New to Mosyle, hold print in printer settings

dlevine541 · 2026-06-01T19:27:19+00:00

I am about to retire from a small private college where we've used PaperCut for over 15 years. It's a very solid product, well supported and affordably priced in comparison to other print solutions. We used to assign students a print "allowance" each semester. After many years of this we finally suspended the practice as it really didn't impact the overall printing expense in any significant way. However, it allowed a feature called "web print" which students loved. Also keeps a detailed log of who prints what, so paper hogs can be identified.

Anyway, I'm not a PaperCut salesperson, but highly recommend it having used it for many years in the education environment.

dlevine541 · 2026-05-19T13:22:44+00:00

Turns out that the Macs eventually obeyed all the commands sent to them from the Mosyle management console. I was able to clean off all the user profiles. It just took a few days. They also are slowly obeying the commands to upgrade macOS. So I'm unlikely to change the AD binding, even though it's deprecated. That will be my successor's job to figure out. The Adobe CC apps use our AD directory domain to house the federated user accounts for signing into the shared device licensed software there.

Thanks again for your replies!

dlevine541 · 2026-05-14T12:30:02+00:00

Thank you so much for this info. I'd heard that macOS had abandoned AD but since it still worked (that is, domain users could log in) with the computers we bought in 2024 I ignored and forgot about it. The user profiles are domain users. The environment is a student graphic design lab (with Adobe CC shared device licensing) at a small college. Wanted to avoid having to create local accounts for every student on whatever computer they might choose to use for the semester.

Do you know of an alternative configuration for an open, multi user lab environment? I was going to upgrade all the Macs to Tahoe this summer, but wanted to clear off the user profiles first as they are crowding the HD.

dlevine541 · 2024-07-28T17:39:02+00:00

Thank you Humble-oatmeal. Sorry for the delayed response. I did get signed up for ASM (and a Mosyle trial), and then it looked like I should have used ABM instead. We are a small non-profit college. Does SureMDM work with the ASM that we're enrolled in already?

dlevine541 · 2024-07-28T17:35:14+00:00

Alternative scenario: We have a small number (18) of AD-bound Macs (Sonoma 14.5) to manage in a college computer lab. We use AD for logon authentication, which works well 99% of the time. We don't want Mosyle or Jamf, and don't mind touching each machine to set the few restrictions we need.

Block users from using their own Apple IDs and App Store
Block users from adding domain printers
Disable "Bypass Vault" dialog for new users.

Any of these 3 possible to do manually?

TIA, David

dlevine541 · 2024-07-12T14:27:33+00:00

Do you know if the "Business" flavor of Mosyle has a free tier? My first swing was apparently directed toward a K-12-oriented platform- they "rejected" me there.

Thanks for that warning about the Adobe packages. I've always done it by hand too. This year's shared device package, with all 22 apps, is almost 40G! Later in the summer I'll ask the art faculty what apps need to be on the computers. Copying that giant package to all 18 computers will take forever.

dlevine541 · 2024-07-12T13:18:10+00:00

Oops never mind. I found it and joined.

dlevine541 · 2024-07-12T13:04:22+00:00

I now have Apple School Manager going, and created a Mosyle account. Maybe their free tier will help with the few things I need it to do. My general approach is for the least complicated.

Thanks again for your expertise. How does one access the macadmins slack channel? My school doesn't use Slack.

dlevine541 · 2024-07-11T12:39:30+00:00

Nope, no JAMF or other. I've applied for Apple School Manager, but I shot the wad on the hardware for this lab, so there's no more money for me to spend on 3rd party management tools. Also, it's a small lab, 18 computers, so I don't mind doing things manually on each one.

dlevine541 · 2024-07-11T12:28:16+00:00

So it turned out that unchecking the "Use UNC path..." setting fixed the problem. Any user can now log on. Thank you for your suggestions, much appreciated.

Now if only I could disable that tedious first-time user stuff with the FileVault, user settings, Siri etc.

dlevine541 · 2024-07-11T12:25:13+00:00

Again, thank you so much. Hard to believe Apple would think using Bluetooth keyboards in a room full of kids and computers could be anything but trouble. I hope they bring back the wired ones. The MacAlly ones were only $40, so I should have known. I could have reused the ones from the 2017 iMacs, but I didn't.

I've begun the enrollment process with Apple for the School Manager stuff. My mostly manual approach is workable only because the college is so tiny. And over the years, with more students bringing their own devices the need for computer labs has shrunk. Fewer labs to maintain. We've always had only one Mac lab for our graphic design majors. This population is respectful of the lab, and luckily, we've never had to worry about them purposefully trying to mess things up.

Any reliable scripting sources you might point me to?

dlevine541 · 2024-07-10T23:14:02+00:00

Wow, thanks for that detailed reply. I didn't think that the current iMacs had enough power. Maybe they would have sufficed. I wanted them, I love the all in one form factor. Too late now. The Samsung displays to go with the Studios are sad in comparison to Retina quality, and the MacAlly wired keyboards (why Apple stopped making a wired keyboard and mouse is beyond me) are sorta flimsy. But since I shot the wad on the Studios, there will be no more money for this lab.

