Setting a time based access control

My teenage kids stay up too late, connected to our Tima Machine. I would like to set a timer so that the link is switched off at a certain hour. Can anyone please help me set that?

Are they logging on using a Mac?
If so, can't you just set up a new user account for them (not the same one that you, the administrator, uses and NOT an account with administrator rights) and then enable the parental controls and limit the logon time to the Mac?
system preferences > users and groups
click the padlock to make changes (assuming you have an administrator password for the main account - if not, set one)
enter your administrator password
create your user - make sure the account you create is NOT an administrator account (make sure the "allow user to administer this computer" option is not checked)
make sure the "enable parental controls" option is ticked
click "open parental controls"
click "time limits" on the top
do what you want to do (it is extremely flexible!)
click the lock to prevent further changes
That's it.
You can also use the tabs on the top to limit access to apps, websites, messaging, DVD burning etc etc. for whatever person is logged on as that user.
If they want to see how much time they have remaining, they can just click the menu bar clock (where the time is displayed) and a menu and readout will appear which says e.g. "Parental Controls: Time Remaining 1:05" or whatever is left.
If you set logon limits between, say 6:00 PM and 9:00 PM on weeknights, and they try and logon outside those parameters, a little message box will pop up which can be used to grant extra time - but it will require the administrator's password to authorise the extension.
As it gets to 9:00 PM they'll get a message telling them their time is almost up - with an option to grant more time.  Again, the administrator's password is required to authorise the extension.
Dealing with the tantrum is your problem ;-)
Works with Mountain Lion OS X 10.8.2
Note - that will limit the computer use altogether for that user account so if that user is connected via a Mac to Time Machine it'll work.
If they are not logging on through a Mac (e.g. they are using an iPad to connect to Time Machine) then I'm not sure - sorry.
I'm also not sure if you can limit Time Machine to times of the day - I think you can only do it by limiting the individual users - but would love to be proved wrong!
Good luck!
Hope that helps.

Similar Messages

  • How can I set the time in Time-based Access control ??

    I live in Denmark, where we use the 24 hour system.
    So I want to set the time-based access control to from 7.00 in the morning to 2.00 at night, but every time the Timecapsule says wrong time format, I can use the night time 23.59, but thats not late enough.

    Set two controls.. 7 to 23.59 and 00.01 to 00.20
    This is common as the control cannot handle times longer than 1day.

  • Time-based access controls

    Hello all,
    Is there a time-based access control that can be configured for a 4.2 WCS+WiSM setup either in the WCS or controller? Or am I limited to the ACLs for my Wireless VLAN on the switch. Ultimately, I would like to be able to configure certain APs to accept/deny connections at specific times of the day. Any suggestions would be appreciated. Thank you in advance for your time and help.
    Charles

    Currently, IP and IPX extended access lists are the only functions that can use time ranges. The time range allows the network administrator to define when the permit or deny statements in the access list are in effect. Prior to this feature, access list statements were always in effect once they were applied. Both named or numbered access lists can reference a time range.
    For the further description following URL for the Time-Based Access Lists will help you.
    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/timerang.html#wp10236
    I hope it may help you.

  • Any best practice to apply role based access control?

    Hi,
    I am starting to apply the access permissions for new users as being set by admin. I am choosing Role Based Access Control for this task.
    Can you please share the best practices or any built-in feature in JSF to achieve my goal?
    Regards,
    Faysi

