Print

Print


Our Network Manager, Jason Hyerstay, used the following script to take care
of the problem. Let me know if it helps or if you see any issues.
Thanks,
/\/\ ark

*Mark Kline, M.Ed.*
*Technology Coordinator**Waterbury-Duxbury School District, Vermont*
- - - - - - - - - - - - - - - - - - - - - - - - - - - -

I solved it with the following unix code which you can push as root via
ARD. It also unlocks the Dock, adds the Browser, and then locks the Dock
again. The first command suppresses any prompt about an app downloaded from
the internet. This assumes that the student short name on the machines is
"student".

xattr -rd com.apple.quarantine /Applications/VTSecureBrowser7.2.app
defaults write
/Users/student/Library/Preferences/com.apple.symbolichotkeys.plist
AppleSymbolicHotKeys -dict-add 82 "{enabled = 0; value = { parameters =
(65535, 124, 393216); type = 'standard'; }; }"
defaults write
/Users/student/Library/Preferences/com.apple.symbolichotkeys.plist
AppleSymbolicHotKeys -dict-add 81 "{enabled = 0; value = { parameters =
(65535, 124, 262144); type = 'standard'; }; }"
defaults write
/Users/student/Library/Preferences/com.apple.symbolichotkeys.plist
AppleSymbolicHotKeys -dict-add 80 "{enabled = 0; value = { parameters =
(65535, 123, 393216); type = 'standard'; }; }"
defaults write
/Users/student/Library/Preferences/com.apple.symbolichotkeys.plist
AppleSymbolicHotKeys -dict-add 79 "{enabled = 0; value = { parameters =
(65535, 123, 262144); type = 'standard'; }; }"
chown -Rf student
/Users/student/Library/Preferences/com.apple.symbolichotkeys.plist;
sudo -u student defaults read com.apple.symbolichotkeys
chflags nouchg /Users/student/Library/Preferences/com.apple.dock.plist
sudo -u student defaults write com.apple.dock.plist persistent-apps
-array-add
"<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Applications/VTSecureBrowser7.2.app</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>"
chflags uchg /Users/student/Library/Preferences/com.apple.Dock.plist
sudo -u student defaults read
/Users/student/Library/Preferences/com.apple.Dock.plist
sudo -u student defaults read com.apple.dock
sudo -u student killall -HUP Dock





On Mon, Feb 9, 2015 at 8:53 AM, Marion Bates <[log in to unmask]> wrote:

> Keith Puffer pointed out that you could edit the script to auto-launch the
> secure browser after it runs those defaults writes -- probably with a simple
>
> open "/Applications/SecureBrowser.app"
>
> as the last line, though I haven't tried it.
>
> Somebody who actually knows what they're doing could probably take it a
> step further and bundle the secure browser + script into a single app which
> performs the fixes and launches the browser all in one swell foop, and then
> there'd only be one actual thing to distribute. I wouldn't know how to do
> that exactly, but it'd be relatively easy (famous last words?) to build a
> package which a) installs SecureBrowserFixer AND SecureBrowser into the
> Applications folder, b) makes SecureBrowserFixer run at login, c) adds
> SecureBrowser icon to the user's Dock, and optionally d) dumps a ReadMe on
> the desktop that says "click this to take the test." Then send that pkg to
> your students and tell them to double-click and follow prompts, or shove it
> out with your MDM, whatever.
>
> I can hardly wait to start prepping the Chromebooks. Didn't somebody on
> this list have a Google Doc about their prep steps that they were sharing
> and if so, could you please add me?  :)
>
> On Mon, Feb 9, 2015 at 7:52 AM, Drew Blanchard <[log in to unmask]>
> wrote:
>
>> Hmmmm ...
>>
>> This begs the question of how best to accomplish this task in some 1-to-1
>> environments.  Our MacBooks are not managed in a traditional sense -
>> students are the admin "owners" of their devices - responsible for all
>> updates, etc..  Seems like we'll need to send this app out to students,
>> with detailed instructions, and I'll have to work with them to make the
>> install go smoothly.
>>
>> How are others dealing with less rigidly controlled devices and SBAC
>> testing?
>>
>> Drew
>> (trying hard not to make snide comments about "SBAC" and "need to control
>> everything")
>>
>> On Mon, Feb 9, 2015 at 7:45 AM, Marion Bates <[log in to unmask]>
>> wrote:
>>
>>> I've spent the last three days trying to wrangle Mac clients running
>>> 10.9 (Mavericks) into suppressing the Spaces/Mission Control hotkey
>>> settings that cause the secure browser to throw a fit. This is to avoid a
>>> situation where each student has to navigate to the keyboard shortcuts
>>> preference pane and uncheck a bunch of boxes.
>>>
>>> I tried all the "right" ways (MCX both via WGM and via Profiles),
>>> followed by not-so-right ways (login hooks and hardcoding the prefs file in
>>> the local User Template), but NONE of that worked on a user's *first* login
>>> -- they would have to log out and back in a second time for the settings to
>>> take. I'm sure it's some conflict with our other settings/image, combined
>>> with 10.9's maddening preferences caching, but I haven't been able to solve
>>> it thus far.
>>>
>>> The workaround that I ended up using is, turning a script into a
>>> double-clickable standalone app which, when run by the student, does the
>>> needed things. I then used Workgroup Manager to make it be a login item, so
>>> it runs automatically when they log in. Even without the auto-start option,
>>> I think it'd be a lot less onerous to tell a little kid (or a test proctor)
>>> "you need to double click this and THEN open SecureBrowser.app" than it
>>> would be to take them through editing the system prefs -- especially since
>>> their access to the System Preferences app may itself be restricted in some
>>> environments.
>>>
>>> The app is attached here (if the list allows) in case anyone else finds
>>> it useful. ONLY tested on 10.9, not on 10.10 (Yosemite) yet. The action can
>>> be found if you right-click and Show Package Contents, then descend into
>>> Contents/Resources and open up "script." It's just four "defaults write"
>>> commands that have the effect of UNchecking the requisite boxes for Mission
>>> Control keyboard shortcuts, so that a kid can't jump to another screen and
>>> cheat while the secure browser is still open.
>>>
>>> Hooray for hackery,
>>>
>>> -- MB
>>>
>>> --
>>> Marion Bates, District Technology Supervisor
>>> School Administrative Unit 70
>>> Hanover, NH | Norwich, VT
>>> Office: (603) 643-3431 x2714
>>> http://www.sau70.org/
>>>
>>> -----------------------------------------------------------------------
>>>
>>> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT
>>> Archive
>>>
>>> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
>>> Subscription to SCHOOL-IT
>>>
>>
>>
>>
>> --
>> Drew Blanchard, MAT
>> Technology Integration Specialist
>> Winooski City Schools
>> 70 Normand Street
>> Winooski, VT 05404
>> (802) 383-6073
>>
>> -----------------------------------------------------------------------
>>
>> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT
>> Archive
>>
>> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
>> Subscription to SCHOOL-IT
>>
>
>
>
> --
> Marion Bates, District Technology Supervisor
> School Administrative Unit 70
> Hanover, NH | Norwich, VT
> Office: (603) 643-3431 x2714
> http://www.sau70.org/
>
> -----------------------------------------------------------------------
>
> Search <http://list.uvm.edu/archives/school-it.html> the SCHOOL-IT Archive
>
> Manage <http://list.uvm.edu/cgi-bin/wa?SUBED1=SCHOOL-IT&A=1> your
> Subscription to SCHOOL-IT
>