Filevault 2 unlocks for all users - isn't that less secure than Filevault 1?

Similar Messages

• How do I startup an application for all users at login?

  I know about launchd, but I want an application to start whenver a user logs in and run as that user.  launchd stuff seems to run as root.
  I would prefer to set this up to work for all users, but if that can't be done, just for the current user.  I have an installer package and Id like to run this command to set this up from a bash script.

  I found this bit of code which is very similar to something else I found.
  defaults write ~/Library/Preferences/loginwindow AutoLaunchedApplicationDictionary -array-add '{ "Path" = "/path/to/script"; "Hide" = "0"; }'
  That doesn't work.  Anyone at all, even for a single user, how do I script a command to get an application to start when a user logs in under 10.8?

• Cannot disable compatibility mode for all users once enabled

  I work for a school district technology department. For a computer lab that is using an old version of adobe Photoshop, we tried turning compatibility mode to windows xp and set it to run as administrator for all users in hopes that it might fix some problems
  with the program. When students log on it now asks them for a password. They do not have local administrator rights to the computers. After going back in and disabling the compatibility settings, the students are still being asked for a password to run the
  program. I have even tried uninstalling and reinstalling photoshop and the computer is still asking for a password to open the program. Is there some way to undo this in a permanent fashion so students are not asked for a pssword?

  Hello Mike Witnauer,
  Please correct me if I have misunderstanding:
  1. The student account can ran the Photoshop without administrator password before you turn compatibility mode to Windows XP.
  2. Then, the students need the password to run the Photoshop no matter if you use compatible setting.
  Please take the following steps and check if this issue still exists.
  1. Enable built-in administrator account
  2. Use the following code
   runas /user:ComputerName\Administrator /savecred "Full path to program's exe file"
  For more information, please take a look at the answer in the following thread.
  How to run a program as an administrator from within a non-elevated command prompt?
  https://social.technet.microsoft.com/Forums/en-US/0339772f-9f9b-4381-b513-73b263e2cf2f/how-to-run-a-program-as-an-administrator-from-within-a-nonelevated-command-prompt?forum=w7itprogeneral
  Best regards,
  Fangzhou CHEN
  Fangzhou CHEN
  TechNet Community Support

• Enable save for all users in rich client document defaultly for all users

  Hi,
  Is there a option to enable save for all users in a rich client document defaultly for all users across the company. As the users who are creating reports are forgetting to check the box before sending the rich client document to others. Kindly let me know if you have any suggestions on this.
  Thanks,
  Karthik

  I'd suggest that is is where your BO folder structure comes in. You can export from Rich Client to any folder that you have permissions to access - some sort of collaboration folder system would potentially be better and more secure than sending unsecured reports via email. If your IT security team found out that you were removing document security, I doubt they'd be impressed!
  You can't do the default save for all users, simple as that (it's bad practice anyway, which is probably why you can't). While it's not the answer that you want to hear, it is the correct one.

• How can I deploy the setting of clear cache on exit for all users?

  How can I deploy the setting of clear cache on exit for all users?

  Note that Firefox disables the disk cache if you use "Clear history when Firefox closes" to clear the cache (see about:cache), so you can either disable the disk cache via its related pref or set the prefs related to clearing this data,but then other items that have a check-mark by default are cleared as well.
  *browser.cache.disk.enable
  *privacy.clearOnShutdown.cache
  *privacy.sanitize.sanitizeOnShutdown
  You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.
  Place a local-settings.js file in the defaults\pref folder where also the channel-prefs.js file is located to specify using mozilla.cfg.
  pref("general.config.filename", "mozilla.cfg");
  These functions can be used in the mozilla.cfg file:
  defaultPref(); // set new default value
  pref(); // set pref, but allow changes in current session
  lockPref(); // lock pref, disallow changes
  See also:
  *http://kb.mozillazine.org/Locking_preferences
  *http://mike.kaply.com/2012/03/16/customizing-firefox-autoconfig-files/
  *http://mike.kaply.com/2014/01/08/can-firefox-do-this/

• How do I disable the itunes auto-update for all users?

  I need to know if there is a way to disable the auto-update feature for all users that login to a windows XP computer.
  I have disabled it for the account currently logged in as well as copy that user profile to the "default user" profile. However I have about 300 users that do not have admin rights that still get prompted to install updates.
  Is there a way to disable the auto update as the default for all users. So that only I get the auto update notifications?

  Bump -
  No responses in over a week?
  Does no one else run a network where users don't have admin rights?

• How to make custom icc color profile work as default for all users?

  Hi!
  I've calibrated two monitors for the machine running Mavericks OS X. I've managed to move these custom icc color profiles to ColorSync folder in HDD Library, so that that they are available for all the users. However, I cannot figure out how to make these icc profiles work as default profiles for all users and not only the one I used to calibrate monitors.
  Is there a specific place I have to put custom icc profile to make it system default?
  Thank you!