    Hi,
    The macro pattern is my work. I've received a lot of help from forums as this one and from the Java developers community in general and I am very happy to help others and share my work.
    Regarding the architect responsibility of defining the pages according to the roles that have access to them : there is the enterprise.software infrastructure.facade
    java package.
    Here I implemented the Facade GoF software design pattern in the GroupsAndRolesAccessFacade java class. Thus, this is the only class the developer uses in order to define groups and roles of users and to define their access as per page.
    This is according to Java EE 6 tutorial, section VII Security, page 471.
    A group, role or user is created with an Identity Management application or by a custom application.
    Pages of the application and their sections are defined or modified together with the group, role or user who has access to them.
    For this u can use the createActiveGroup and createActiveRole methods of the GroupsAndRolesAccessFacade class.
    I've been in situations where end users very strict about the functionality of the application.
    If you try to abstract web development, u can think of writing to database, reading from database and modifying the database as actions.
    Each of these actions should have suggester, approver and implementor.
    Thus u can't call the createActiveGroup method for example, without calling first the requestActiveGroupCreationHelper and then the approveOrDeclineActiveGroupCreationHelper method.
    After the pages a group has access to have been defined with the createActiveGroup method, a developer can find out the pages and their sections a group has access to by calling the getMinimumInformationAboutGroup method.
    Further more, if the application is very strict, that is if every action which envolves writing to the database must be recorded, this concept of suggester, approver and implementor is available throught the recordActiveGroupAction method.
    For example, there is a web shop, its managers can change the prices of the products, but the boss will want to know who had the dared to lower prices.
    This action of lowering prices, is an action of modifying the information in the database and u can save in the database who suggested it, who approved it and who implemented it.
    Now that I write about the functionality of the macro pattern, I realise that some methods should have more proper names and I haven't had time to write documentation in the API, but this will be a complete when I add the web pages for the architect to use for defining access control and for the end users to view who and what is doing with their application.

  • To run OHS at port 80 using solaris role based access control

    Hi.
    I already know & have done setuid root to ohs/bin/.apachectl to allow ohs to listen to port 80. Now on a new OFM 11.1.1.4 install, I want to use Solaris Role Based Access Control (RBAC) instead. Is it possible? RBAC does work as I can run a home built apache2 httpd at port 80 withOUT suid root.
    On Solaris 10, I enabled oracle uid to run process below port 1024 using RBAC
    /etc/user_attr:
    oracle::::type=normal;defaultpriv=basic,net_privaddr
    Change OHS httpd.conf Listen from port 8888 to port 80.
    However, opmnctl startproc process-type=OHS
    failed as below with nothing showing in the diag logs:
    opmnctl startproc: starting opmn managed processes...
    ================================================================================
    opmn id=truffle:6701
    0 of 1 processes started.
    ias-instance id=asinst_1
    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    ias-component/process-type/process-set:
    ohs1/OHS/OHS/
    Error
    --> Process (index=1,uid=187636255,pid=25563)
    failed to start a managed process after the maximum retry limit
    Thx,
    Ken

    Just to add my two cents here.
    The commando used on Solaris to assign the right privilege to bind TCP ports < 1024 is:
    # usermod -K defaultpriv=basic,*net_privaddr* <your_user_name>
    Restart the opmnctl daemond.
    After that OHS/Apache user can bind to lower TCP ports.
    Regards.
    Edited by: Tuelho on Oct 9, 2012 6:05 AM

  • Role Based Access Control in Java

    Hi,
    we are designing a software solution that makes use of the Role Based Access Control pattern to control access of functions, EJBs, Servlets to certain users based on their "role".
    I have not been able to understand clearly how that pattern can be implemented in Java. In addition, I stumbled on the java.security.acl and I wondering how will the package work together with RBAC pattern (Or is the pattern already implemented in some package)?
    Does any1 have any comments on this? Thnx
    Dave

    Hi David,
    Permissions based on GUI components is a simple & neat idea. But is it rugged? Really secure? It might fall short of Grady Booch's idea of Responsibilities of objects. Also that your Roles and Access components are coupled well with Views!!!!!!!
    My suggestion regarding the Management Beans is only to do with the dynamic modification which our discussion was giong forward.
    If we go back to our fundamental objective of implementing a Role based access control,let me put some basic questions.
    We have taken the roles data from a static XML file during the start up of the container. The Roles or Access are wanted to be changed dynamically during the running of the container. You would scrutinize the changes of Roles and access before permission during the case of dynamic modification.
    Do you want this change to happen only for that particular session? Don't you want these changes to persist??? When the container is restarted, don't you want the changes to stay back?
    If the answer to the above is YES(yes I want to persist changes), how about doing a write operation(update role/access) of the XML file and continue your operation? After all, you can get the request to a web or session bean and keep going.
    If the answer to the above is NO(no, i don't want to persist), you can still get the change role request to a web or session bean and keep going.
    Either way, there is going to be an intense scrutiny of the operator before giving her permissions!!!
    One hurdle could be that how to get all neighbouring servers know about the changes in roles and access??? An MBean or App Server API could help you in this.
    May I request all who see this direction to pour in more comments/ideas ? I would like to hear from David, duffymo, komone and jschell.
    Rajesh

