Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

jas3542

macrumors newbie
Original poster
Nov 9, 2015
9
0
Hi, i'm working in a company who have a lot of macs. What i would like too know is if mac's have local polices like windows?. The company use Microsoft intune to control all de devices. The problem is that intune doesn't support mac's.

What i can use to put some type of policies? Something simple because the company have to do it to get a ISO certification.
 
I guess you can try to get something from Mac OS X Server. Or, just dig into terminal and thousands of kext, plist files to see if there is a possible solution.

And, yeah. If Mac OS X has a really easy place like Windows enterprise SKU, where I can easily manage from a single machine to thousands of machines using group policy and domain, that would probably be a deal breaker, for Mac OS X in, yeah, enterprise market.
 
is there any option which doesn't require a payment xD?. I mean free?..i've been looking for this a long time but no luck at all.
i just want to control the password's(length,combination,password historial)..nothing else, Something simple for the certification.
need it for next week,have no time xDDD
 
is there any option which doesn't require a payment xD?. I mean free?..i've been looking for this a long time but no luck at all.
i just want to control the password's(length,combination,password historial)..nothing else, Something simple for the certification.
need it for next week,have no time xDDD
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/pwpolicy.8.html
Here is a BSD version of password policy control. You can then populate a script to all Mac machines and see if it is possible to run at startup.
http://www.cnet.com/au/news/how-to-set-up-password-policies-in-os-x/
In this article, Workgroup manager might be able to help you out but the version is really old.
 
Thx vry much for your help. I have tried the 2nd link and windows workgroup manager doesn't work, It needs version 10.10 or earlier -_- .
 
Thx vry much for your help. I have tried the 2nd link and windows workgroup manager doesn't work, It needs version 10.10 or earlier -_- .
Then how about the first one? I didn't try it out but it should be available for EL Capitan.
 
i'm trying the first option, lets see if it works. One more time, THXs :)
 
You should look at Profile Manager in OS X Server. The Server is only $20, I am sure that your organisation can afford it.
 
Hi, i'm working in a company who have a lot of macs. What i would like too know is if mac's have local polices like windows?. The company use Microsoft intune to control all de devices. The problem is that intune doesn't support mac's.

What i can use to put some type of policies? Something simple because the company have to do it to get a ISO certification.
You're looking at Configuration Profiles. These can be made with OS X Server, or with other tools (Server is the easiest way to make profiles, but it's possible to convert preference files into Profiles.)
It's not going to be simple to implement these and isn't a good idea to rush them out in a week without testing. If all the Macs in an environment are unmanaged now, you can break a lot of things and make workers angry by implementing a half-baked solution.
Without knowing what you're trying to manage, it's difficult to say that OS X Server is the best, or most appropriate solution, but it likely is a good start. The Profile Manager in Server can have significant reliability issues so it is not my favorite tool to push out profiles, but it is the simplest.
What do you need to manage on the client Macs?
 
You're looking at Configuration Profiles. These can be made with OS X Server, or with other tools (Server is the easiest way to make profiles, but it's possible to convert preference files into Profiles.)
It's not going to be simple to implement these and isn't a good idea to rush them out in a week without testing. If all the Macs in an environment are unmanaged now, you can break a lot of things and make workers angry by implementing a half-baked solution.
Without knowing what you're trying to manage, it's difficult to say that OS X Server is the best, or most appropriate solution, but it likely is a good start. The Profile Manager in Server can have significant reliability issues so it is not my favorite tool to push out profiles, but it is the simplest.
What do you need to manage on the client Macs?



I would like to :
  • Put password policy (length,old password historial,etc). (Required)
  • Put it in suspend mode after "x" minuts. (Required)
  • control user permissions. (Optional)
  • control filevault (Optional)
  • make reports (less required)
THx
 
I would like to :
  • Put password policy (length,old password historial,etc). (Required)
  • Put it in suspend mode after "x" minuts. (Required)
  • control user permissions. (Optional)
  • control filevault (Optional)
  • make reports (less required)
THx
You can easily do items 1, 2, and 4 with configuration profiles. You may or may not be able to do #3, depending on what you want to control, but you cannot do #5 with profiles. There are many management tools that will do reporting, but OS X Server and Profiles do not handle it.
 
You can easily do items 1, 2, and 4 with configuration profiles. You may or may not be able to do #3, depending on what you want to control, but you cannot do #5 with profiles. There are many management tools that will do reporting, but OS X Server and Profiles do not handle it.

sry but configuration profiles it's the users screen in clients mac? Where you can change passwords and account type (admin or not) or it's a OS X Server.
 
sry but configuration profiles it's the users screen in clients mac? Where you can change passwords and account type (admin or not) or it's a OS X Server.

OK, I'm checking OS X Server, i think we are going to buy it. My question is: do we need a mac only for this or i can install it on clients (one by one) and configurate the preferences. THX
 
OK, I'm checking OS X Server, i think we are going to buy it. My question is: do we need a mac only for this or i can install it on clients (one by one) and configurate the preferences. THX
I don't know anything about something like domain in Windows, but you might only need to buy one, add all machines pending for management to that server and set password enforce policies, limit user activities, enable system logs, etc.

And, don't forget some useful terminal tools integrated to system. ;)
 
I don't know anything about something like domain in Windows, but you might only need to buy one, add all machines pending for management to that server and set password enforce policies, limit user activities, enable system logs, etc.

And, don't forget some useful terminal tools integrated to system. ;)


HI, u r like always online xD. NICE!.
For the moment, i only know that u can buy the X Server which have no user limit. But the dubt is, as it is a Server, Do i need a mac only for the X Server?.

a structure like the image.

;)
 

Attachments

  • clientServer.gif
    clientServer.gif
    8.7 KB · Views: 119
HI, u r like always online xD. NICE!.
For the moment, i only know that u can buy the X Server which have no user limit. But the dubt is, as it is a Server, Do i need a mac only for the X Server?.

a structure like the image.

;)
I believe you have a wrong sense for this case. In fact, Outlook notify me there is something new and I know you have replied. :) Off-topic.
Well, I would use the tree topology to control other Macs. Windows domain may use the same structure to control other machines. In Windows domain, we often need a domain controller to control Windows client, plus DHCP server, DNS server if needed. I played around this for a while but I forgot about it, plus I am not a professional system manager. ;)
 
OK, I'm checking OS X Server, i think we are going to buy it. My question is: do we need a mac only for this or i can install it on clients (one by one) and configurate the preferences. THX
You need to set up one Mac as your server and generate the profiles. You can then enroll each Mac in Profile Manager and then push the profiles out that way, or use some other Mac deployment tool to do it.
sry but configuration profiles it's the users screen in clients mac? Where you can change passwords and account type (admin or not) or it's a OS X Server.
I don't understand what you're asking here.
 
You need to set up one Mac as your server and generate the profiles. You can then enroll each Mac in Profile Manager and then push the profiles out that way, or use some other Mac deployment tool to do it.

I don't understand what you're asking here.


My company have a developer account which we can download X server for free.
Anyway, so, when i enroll the clients, Do i have to migrate there local profile to the new server profile? or that only exists in windows.
thx
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.