>
</dict>
I hope somebody finds this useful.
Quico
--
Francisco "Quico" Gonzalez
University of California Davis
Computer Lab Management
Information and Education Technology
_______________________________________________
remote-desktop mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/remote-desktop
Do not post admin requests to the list. They will be ignored.
