Managed user's parental controls don't work like on locally managed system
Mac OS X 10.5 and 10.6 Server allow an administrator to manage the parental controls of a user in the server's Open Directory database. The GUI for manipulating these parental controls in 10.6 Server are limited to only setting time limits. On the client version of Mac OS X parents can also limit the applications that can be launched and email correspondents.
My kids have accounts in the Open Directory database on my home Xserve. I would like to be able to impose the same limits on from whom they can receive email messages that I can with the client version of Mac OS X.
To do so, I used
*sudo dscl . -mcxexport /Users/local userID > parental_controls.plist*
Upon examination I was able to isolate the portion of the parental controls in this XML file I was interested in, specifically limiting the people from whom my kids can receive email. I then exported the corresponding information from one of the Open Directory users:
*sudo dscl -p -u directory_administrator /LDAPv3/ldaphost.local -mcxexport /Users/ldap userID > OD user_parentalcontrols.plist*
I combined the two and uploaded the file using
*sudo dscl -p -u directory_administrator /LDAPv3/ldaphost.local -mcximport /Users/ldap userID new OD_user_parentalcontrols.plist*
Unfortunately, when logging in on a client bound to the Open Directory domain, these parental controls don't seem to be effective. While email messages whose sender is not on the whitelist don't get delivered, I am not receiving permission requests for these, like I am supposed to. On the client version with a local user it works.
My kids have accounts in the Open Directory database on my home Xserve. I would like to be able to impose the same limits on from whom they can receive email messages that I can with the client version of Mac OS X.
To do so, I used
*sudo dscl . -mcxexport /Users/local userID > parental_controls.plist*
Upon examination I was able to isolate the portion of the parental controls in this XML file I was interested in, specifically limiting the people from whom my kids can receive email. I then exported the corresponding information from one of the Open Directory users:
*sudo dscl -p -u directory_administrator /LDAPv3/ldaphost.local -mcxexport /Users/ldap userID > OD user_parentalcontrols.plist*
I combined the two and uploaded the file using
*sudo dscl -p -u directory_administrator /LDAPv3/ldaphost.local -mcximport /Users/ldap userID new OD_user_parentalcontrols.plist*
Unfortunately, when logging in on a client bound to the Open Directory domain, these parental controls don't seem to be effective. While email messages whose sender is not on the whitelist don't get delivered, I am not receiving permission requests for these, like I am supposed to. On the client version with a local user it works.
Xserve Dual 2.0 GHz Xeon, Mac OS X (10.6.4), Apple has made quite a bit of money off me over the years.