144

Because multiple users can store items in the local home folder for a generic account, you might want to periodically clean out that folder as part of your maintenance routine.

You might also recommend that students save files to a network drop box to ensure their files are not deleted, and to allow them to access those files regardless of who uses the computer next.

Instead of using local accounts, you could use external accounts, which would give your users individual accounts (with separate home folders). For external accounts, each student needs an external drive. This eliminates the need for hard-disk-space management on the portable computers, and you don’t have to set strict account expiry settings. This also allows you to manage at the level of users, groups, computers, or computer groups.

The biggest issue with using external accounts for a mobile lab cart scenario is sync- over-wireless. If you don’t carefully set sync settings, the mobile accounts could sync very large files and overload the wireless network.

Securing Mobile Clients

There are several security considerations for mobile clients that do not exist for stationary clients. These considerations are relevant because of the mobility of the users’ computers. When they are off your network, you can no longer monitor the actions of malicious users, nor can you control the network environment that your users join.

You can use FileVault to secure the local home folder of a mobile account. If an intruder accesses the computer storing the local home folder while the user isn’t logged in, the intruder can’t access the contents of the local home folder. For more information, see “Enabling FileVault for Mobile Accounts” on page 205.

Consider taking additional steps to improve your network security and client computer security. For information, see Mac OS X Security Configuration and Mac OS X Server Security Configuration.

Optimizing the File Server for Mobile Accounts

In Server Admin, you can enable an option called “Server Side File Tracking for Mobile Home Sync,” which reduces the strain on a file server that occurs when mobile accounts sync.

When mobile accounts sync, the user’s computer scans every folder in the local home folder and compares them with all folders in the network home folder. This scanning is unnecessary when only a few folders change and require syncing.

Chapter 8 Managing Portable Computers

Page 143 Page 145
Page 144
Image 144
Apple 10.5 Leapard manual Securing Mobile Clients, Optimizing the File Server for Mobile Accounts
Page 143 Page 145
Top Page Image Contents