  • Fingerprint Readers Time & Attendance - Access Control

    I have to develop a java program for Fingerprint Readers Time & Attendance - Access Control.
    Please Help me how can i build up program in java with Multispectral Sensor for Fingerprint Spoof Detection
    also about hardware.
    Edited by: sunil_shukla on Sep 25, 2008 7:21 AM

    It is possible to work-around the issue, but some manual steps are needed:
    1.  delete "smihlp.sys" from "c:\program files\thinkvantage fingerprint software"
    2.  run "services.msc" and stop the service "Windows Biometric Service"
    3.  delete the file "031D23AD-15AF-4e25-B7B3-DE34893097ED.DAT" from "c:\Windows\system32\WinBioDatabase"
    4.  reboot the computer  (important!!)
    5.  now try to enroll some fingers
    This should make it possible to enroll fingerprint and use it to log into Windows, until the bug can be fixed in some future version of BIOS and/or Fingerprint software.

  • ADF UIX Role Based Access Control Implementation

    Hi,
    Can anybody suggest a detailed example or tutorials of how to implement a role based access control for my ADF UIX application.
    The application users can be dymanically added to specific roles (admin, Secretary, Guest). Based on the roles, they should be allowed to access only certain links or ADF entity/view operations. Can this be implemented in a centralized way.
    Can this be done using JAZN or JAAS. If so, Please provide me references to simple tutorial on how to do this.
    Thanks a lot.
    Sathya

    Brenden,
    I think you are following a valid approach. The default security in J2EE and JAAS (JAZN) is to configure roles and users in either static files (jazn-data.xml) or the Oracle Internet Directory and then use either jazn admin APIs or the OID APIs to programmatically access users, groups and Permissions (your role_functions are Permissions in a JAAS context).
    If you modelled your security infrastructure in OID than the database, an administrator would be able to use the Delegated Administration Service (DAS), as web based console in Oracle Application Server. To configure security this way, you would have two options:
    1. Use J2EE declarative security and configure all you .do access points in web.xml and constrain it by a role name (which is a user group name in OID). The benefit of this approach is that you can get Struts actions working dirctly with it because Struts actions have a roles attribute.
    The disadvantage is that you can't dynamically create new roles because they have to be mapped in web.xml
    2. Use JAAS and check Permissions on individual URLs. This allows you to perform finer grained and flexible access control, but also requires changes to Struts. Unlike the approach of subclassing the DataActionForward class, I would subclass the Struts RequestProcessor and change the processRoles method to evaluate JAAS permissions.
    The disadvantage of this approach is that it requires coding that should be done carefully not to lock you in to your own implementation of Struts so that you couldn't easily upgrade to newer versions.
    1 - 2 have the benefit of that the policies can be used by all applications in an enterprise that use Oracle Application Server and e.g. SSO.
    Your approach - as said - is valid and I think many customers will look for the database first when looking at implementing security (so would I).
    Two links that you might be interested in to read are:
    http://sourceforge.net/projects/jguard/ --> an open source JAAS based security framework that stores the user, roles and permissions in database tables similar to your approach
    http://www.oracle.com/technology/products/jdev/collateral/papers/10g/adfstrutsj2eesec.pdf --> a whitepaper I've written about J2EE security for Web applications written with Struts and JavaServer pages. You may not be able to use all of it, but its a good source of information.
    Frank

