-
TCC in Mojave doesn’t prevent deleting local folders for AD-bound Macs
-
Exporting a .csv of users out of Active Directory
Even though I found many tutorials on how to export Active Directory users from a group into a comma-separated values text file, none did exactly what I wanted (specify an organizational unit, get only the active users, get the first and last name and the email address out). I had to do a little bit…
-
Deleting keychains at user logout
Update: The easiest way to do this is actually to install Offset and then put a RemoveLastUserKeychains script into /usr/local/offset/logout-every (make sure it’s owned by root:wheel and has 755 permissions). Backstory This is a sequel to Deleting Mac Keychains in an Active Directory Environment, which talked about a way to delete keychains at logout using…
-
Fix ownership of copied folders for Active Directory Macs
Warning This script does some serious system modifications. If you don’t know what you’re doing, ask questions in the comments. Don’t just run this script if you don’t understand what it does or how it’s doing it. This also assumes short usernames match up with user folder names, which they usually do. What issue this…
-
Deleting Mac Keychains in an Active Directory Environment
Update: The easiest way to do this is actually to install Offset and then put a RemoveLastUserKeychains script into /usr/local/offset/logout-every (make sure it’s owned by root:wheel and has 755 permissions). What’s the problem? If you’re in a primarily or exclusively Mac environment, but you’re managing logins through Active Directory, password changes on the AD level…