- 2005.06.16
I've recently acquired several Tiger-equipped Mac minis, and the first problem
I had with deployment was finding a way to keep them from browsing,
accessing, or damaging the school's network. At the same time, I use a
server in my classroom to distribute data files for analysis, collect
student work, and save copies of electronic documents.
For my Mac OS 9 client computers, I use FoolProof, but it is not
available for OS X (if it has been made compatible, I can't find
any indication of it on the product description page; no system
requirements are given).
The problem with OS X account settings is that there is no way to
disable the "Go" menu. This definitely should be a setting for network
managers responsible for setting up client computers.
Thanks to the persistent work of a reader, Teemu Masalin, we now
have a simple solution to this problem. Assuming your clients are set
up with restricted access, all you have to do is go into the Utilities
folder, open NetInfo manager, and turn everything off in the Directory
Access window. What you are turning off is the kinds of networks that
will show up in your Go window when you click "Browse" to locate a
network.
NetInfo Manager will require an admin password, so even if students
know this trick (or read this article) they won't be able to activate
it again by the same method.
Close it, and you're all set.
How do my students get access to their server folders? Simple. I
just provide aliases of the servers (created from mounted servers on my
teaching computer when I had logged into each folder manually, using my
undisabled "Go" function). A copy of all the network folder aliases now
sits on the desktop of each mini. Double-click on the alias, and the
user goes directly to the password, does not pass "Go", and does not
collect any other servers on the network.
I've tested this arrangement, and it seems to work reliably. I asked
some students to attempt to get on the network as a test, and they were
unable to do so (keep in mind that these were just average
computer-literate kids, not programmers or kids from the Cisco
class).
Now, that's not to say there aren't other applications that will
allow you to access the network - the Terminal comes to mind, for
example, but that would require an expert user to use it properly. All
I want to do is make it inconvenient enough that it would discourage
everyday students from trying.
Thanks, Teemu. The arrangement has been working great, and I'll do
it for all future installs of OS X for student users.
is a longtime Mac user. He was using digital sensors on Apple II computers in the 1980's and has networked computers in his classroom since before the internet existed. In 2006 he was selected at the California Computer Using Educator's teacher of the year. His students have used NASA space probes and regularly participate in piloting new materials for NASA. He is the author of two books and numerous articles and scientific papers. He currently teaches astronomy and physics in California, where he lives with his twin sons, Jony and Ben.< And there's still a Mac G3 in his classroom which finds occasional use.
