PDA

View Full Version : Make Network Account Local Admin?




BrandoFiasco
Dec 3, 2012, 08:25 PM
I'm new to OS X server. I just setup Lion Server, OD, and a couple user accounts which are working fine, but is there a way to configure a network account as a local admin? So that way no matter what computer they login to-they are an administrator. I cant seem to find an answer to this one.

Thanks for the help.



Chimaera
Dec 5, 2012, 04:29 PM
I'm new to OS X server. I just setup Lion Server, OD, and a couple user accounts which are working fine, but is there a way to configure a network account as a local admin? So that way no matter what computer they login to-they are an administrator. I cant seem to find an answer to this one.

Thanks for the help.

As far as I can tell you can create a policy in Profile Manager and then apply that to enrolled machines?

I'd suggest creating a 'local admin' user group in OD and applying *that* via profile - that way you can just add/remove users from that group rather than editing the profile every time you need to make a change.

I've not got any firsthand knowledge though, only theoretical so could be mistaken.

pwbeninate
Dec 15, 2012, 09:53 PM
And the users who should have local admin rights to a group in OD. Then use the 'dseditgroup' command to give that OD group admin rights on the client.

sudo dseditgroup -o edit -a “od group name” -t group admin