  • Time-based access to WLAN/building for specific users using WCS/ACS

    Here's our situation:
    WCS: 7.0.172.0
    ACS: 4.2(1)
    MSE: 6.0.75.0
    For an hour or two each day during an event, we're trying to figure out how to prevent students from connecting to the wireless in a particular building.
    All students are in the same WLAN. Everybody on campus uses the same SSID. We dynamically assign users to WLANs based on who they are through ACS. In addition to 802.1x authentication, MAC address authentication is performed by way of ACS to our in-house NAC system, where all students have registered their computers with us. This currently uses the External ODBC Database option in ACS.
    Our contraints:
    - We want them to be able to access wireless at other campus areas during this time, just not in this one building.
    - Faculty/Staff needs to use the wireless in that building during that time. This prevents me from simply shutting down the radios temporarily.
    Has anybody attempted anything similar? Anybody have any thoughts or ideas?
    Ethan A. Cooper
    Network Administrator
    LeTourneau University

    Currently, IP and IPX extended access lists are the only functions that can use time ranges. The time range allows the network administrator to define when the permit or deny statements in the access list are in effect. Prior to this feature, access list statements were always in effect once they were applied. Both named or numbered access lists can reference a time range.
    For the further description following URL for the Time-Based Access Lists will help you.
    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/timerang.html#wp10236
    I hope it may help you.

  • As an administrator can I set a time limit and control having inappropriate sites displayed on my "administrator" usage?

    as an administrator can I set a time limit and control having inappropriate sites displayed on my "administrator" usage?

    Parental Controls can be used to set time limits, to allow the computer to be used only within specific hours of the day, and to block certain Web sites (or to allow only certain Web sites). However, they can be applied to a Standard account only, not to an admin account.

  • Time Capsule Access Control and Extended Network Question

    I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
    Thanks for any help…this doesn't seem clear from what I've read/seen.
    James

    I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
    Unfortunately, they are not automatically applied to each base station in an extended network. You would have to manually enter the exact same list in each base station.

  • Time Capsule access control

    Hi:
    I am looking at the time capsule for the following:
    1) Two Time Machine users
    2) A shared folder for music and stuff
    The macbook users should not have access to each others backup, other users should not have access to backups. Preferably, they should not even be able to see these partitions exist.
    - Does the Time Capsule support such a multiuser scheme?
    - Is it possible to assign space for each TM user and the shared folder? (2x200+100 GB).
    - Is it possible to encrypt backups individually for each user and leave the shared folder unencrypted?
    Wireless auth will be WPA2 enterprise EAP-TLS against a FreeRADIUS server, but there is no auth on wired connection. It would be useful if access to the disk using wireless connection would require no further authentication.
    Thanks, Erik

    I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
    Unfortunately, they are not automatically applied to each base station in an extended network. You would have to manually enter the exact same list in each base station.

  • Role Based Access Control and FIM

    Hi,
    Would these statements about RBAC and FIM (not BHOLD) be true:
    RBAC in FIM Sync is essentially governed by the built-in FIM Groups (e.g. FIMSyncAdmins, etc)
    RBAC in FIM Portal is essentially governed by FIM Portal Sets & MPRs
    Thanks,
    SK
    PS. not looking at BHOLD above, just FIM

    This can be true in a narrow sense. If we are just thinking of access to FIM and not on the managed organizational resources.
    FIM Synch:-
    Through FIM Synch groups, we are just controlling the access to FIM Synch service. We are not separating access based on roles(say organizational role).
    For FIM Portal, again it can be true if we are thinking of access to FIM Portal only and not the managed organizational resources.
    Thanks,
    Mann

  • RBAC (Roles Based Access Control) "Broken" in WCS

    In my opinion, RBAC in WCS is broken. They have taken a good concept and implemented it wrong. The way it is currently working is as follows. Roles are defined in WCS. In ACS (or whatever Radius server you want to use), you have to first set up a new "Service" in the TACACS "Interface" configuration called "Wireless-WCS". All this is good. In WCS you then have to go to the "role" or Group that you want, click on task list and it will give you both a TACACs and Radius output that you have to take and then paste into the "Wireless-WCS" custom attribute box in ACS. An example for "SuperUser" role would be a list like below, note the real list is 48 different "tasks", I shortened it here.
    role0=SuperUsers
    task0=Users and Groups
    task46=Auto Provisioning
    task47=Voice Audit Report
    Here is the problem. Why, if you have the role defined in WCS, do you have to repeat its definition in ACS? Why can't you simply pass the first line ("role0=SuperUsers") and have it use the defined role in WCS? This just seems silly. They changed the role of the "SuperUser" in the new 5.0 code too, which means if you assigned these at the user level, you would have to potentially go update a ton of User accounts in ACS so people would have access to their appropriate roles.
    The last time I complained I was told that the reason for it was "The reason it had to be done that way is b/c WCS is not IOS based and the code dictates that it must be done that way.". Seems like a silly reason for not doing things in a good way...
    Just letting everyone know so they can complain when they come across it. Maybe with enough complaints they'll fix it.. 8-)

