1. Create a new user on remote machines.
There are several ways to create new users across multiple machines with ARD, including running niutil. But because the Send UNIX Command is not interactive, there is no way to enter a password when prompted unless you know more advanced Unix syntax.
My preferred method is to create an ARD installer package (you can even specify an account with no ARD privileges to just create a generic user without ARD rights), and then use the Install Package command on the client machine(s). If you need that user to have admin rights on his/her machine (the ARD package installer creates a standard, non-admin user by default), you can run the UNIX command after you have installed the package (be sure to run it as root):
niutil -appendprop / /groups/admin users newusername
2. Remove a user from remote machines.
It’s as easy as running two UNIX commands as root from ARD (be careful, these commands are case sensitive):
niutil -destroy . /users/deletedusername
rm -rf /Users/deletedusername
Be careful not to delete the user account that your ARD admin machine is using for ARD access!
3. Figure out who needs which updates.
Let’s say you have a large group of computers that need updating, but you have no idea which machines need which updates. You can send a UNIX command to all selected computers simultaneously to get a look at who needs updating:
10.3 & 10.4 clients:
Software Update will launch as a background process on the selected machines, without requiring any action by the user (and without their even knowing it). Once their systems have checked with the Software Update server for the latest updates, you will see the results of your query in a separate window.
4. Force clients to get current via Software Update.
Tired of pushing patch after patch using the Install Package command? You can force client machines to run their own Software Update locally by sending a UNIX command (this must be run as root to work properly):
10.3 & 10.4 clients:
softwareupdate –-install –-all
Software Update will launch as a background process on the selected machines, without requiring any action by the user. Mac OS X 10.3 clients will retrieve their updates from Apple, so be mindful of sudden bandwidth constraints for your LAN if you try this during a busy time on a lot of machines simultaneously. But if your 10.4 Server and Clients are configured for Software Update services, the client machines will retrieve their updates from the cached packages on the server, saving you significant bandwidth resources and time.
10.2′s version of softwareupdate doesn’t have a man page, so I still haven’t figured out how to tell Jaguar systems to update everything to the current version. My workaround was to first get a list of all eligible updates (see item 3 above), then use the command:
softwareupdate –-install [list each update individually]
Be careful to not leave client systems in an unstable state. When the softwareupdate application is done installing an update that requires a restart, it will be indicated on the status window’s output screen.
5. Export and Import computer lists.
Unfortunately, there is no way to move the entire collection of Computers and Lists from one ARD Admin machine to another (that is, without moving the entire POSTGRESQL database, ARD .plist files, and ARD Keychain items). It’s less complicated just to export the list(s) of your choosing and import to the other machine.
Select a list and choose File > Export Window; you can now save the contents of the window to a text file. On the other ARD Admin machine, you can create a new Scanner, choose File Import, and drag-and-drop the text file into the Scanner window. You can then add those items to the Master List (or any other list you are managing).
I didn’t mention the software auditing capabilities of ARD: you can get a
full report of all software installed on the remote machine(s), and do a
search across multiple machines for a single app (you know, in case you
can’t remember which of your 50 macs you downloaded that special application
You can also rename machines, tell groups of Macs to quit all apps and log
out and/or restart/shutdown, perform hard drive and network diagnostics,
clone a hard drive (local to remote: appears to be a remote ghosting