Puppet on Mac is a mixture of Puppet on Linux and Windows. Registry settings are called “secrets” and to make things easier, you need to install homebrew.<\/p>\n
Enforcing a local admin is a little bit tedious. In the past few OSX releases, the have changed their password hashing algorithm several times. This causes a few case statements based on release version in order to set up one single local admin.<\/p>\n
<\/p>\n
Secret management is a little more complicated than Windows registry management. First, you need to find your secret decoder website (which is now only available in the archive<\/a>), next you need to rip out the puppet code to manage secrets<\/a> (because nobody thought it wise to follow Puppet best practice and make a module do only one thing) and make your own personal company module, and finally you are ready to define an OSX secret. I use Managing a GNU\/Linux workstation is similar to OSX and Windows only you know what you are doing and everything makes sense because smart people write and manage the software. I choose to use KDM as the greeter is easier to customize and make the default Desktop Environment to be GNOME. On my greeter background, I have the legalNoticeText properly formatted to my liking and saved in the background image. So far I am the only GNU\/Linux workstation on Puppet so I haven’t configured it to a great extent. It does help between re-installs though \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":" Puppet on Mac is a mixture of Puppet on Linux and Windows. Registry settings are called “secrets” and to make things easier, you need to install homebrew. Enforcing a local admin is a little bit tedious. In the past few OSX releases, the have changed their password hashing algorithm several times. This causes a few […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[55],"tags":[5,4,56,26],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/278"}],"collection":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/comments?post=278"}],"version-history":[{"count":2,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/278\/revisions"}],"predecessor-version":[{"id":285,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/278\/revisions\/285"}],"wp:attachment":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/media?parent=278"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/categories?post=278"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/tags?post=278"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}boxen::osx_defaults<\/code> to set up the Mac equivalent of legalNoticeText with this code:<\/p>\n boxen::osx_defaults { \"loginwindowtext\" :\r\n domain => '\/Library\/Preferences\/com.apple.loginwindow.plist',\r\n key => 'LoginwindowText',\r\n value => \"This computer system is the property of ....\",\r\n }<\/code><\/pre>\n