Print

Print


Our Network Manager, Jason Hyerstay, used the following script to take care of the problem. Let me know if it helps or if you see any issues.
Thanks,
/\/\ ark
Mark Kline, M.Ed.
Technology Coordinator
Waterbury-Duxbury School District, Vermont
- - - - - - - - - - - - - - - - - - - - - - - - - - - -

I solved it with the following unix code which you can push as root via ARD. It also unlocks the Dock, adds the Browser, and then locks the Dock again. The first command suppresses any prompt about an app downloaded from the internet. This assumes that the student short name on the machines is “student”.

xattr -rd com.apple.quarantine /Applications/VTSecureBrowser7.2.app
defaults write /Users/student/Library/Preferences/com.apple.symbolichotkeys.plist AppleSymbolicHotKeys -dict-add 82 "{enabled = 0; value = { parameters = (65535, 124, 393216); type = 'standard'; }; }"
defaults write /Users/student/Library/Preferences/com.apple.symbolichotkeys.plist AppleSymbolicHotKeys -dict-add 81 "{enabled = 0; value = { parameters = (65535, 124, 262144); type = 'standard'; }; }"
defaults write /Users/student/Library/Preferences/com.apple.symbolichotkeys.plist AppleSymbolicHotKeys -dict-add 80 "{enabled = 0; value = { parameters = (65535, 123, 393216); type = 'standard'; }; }"
defaults write /Users/student/Library/Preferences/com.apple.symbolichotkeys.plist AppleSymbolicHotKeys -dict-add 79 "{enabled = 0; value = { parameters = (65535, 123, 262144); type = 'standard'; }; }"
chown -Rf student /Users/student/Library/Preferences/com.apple.symbolichotkeys.plist;
sudo -u student defaults read com.apple.symbolichotkeys
chflags nouchg /Users/student/Library/Preferences/com.apple.dock.plist
sudo -u student defaults write com.apple.dock.plist persistent-apps -array-add "<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Applications/VTSecureBrowser7.2.app</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>"
chflags uchg /Users/student/Library/Preferences/com.apple.Dock.plist
sudo -u student defaults read /Users/student/Library/Preferences/com.apple.Dock.plist
sudo -u student defaults read com.apple.dock
sudo -u student killall -HUP Dock





On Mon, Feb 9, 2015 at 8:53 AM, Marion Bates <[log in to unmask]> wrote:
Keith Puffer pointed out that you could edit the script to auto-launch the secure browser after it runs those defaults writes -- probably with a simple

open "/Applications/SecureBrowser.app"

as the last line, though I haven't tried it. 

Somebody who actually knows what they're doing could probably take it a step further and bundle the secure browser + script into a single app which performs the fixes and launches the browser all in one swell foop, and then there'd only be one actual thing to distribute. I wouldn't know how to do that exactly, but it'd be relatively easy (famous last words?) to build a package which a) installs SecureBrowserFixer AND SecureBrowser into the Applications folder, b) makes SecureBrowserFixer run at login, c) adds SecureBrowser icon to the user's Dock, and optionally d) dumps a ReadMe on the desktop that says "click this to take the test." Then send that pkg to your students and tell them to double-click and follow prompts, or shove it out with your MDM, whatever. 

I can hardly wait to start prepping the Chromebooks. Didn't somebody on this list have a Google Doc about their prep steps that they were sharing and if so, could you please add me?  :)

On Mon, Feb 9, 2015 at 7:52 AM, Drew Blanchard <[log in to unmask]> wrote:
Hmmmm …

This begs the question of how best to accomplish this task in some 1-to-1 environments.  Our MacBooks are not managed in a traditional sense - students are the admin “owners” of their devices - responsible for all updates, etc..  Seems like we’ll need to send this app out to students, with detailed instructions, and I’ll have to work with them to make the install go smoothly.  

How are others dealing with less rigidly controlled devices and SBAC testing?

Drew
(trying hard not to make snide comments about “SBAC” and “need to control everything”)

On Mon, Feb 9, 2015 at 7:45 AM, Marion Bates <[log in to unmask]> wrote:
I've spent the last three days trying to wrangle Mac clients running 10.9 (Mavericks) into suppressing the Spaces/Mission Control hotkey settings that cause the secure browser to throw a fit. This is to avoid a situation where each student has to navigate to the keyboard shortcuts preference pane and uncheck a bunch of boxes.

I tried all the "right" ways (MCX both via WGM and via Profiles), followed by not-so-right ways (login hooks and hardcoding the prefs file in the local User Template), but NONE of that worked on a user's *first* login -- they would have to log out and back in a second time for the settings to take. I'm sure it's some conflict with our other settings/image, combined with 10.9's maddening preferences caching, but I haven't been able to solve it thus far.

The workaround that I ended up using is, turning a script into a double-clickable standalone app which, when run by the student, does the needed things. I then used Workgroup Manager to make it be a login item, so it runs automatically when they log in. Even without the auto-start option, I think it'd be a lot less onerous to tell a little kid (or a test proctor) "you need to double click this and THEN open SecureBrowser.app" than it would be to take them through editing the system prefs -- especially since their access to the System Preferences app may itself be restricted in some environments.

The app is attached here (if the list allows) in case anyone else finds it useful. ONLY tested on 10.9, not on 10.10 (Yosemite) yet. The action can be found if you right-click and Show Package Contents, then descend into Contents/Resources and open up "script." It's just four "defaults write" commands that have the effect of UNchecking the requisite boxes for Mission Control keyboard shortcuts, so that a kid can't jump to another screen and cheat while the secure browser is still open.

Hooray for hackery,

-- MB

--
Marion Bates, District Technology Supervisor
School Administrative Unit 70
Hanover, NH | Norwich, VT
Office: (603) 643-3431 x2714
http://www.sau70.org/

-----------------------------------------------------------------------

Search the SCHOOL-IT Archive

Manage your Subscription to SCHOOL-IT




--
Drew Blanchard, MAT
Technology Integration Specialist
Winooski City Schools
70 Normand Street
Winooski, VT 05404
(802) 383-6073

-----------------------------------------------------------------------

Search the SCHOOL-IT Archive

Manage your Subscription to SCHOOL-IT




--
Marion Bates, District Technology Supervisor
School Administrative Unit 70
Hanover, NH | Norwich, VT
Office: (603) 643-3431 x2714
http://www.sau70.org/

-----------------------------------------------------------------------

Search the SCHOOL-IT Archive

Manage your Subscription to SCHOOL-IT


-----------------------------------------------------------------------

Search the SCHOOL-IT Archive

Manage your Subscription to SCHOOL-IT