Configuration Profiles in Lion Server’s Profile Manager - dummies

Configuration Profiles in Lion Server’s Profile Manager

By John Rizzo

A configuration profile is a small XML file that Lion Server’s Profile Manager sends to Lion clients and iOS devices. When a Lion client or an iPod, iPhone, or iPod touch receives a configuration profile, software on the device recognizes the configuration profile file and imports the settings. There are dozens of settings that a configuration profile can create in a client device. Here are a few:

  • Basic account info in a directory service (Open Directory, Active Directory, or LDAP)

  • E-mail, calendar, contacts, and chat. Install user address, passwords, and server info, such as POP and SMTP servers.

  • Microsoft Exchange Server settings for connecting to Windows servers

  • VPN and network settings

  • Printing preferences and restrictions

  • Enforcement of password policies, which you can set in the Server app

  • Restrictions, such as preventing Mac and iOS applications from launching, blocking users from making changes to System Preferences, blocking Macs from accessing external storage devices or optical discs, preventing iOS users from watching YouTube, parental controls, and much more

  • Certificates (a configuration profile can install security certificates in a device)

  • Custom preferences for other applications

There are a few prerequisites. You need to have users’ accounts in a shared directory, such as Open Directory, and you need web and wiki services turned on. It’s also best to have services configured before running Profile Manager so that it can gather the data from the services.