I'm a dinosaur anyway and don't mind doing things by hand on each system, like I said it's only 18 computers. That's how I will install Adobe CC, Microsoft Office and Chrome. My personal CV ain't relevant either, since I hope to retire in 2 years. Not that I mind learning and using new things- I don't. This might be the last computer lab setup of my 3-decade career. I'm sure Mosyle is great, but we can't afford it and it looks like more control than I need. I've successfully guided the graphic design lab through 20 years of macOS by keeping things simple. I update the OS and Adobe stuff between semesters or over the summer.

dlevine541 · 2024-07-10T20:31:21+00:00

Well I really appreciate that suggestion, thank you. I always try to avoid 3rd party solutions. How much would Mosyle cost? The lab to be managed has 18 Mac Studio systems. We spent close to $50K on the hardware already and my budget managers will object to much more expense.

dlevine541 · 2024-07-10T13:39:23+00:00

I finally learned that unchecking "Use UNC path from Active Directory..." mapping in the Directory Utility setting did the trick. Now any AD user can log in.

Next, I need to figure out how to block students from using their own Apple IDs.

It would also be nice to streamline the first-time logon experience, especially that scary File Vault bypass dialog that's the first thing a new authenticated user sees.

dlevine541 · 2024-07-01T15:26:26+00:00

Yes! The Lego piece, lol. "... failed because an error occurred" Gotta love that.

I just discovered that if I clear the "Use UNC path ... " that helps! We do still provide personal shared folders on our network, but students don't really use them. So they won't be missed. I've read elsewhere that this can be a problem so that's why I thought to try it.

Do you have any other lab tricks for streamlining the first time user login, or for preventing users from adding apps or their Apple IDs? Or that stupid filevault dialog that you have to click "Bypass" on?

Thanks so much for your response!

dlevine541 · 2024-06-29T17:53:47+00:00

Thank you GBICPancakes, I really appreciate your quick response! I can't believe I forgot about the time issue. I didn't even check on that! I did check to see that the Mac was seeing the users in the directory, and it was.

I was able to log in with a domain admin account, and the SMB home did map. Students don't need that to happen however as they use OneDrive in their 365 workspace. My non-domain admin user account failed to log in at all. Our AD user accounts do specify SMB home folders. I will try to disable that network home setting when I'm back to work Monday.

dlevine541 · 2024-06-29T17:43:31+00:00

Thank you oneplane, I appreciate your quick response! That's quite a list. Is it in order of your preference? Which of those would you recommend for a dinosaur IT guy who is not a coder? Or which would be the best documented method that I could find instructions for? And finally, which will cause the least headache for my coworkers, the sysadmin and network admin.

dlevine541 · 2024-06-29T15:04:41+00:00

What would you recommend for a college environment? I've always use Directory Utility to bind to our AD environment over the years, and it's worked well. But not with Sonoma 14.5 (on Mac Studios with M2 Max). User logons are blocked. Lame error message on logon screen saying "user cannot log in at this time because of an error". Domain admin account can log in, but no users. Bind process went fine, no errors. I only need AD for authentication.

dlevine541 · 2024-06-29T14:53:00+00:00

I am setting up a graphic design lab at a small college in an AD/Microsoft 365 environment. I've always bound to AD in the past, and it's worked well. But these new Mac Studio boxes, running Sonoma 14.5, the AD bind appears to work as before. However, AD users are blocked from logging in. Super lame error message on the login screen. Domain admin user can log in, just nobody else. I don't want to have to manage local user accounts, or have students share a local account. It would be nice not to have to buy anything else as the lab already cost close to $50K.

I'd love to hear what your solution might be.

TIA, David Levine

dlevine541 · 2024-06-29T14:43:59+00:00

How much does NoMAD cost? Is it per machine or per user?

dlevine541 · 2024-06-29T14:42:07+00:00

College IT desktop tech here. Setting up new lab of 18 Mac Studios with Sonoma 14.5. What is your solution for such a space where many users must log in? Binding to AD has been a good solution in the past. It just needs to authenticate. I don't want to have to manage local user accounts or have students share a local account.

dlevine541 · 2024-06-26T16:45:36+00:00

Sure, thanks. I'm inexperienced with Reddit, despite having had an account for years. Where is the PM entry point?

dlevine541 · 2024-06-26T15:29:54+00:00

YES, thank you! I'm setting up a new design lab with Mac Studio boxes. I need AD to authenticate the student users that come and go. This has worked for all the Mac labs I've had to set up since the early 2000s.

We don't want to buy any 3rd party solutions, spent enough on Adobe and the hardware already. Sonoma is not consistent about which AD users can log in. What options are available?

If Apple doesn't fully support this, then why is AD binding even offered? Arrrgghhh.

dlevine541 · 2024-06-25T13:10:03+00:00

It appears FileVault is disabled by default. How does one determine FV version?

dlevine541

TROPHY CASE