Setting and enforcing password policies and across a network of Macs

macos passwords software-rec osx-server google-workspace

I have been looking at ways of essentially having a domain environment for an office of about 15 Macs which can be used to enforce password changes, a minimum level of password strength and even encryption of the user directories etc.

Ideally this would be something that could integrate with Google Apps. I have looked everywhere but don't see any simple solutions that could achieve this. Would appreciate any advice as to what the best options might be.


Solution 1:

There are two very easy ways to accomplish this, but none rely or integrate with Google Apps (AFAIK).

  1. Set up Active Directory or Open Directory and bind the client macs to the server and enforce these policies using Workgroup Manager through the server.
  2. Install a local profile (craft it with Workgroup Manager, and make it a Launch Daemon with Lingon, deploy using ssh) on each managed Mac.

If you are at 10.6.8 - you can grab the latest version of Workgroup Manager here.

Apple has an amazing tutorial at their seminars site as well as a polished white paper. I would start there and only build out a directory when you feel local management is costing you more time than setting up the server will be. In my view, the sweet spot to needing a server gets crossed somewhere around 50 clients as local manangement is so easy with ssh or Remote Desktop.

Related

Batch real time wait for a file
indistinguishable active tab in gnome terminal
How to connect to Oracle DB via ODBC
How to use local filemanager to do a ssh -J (jump, gateway)
ffmpeg drawtext initialization error
Peak symbol with Word
ssh freezes when trying to connect to some hosts
Why Firefox on Linux looks different than Windows/Mac?
Can I do policy routing on a virtual interface?
Prevent users from changing LAN settings
Ubuntu+NetworkManager+openvpn - completely replace /etc/resolv.conf with openvpn pushed DNS servers?
Why is this cronjob not working?