    Hi,
    I believe all your questions are answered in "System Administrator's Guide - Security" manual.
    Applications Releases 11i and 12
    http://www.oracle.com/technology/documentation/applications.html
    You may also review this document.
    Note: 753979.1 - E-Business Suite Diagnostics RBAC Basics
    https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=753979.1
    Regards,
    Hussein

  • Prime Collaboration Role-based Access Control Issue

    Hello Support Community,
    we are using the Cisco Prime Collaboration Provisioning and would like to configure a user that would act as an admin for one of our domains.
    This user would be able to add, remove, change, etc. all the objects that are located in one remote office. So he should not be able to see the users, phones and so on, from all other offices.
    The issue is that we can not select the domain that should be assigned to him. When we select a user that should be configured as an administrator for the office, go to Manage Authorization Roles, under Roles for Domain there is only "Apply to all domains". We cant select one of the two domains that are currently configured.
    I've tried with different browsers, tried checking the boxes to see if one of those would trigger the change and let us select the domain but so far I had no luck.
    The cluster consists of 7 CUCMs on version 9.1.2.12900-11 (and 2x CUC, 2x IM&P, etc.) and the Prime Collaboration Provisioning is on version 10.5.1.320 (License Type Advanced).
    Thanks in advance!
    Ivan

    Hello Anthony,
    first of all, thank you for taking the time to answer and analyze!
    Your questions:
    "One sure way to check this is to look on the banner and there should be a check mark next to the word Advanced" -  in the top right Corner of the banner I can see a green check mark next to Advanced 
    "The Delegation feature should be set to 2, and not 0 or 1." - the Delegation Feature has the following Status - "Available : 1 | Used : 0 | Expiry : permanent". Does the value has to be "2" under Available ? Because in the Moment we are not using any (Used : 0).
    "I will assume the two Domain groups are already configured and have some users in them." - that is correct. Both Domains are already configured and we have multiple users in both of them. Domains are configured with appropriate Call Processors, Message Processors, LDAP Sync, Service Areas, User Roles and Service Templates.
    I have tested what you proposed in the last part. Selected one of the Users through Deploy > User Provisioning. Opened his User Records page (where we can see all the Services, etc.) > Manage Authorization Rules. In the Roles for Domain field it just says "Apply to all domains", I does not Display any other value when I click on the Dropdown button.
    Kind regards,
    Ivan

Maybe you are looking for

  • Customer service sucks

    Since 2007 I have been a loyal Verizon Wireless customer. On September 3, 2011, a friend of mine told me that she had called but someone who she did not know answered.  When asked if she had somehow misdialed the number she said that she dialed from

  • Unistalling acrobat 9 standard

    I have Windows Vista, prior to that I had Windows XP with Acrobat 5, now with the new machine (vista) i got the upgrade of Acrobat (9). I can't get it install on my Vista PC. I am told I need to remove the 5 version and possibly need to create a new

  • Trouble using iTouch after using another computer

    Hi, My friend came over this past weekend and connected his iTouch to my iMac for a charge. While it was connected I put some music on his iTouch. When he went back to his home in Hiroshima he downloaded Google Earth but whenever he starts the applic

  • Current version of Echosign for Salesforce: 14.16

    get it from here: https://appexchange.salesforce.com/listingDetail?listingId=a0N300000016ZmCEAU

  • IO IN business content

    hi,   plz tellme How do we search infoobjects in Businesscontent? regards, Ramesh