  If you put the profiles in the root /Library/ColorSync/Profiles/ folder, then each user needs to select them in their account. There isn't a way to apply them globally so each account automatically comes up that way.

• Disable JRE Auto update in Vista for all users?

  I feel like a complete idiot that I can't figure this out, but it's either so obvious I'm overlooking it, or I just plain can't figure it out, so I'm hoping someone here can help.
  We have not yet been able to figure out how to simply disabled the Auto Update option when installing JRE under Vista, so it will never check for updates, no matter what user is logged into a pc. I've just installed the newest version 1.6.0_05-b13, but get the same results.
  Basically, we are creating a "base clone image" of a Vista workstation and we need the auto update feature of the JRE to be disabled so it doesn't check for updates. When a new user logs into the pc, we want them to 'inherit' this setting from the default user profile, or we simply want a 'global' setting on the pc that stops all JAVA update checks from occuring. But even though there are multiple registry keys that 'look' like they control the auto update function, no matter how we set them the update option still shows it is enabled when you open the JAVA control panel.
  We have 2 basic problems:
  - When a standard user runs the JAVA Control Panel applet and they select the 'Update' tab, the option to "uncheck" autoupdates is "grayed out". If we make the user a local administrator, then it is not grayed out anymore and they can set the option. Problem is, we have thousands of users and none of them are local administrators, hence the problem of getting it to already be defaulted to not check for updates. How do we get the update checkbox to NOT be grayed out for a NON-administrator?
  - How do we set the 'global' (or default) option to disable the auto update checkbox for ALL users? No matter what we try, when a new user logs in, the auto update feature is still enabled after their initial profile is generated from the first time login.
  I was able to figure out if I change the "EnableJavaUpdate" value in the below registry key, it will "remove" the Update tab from the JAVA Control Panel. But does the simply remove the tab? Or does it remove the tab AND disable auto updates for ALL users on the computer?
  HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy
  I've sent multiple emails to Sun asking for help on what should be a simple thing to do, but have never received a reply from them.
  Keith Hemmelman

  Thank you for the reply. I apologize for not getting back here sooner.
  We actually already use a deployment.properties file located under the Default User profile on our Vista setup. It's located under the "C:\Users\Default\AppData\LocalLow\Sun\Java\Deployment" folder. This file does get copied over to a new user profile when a new person logs in. This is what we want since we have set things like the maximum cache size and temporary file location.
  The problem though is there is no setting that disables the automatic update check within this file. The best I can figure out is that for some reason under the Vista environment, the auto update setting is controlled in the registry at: HKEY_CURRENT_USER\Software\JavaSoft\Java Update\Policy
  There is a REG_BINARY key there that appears to control this option. It is named "EnableAutoUpdateCheck". The problem is that the value of this key is "several" characters long and it is "different" from one user to the next. I tried disabling auto update under the Java Control Panel and then copied the value of this key into the same aread of the Default User hive but when a new user logs in, it ignores that setting and auto update is still enabled. I also tried using a simple "0" to disable the autoupdate or a "1" to enable it for this key, but it doesn't work either. (This is very frustrating why there isn't a simple 1 or 0 setting to turn the auto update setting on/off.)
  We had no problem getting this to work under XP. Basically we didn't have to do anything special in XP. We simply created a temporary user account and made all the settings we wanted and then copied that profile over to our Default User profile and the Java autoupdate setting under the Java Control Panel was disabled for all new users. We did the same thing under Vista, but the auto update setting was ignored and re-enabled for all new users.
  I read through the settings for the deployment.properties file located at the below link, but there is nothing there to control the auto update setting.
  http://java.sun.com/j2se/1.5.0/docs/guide/deployment/deployment-guide/properties.html
  Thus, we can't get the auto update setting to be disabled in the default user profile so it will in turn be disabled for all new users that log into the computer. This is extremely frustrating.
  The other equally frustrating problem we have run into under the Vista environment is that when you run the Java Control Panel, the option to disable the auto update check is "grayed out" and the user can't uncheck this option to disable auto update. We have found you must be an administrator before this option is no longer grayed out. Since none of our thousands of users are admins, this is also a problem for us. (This option works fine for a standard user if you are on a XP machine though. It's just Vista where things have changed.)
  I've sent repeated emails to Sun in the past asking for help, but they never replied.
  Keith

• One Library for all users on the system - Sharing?

