[FR] Create Policy to Restrict Device Login to Annotated User
Reported by
stepheng...@amplifiedit.com,
May 23 2017
|
||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; CrOS x86_64 9460.42.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.57 Safari/537.36 Platform: 9460.42.0 (Official Build) beta-channel samus Steps to reproduce the problem: 1. Attempt to restrict a single user to a single device What is the expected behavior? In a 1:1 situation, admins want to restrict which users can login to which device. What went wrong? The current method of a RestrictSigninToPattern allows anyone matching the pattern to sign into the device. Did this work before? N/A Chrome version: 59.0.3071.57 Channel: beta OS Version: 9460.42.0 Flash Version: 26.0.0.102 /opt/google/chrome/pepper/libpepflashplayer.so This is problematic since the Device's Recent Users Log updates on the LOGOUT event, making it impossible to reliably know who is currently logged into a managed device using managed accounts. With ARC taking up more hard drive space for apps and app storage, this granular management is necessary to prevent user data from being inadvertently expunged when the disk drive becomes full during another active user's session. Recommend having this be a Checkbox which sets the policy RestrictSigninToPattern to disabled, sets the policy DeviceShowUserNamesOnSignin to true and remove all profiles other than the Annotated User, and display's the device's Asset ID value at the sign-in screen, if it has been populated.
,
May 26 2017
Assigning to David for triaging.
,
Jul 6 2017
,
Jul 26 2017
I am in k-12 and I would like to limit users to one login . that way when I put Johnny in bad boy restrictions he can not use his girl friends ID to get out. What I had last year was any one student who could remember there password gave it out to the ones who could not remember . Made things confusing when in google classroom. Assigning a user to a Chrome Book would be VERY helpful
,
Jul 26 2017
Question to admins, how would you like to do this assignment? Is it through editing the "User" field under the Device Custom Fields?
,
Jul 26 2017
That's what the original request is for. The user field is the Annotated User.
,
Aug 1
,
Aug 23
,
Sep 18
,
Sep 25
And please make the regular expression for this feature non-case sensitive. There has been issues with other parts of the cpanel where the username match failed due to case sensitivity.
,
Oct 10
This would be very helpful for Education with 1:1 device rollouts. This would help us keep students from swapping devices or trying to get around restrictions that may have been placed on them for inappropriate behaviour. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by t.d.pie...@g.maranausd.org
, May 23 2017