Nice post, chown33!!
Then don't.
After the initial admin user is created, do only a tiny amount of customization, such as adding Terminal.app to the Dock. Then use the initial admin user to create a non-admin everyday user account. Immediately log out of the admin user, and go setup all your preferences and whatnot from the everyday user. DO NOT login using the admin user ever again, unless it's absolutely necessary.
You should be able to use various System Preferences panes that require unlocking simply by entering the name/password of the admin user. Same applies to installing apps. But do all this while logged in as the everyday user, NOT while logged in as the admin user.
Before going on, can you please straighten out some confusion that I am having?
Scenario #1:
Let's say that I have an "Admin" and a "Standard" account. And let's say that - different from your advice above - I am logged in as "Admin" and I download, install, and customize some apps like MAMP, NetBeans, Audacity, OpenOffice, etc.
In that scenario, what would happen in my "Standard" account?
Would the apps and the app customizations just appear in the "Admin" account?
Would I have both the apps and the customizations in both the "Admin" and "Standard" accounts?
Or some other combination?
Scenario #2:
Now lets say I follow your advice above...
I create an "Admin" and a "Standard" account, and then log in as "Standard" and try to download, install, and customize some apps like MAMP, NetBeans, Audacity, OpenOffice, etc.
Mountain Lion would supposedly prompt me to enter my "Admin" credentials but while logged in under the "Standard" account, right?
So, would I be then able to completely download, install, and customize things while logged in as a "Standard" user?
Presumably the installs and customizations would appear as expected in the "Standard" account, right?
But what - if anything - would I see in the "Admin" account?
Scenario #3:
Is there any reason why I would want to have the apps and the customizations in *both* the "Admin" and "Standard" account?
Based on what I hear you saying, I would say "No, because you use your Admin account to administer your MacBook, and you use your Standard account to run your apps and do day-to-day things..."
Am I close?
And - in general terms - would there be any apps that I would want to install while logged in as "Admin" and not necessarily have in my "Standard" account?
For instance, let's say I broke down and bought "Kaspersky Lab US".
Where would I install that?!
Or what about my "Personal VPN", WiTopia?? (I fear that is a tricky one?! I would say I need that in *all* User Accounts, because I always need a way to access the Internet in a safe, and encrypted way!)
If you are intent on using the everyday account, then make that one pleasant, and leave the admin account unpleasant to use. If you keep the admin user preferences uncustomized and "ugly", you'll be less likely to spend time there, and it will be harder to use because it's intentionally NOT customized. This will tend to keep you in the everyday user account, except when there are admin activities that require multiple actions and repeatedly entering the admin name/password is more hassle than working from a deliberately uncustomized and unpleasant admin account.
I like your thinking!!
Customized app and system settings (preferences) are usually visible to shell scripting using the 'defaults' command. Some system settings are only visible or settable by the 'scutil' command. Other settings may also have a dedicated utility, such as 'tmutil' for Time Machine settings. Read their man pages.
I'm not really understanding what you mean here. (I have no Linux/Command-Line background...)
In practical terms, what I would want to know is this...
If I take your advice above, and install apps from my "Standard" account while entering my "Admin Credentials", will I be able to customize settings, preferences, and the general environment in apps like:
- MAMP (webserver)
- NetBeans (IDE)
- Audacity (audio recorder/editor)
- OpenOffice
- WiTopia (Personal VPN)
**Those are some of the key apps I use every day!!
Some settings are ONLY settable through the 'defaults' command, such as:
Code:
defaults write NSGlobalDomain [U]NSDocumentSaveNewDocumentsToCloud[/U] -bool false
defaults write com.apple.TimeMachine [U]DoNotOfferNewDisksForBackup[/U] -bool YES
defaults write -g [U]NSDisableAutomaticTermination[/U] -bool yes
You can google the underlined name in each of those command lines to learn what it does.
Again, that is a little over my head, but you imply that you have to do it that way via Command Line versus being able to log in as the "Admin" and do it there?
When I bought a MacBook Pro last fall, I spent some time before the purchase making a written list of settings or preferences I wanted to change, and researching exactly how to establish the setting I wanted. After I got the MBP, I spent some time setting it up, tweaking things, and writing down the changes. Over time, I made additional changes which I also wrote down, so if I had to I could reverse them or reapply them to a clean OS. For the past several months I haven't altered the written list, and only my regular backups are preserving the state of the configured system.
Very smart approach!!
I think I am making progress... Just need some help understanding all of the "details"!!
Sincerely,
Debbie