  Hello.
  I'm using iTunes 9.0.3 on OS X 10.6.2. On this system, there are TWO users, one for my wife, one for me. I'd like to "merge" the seperate iTunes libraries, so that there's only one shared library for all users.
  How could this be achieved?
  Searching the web, I found a writeup on [dougscripts.com by Paul Whitey|http://dougscripts.com/itunes/itinfo/sharedlib.php], which basically explains to move ~/Music/iTunes to /Users/Shared/iTunes and making sure that there's an alias in ~/Music pointing to /Users/Shared/iTunes. It also explains, that the ownership of the files & folders is to be changed so, that all users have read & write access. This then looks like this on my system:
  !http://img214.imageshack.us/img214/6223/fileinfowithbothusersha.png!
  -> http://yfrog.com/5yfileinfowithbothusershap
  It works good - both "alex" and "sandra" can work with these files (ie. move them, rename them, change ID3 tags).
  But see those:
  !http://img714.imageshack.us/img714/2183/fileinfowithonlyalexhav.png! !http://img686.imageshack.us/img686/7807/fileinfowithonlysandra4.png!
  --> http://yfrog.com/jufileinfowithonlyalexhavp & http://yfrog.com/j2fileinfowithonlysandra4p
  That's from files which sandra or alex have added later on. Only the one who added these files can modify them (which is of course correct, if you have a look at the file permissions).
  How would you go about having only ONE iTunes database on the system? Simply putting the iTunes Db on a shared folder doesn't work well, as can be seen above. Always having to fiddle around with the file permissions isn't exactly comfortable…
  Any suggestions?
  Thanks,
  Alex

  Hm. PowerTunes crashs, when I make it Share my library. I pasted the crash report at http://pbox.ca/13gwy
  Since I cannot know how/if would work (because of the crash…), please correct me if I'm wrong, but wouldn't it also just move the files to /Users/Shared and set permissions correctly? Wouldn't I need to keep on running PowerTunes from time to time, or is it "run once and forget" application (if it works)?

• Changing Default Portlets on My Pages for All Users

  Hello,
  I want to add the Collaboration My Projects Portlet on the default My Pages that comes out of box during a portal install.
  I did trying going to Default Profiles - Edit Profile Layout - went to the My Pages as the default profile and added My Projects.
  Then finished up.
  However, when logging in as a user (via Active Directory which was previously synced) - nothing had changes.
  Suggestions how to add My Projects on a My Page for all users?
  Thanks,
  V

  Vivekvp wrote:
  Great...I added a new one, and it dropped it to the bottom of the page, in the middle column.
  Any idea on how to move it to the top left by default?
  Help...again?
  VRandom thought, but you might want to try changing the "Mandatory Portlet Priority". I know the portlet isn't mandatory, so it SHOULDN"T work, but I've seen whackier things:)
  Good luck!

• Adding printers to Terminal Server 2008 for all users

  Hi!  I'm trying to add a printer to a terminal server for all users that log in.  I've been reading around and this seems like a working solution:
  Rundll32 printui.dll,PrintUIEntry /ga /c\\localcomputername /n\\servername\printername
  So I ran this with the proper parameters.  Nothing shows up in Devices and Printers with the name I specified.  I rebooted the server, still nothing.  I re-run the command above and it tells me there's already a printer defined with that name. 
  I look at Devices and Printers and the name I specified still isn't there.  Why doesn't the above command work like it's supposed to?
  Thanks!

  Thanks, yes, that was the first command I tried (without the /c).  All subsequent attempts tell me the printer already exists yet it definitely does not show up under Devices and Printers.  I ran the above logged in as Administrator with an elevated
  command prompt.  The printer can't be seen from this login or a 'normal' user login.

• Creating an shortcut for all users on the desktop

  I want to create a shortcut for all users on the desktop that will appear for all users that login to the computer.  How is this done in Windows 7?  In Widows XP this was done at the "All Users" profile, but I cannot find such a profile  in Windows 7. 

  the users have windows vista , 7 or 8 have a chortcut i created and the users have windows xp isn't created on them desktop
  Do you have a question? If so then your best bet is to create a new post (this one is 5 years old and marked as "answered"!) and spell it out there.

• How to Enable Auto-Complete for All users on Terminal Server

  Hello,
  I have 4 Microsoft 2003 Terminal Servers, and I want to enable Auto-Complete for all users, and I am unable to find a way to do this. I have tried creating a custom install of Adobe Reader, and installing that, but it isn't working. Ideas anyone?
  Thanks in advanced
  Doug

  Acrobat is not permitted to run as a server process.
  Licenses are assigned to individual users, each of whom must have their own serialized copy.

• How do I set Firefox to be usable for all users on one computer?

  How do I set Firefox to be usable for all users on one computer?

  I would think the about:config entries discussed are ex-factory set to values each user has to change individually, after the installation has run its course. The solution could be to have patched files ready to install post factum:
  [https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/A_brief_guide_to_Mozilla_preferences A Brief Guide to Mozilla Preferences - MDN]

• HT1660 how can I use one single library for all users on the same laptop?

  how can I use one single library for all users on the same laptop?

  You are most of the way there. Each user having access to hard drive is the key. If users are limited in file privileges this is harder.
  Any files you add to your library and any files she adds to her library are available to the other. Just not automatically. Each user must add the files to their own library using the add file or add folder option from menu bar.
  What I have done is set library location to a location outside of My Documents\My Music. On my network storage I have a folder names s:\itunes. Both accounts iTunes are set to use this location for the library.