Editing the Default User template in OS X

Sys admins use many techniques to modify OS X, some of them involve manipulating the Default User template, or the “English.lproj” folder. This method can be considered ruff around the edges, as their are more elegant methods. But each institution will have different needs & Not all OS X based deployments are designed for developers or students… You may end up designing your experience for a group of old ladies or Artists.. Myself and many other Sys admins have found this method works well.

You can use these instructions in order to customize the default user in OS X.

In the Accounts preference pane of  System Preferences create a new user. I will be calling mine ”test” without admin privileges. Logout and log back in as the new test user. begin making all the modifications that you need to the user. Once you have set everything the way you’d like, Run the following commands from the Terminal.

This command will synchronize your new Test user to the default user template.

sudo ditto -rsrc /Users/test /System/Library/User\ Template/English.lproj

This command will ensure the Permissions are correct.

 chown -R root /System/Library/User\ Template/English.lproj

Create a new “regular” user account and test to see if the home directory is created properly and apps behave as expected. You need to remove the user using the “Users” pref pane
 and you may need to manually delete the user’s home folder..

Remove the following items from your source image ( varies from version os OS X )

rm /private/var/db/BootCache.playlist
rm /private/var/db/volinfo.database
rm /private/var/vm/swap*
rm -r /Library/Caches/*
rm /Library/Preferences/SystemConfiguration/NetworkInterfaces.plist

Remove Library/Caches in any homes as well.

Enable ARD on a remote Mac via the command line.

It is possible to enable ARD on a remote mac via an ssh connection. Use the following command to enable remote access for all users.

Of course you’re going to need admin credentials and an SSH connection to the remote Mac.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all

Use this command to enable ARD access on the “Admin” user.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users admin -privs -all -restart -agent -menu

You can simply kick start ARD with this command.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent

You can deactivate ARD with this command.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -deactivate -configure -access -off

Allow Standard users to add printers in OSX

By Default, Standard Users are unable to add printers in OS X. So your going to need Admin credentials each time you need to add a new Printer to the system. This default can be changed by adding Users to the print group.

Use this command in the terminal to give all users on the system the ability to add printers.

sudo dseditgroup -o edit -t group -a everyone _lpadmin

This command will add a specific user to the Print group, replace “userx” with the user you would like to elevate.

sudo dseditgroup -o edit -a userx _lpadmin

Use this command to add all domain users to the print group.

/usr/sbin/dseditgroup -o edit -n /Local/Default -a 'Domain Users' -t group lpadmin