kickstart

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources

Quickly uninstall, install, activate, configure, and/or restart components of Apple Remote Desktop without a reboot.

Syntax
      kickstart option(s)

The 7 'top level' features can be selected independently, but will always be done in the order: uninstall, install, deactivate, activate, configure, stop, restart.

Options:

   -uninstall           ## Enable the "uninstall" options
   -uninstall -files    ## Uninstall all ARD-related files
   -uninstall -settings ## Remove access privileges in System Preferences
   -uninstall -prefs    ## Remove Remote Desktop administrator preferences

   -install -package path ##  Specify the path to an installer package to run

   -deactivate            ## Deactivate ARD agent in Sys Prefs to run at startup
   -activate              ## Activate ARD agent in Sys Prefs to run at startup

   -configure -users user1,user2...  ## Specify users to set privs or access (default is all users)

   -configure -access -on             ## Grant access
   -configure -access -off            ## Deny access

   -configure -privs -all             ## Grant all privileges (default)
   -configure -privs -none            ## Disable all privileges for specified user
   -configure -privs -DeleteFiles
   -configure -privs -ControlObserve  ## Control AND observe (unless ObserveOnly is also specified)
   -configure -privs -TextMessages    ## Send a text message
   -configure -privs -ShowObserve     ## Show client when being observed or controlled
   -configure -privs -OpenQuitApps    ## Open and quit applications
   -configure -privs -GenerateReports ## Generate reports (and search hard drive)
   -configure -privs -RestartShutDown
   -configure -privs -SendFiles       ## Send *and/or* retrieve files
   -configure -privs -ChangeSettings  ## Change system settings
   -configure -privs -ObserveOnly     ## Modify ControlObserve option to allow Observe mode only
   -configure -privs -mask mask_no    ## Specify "naprivs" mask numerically instead (advanced)

   -configure -allowAccessFor -allUsers [-privs priv_options]  ## Grant access to all local users
   -configure -allowAccessFor -specifiedUsers           ## Only grant access to users with privileges

   -configure -computerinfo -set1 -1 text  ## Specify all four computer info fields (default for each is empty)
   -configure -computerinfo -set2 -2 text
   -configure -computerinfo -set3 -3 text
   -configure -computerinfo -set4 -4 text

   -configure -clientopts -setmenuextra -menuextra  yes        ## Set whether menu extra appears in menu bar
   -configure -clientopts -setdirlogins -dirlogins  yes        ## Set whether directory logins are allowed
   -configure -clientopts -setdirgroups -dirgroups  grp1,grp2  ## Set directory groups allowed
   -configure -clientopts -setreqperm   -reqperm    yes|no     ## Allow VNC guests to request permission
   -configure -clientopts -setvnclegacy -vnclegacy  yes|no     ## Allow VNC Legacy password mode
   -configure -clientopts -setvncpw     -vncpw      mynewpw    ## Set VNC Legacy PW
   -configure -clientopts -setwbem      -wbem       yes|no     ## Allow incoming WBEM requests over IP

   -stop              ## Stop the agent and/or console program (N/A if targetdisk is not /)

   -restart           ## Enable the "restart" options: (N/A if targetdisk is not /)
   -restart -agent    ## Restart the ARD Agent and helper
   -restart -console  ## Restart the console application
   -restart -menu     ## Restart the menu extra

   -targetdisk mountpoint ## Disk on which to operate, specified as a mountpoint in
         ## the current filesystem.  Defaults to the current boot volume: "/".
         ## NOTE: Disables the -restart options (does not affect currently
         ## running processes).

   -verbose    ## Print (non-localizable) output from installer tool (if used)
   -quiet      ## No feedback; just run.
   -help       ## Show verbose documentation

The default location of kickstart is shown at the top of this page, copy it to any location you prefer (e.g. /usr/bin/local/)
Use kickstart at your own risk. Read and understand the help first!
Log in as an administrator (you must have sudo privileges)
Avoid running multiple instances of kickstart at the same time.
kickstart will start and stop Apple Remote Desktop (ARD) components: Agent & daemons as needed.
kickstart can be used to grant very permissive incoming access permissions. Do not use the -activate and -configure features unless you know exactly what you're doing.

Standard Apple Remote Desktop groups:

ard_admin
ard_manage
ard_interact
ard_reports

ard_admin is equivalent to ard_manage + ard_interact

On many versions of macOS you will need to create ard_admin as a local group, you will then be able to nest any Active Directory group in the local ard_admin group.

Examples

- Uninstall program files (but not preferences and settings), install the given package, and then restart the service.
kickstart -uninstall -files -install -package RD_Admin_Install.pkg -restart -console

- Install the given package and then restart the ARD agent.
kickstart -install -package RD_Client_Install.pkg -restart -agent

- On 10.4 and earlier, stop the Remote Management service but, if activated, it will start after the next computer restart.
- On 10.5 and later, use kickstart -deactivate instead.
kickstart -stop

- Stop the Remote Management service and deactivate it so it will not start after the next computer restart.
kickstart -deactivate -stop

- Restart the agent.
kickstart -restart -agent -console

- Activate the Remote Management service and then restart the agent.
kickstart -activate -restart -agent -console

- Activate the Remote Management service, enable access, and restart the agent.
kickstart -activate -configure -access -on -restart -agent

- Disable user access.
kickstart -configure -access -off

- Give admin and bob all access.
kickstart -configure -access -on -privs -all -users admin,bob

- Use Directory Server accounts for authentication. Users must be a member of one of the directory
- groups to authenticate.
kickstart -configure -clientopts -setdirlogins -dirlogins yes -setdirgroups -dirgroups ardadmin,ardcontrol

- Disable the Remote Management menu extra.
kickstart -configure -clientopts -setmenuextra -menuextra no

- Allow access for only these users (the users must be specified in a separate command).
kickstart -configure -allowAccessFor -specifiedUsers

- Allow access for all users and give all users full access.
kickstart -configure -allowAccessFor -allUsers -privs -all

- Start the Remote Management service.
kickstart -activate

“And I thought how unpleasant it is to be locked out; and I thought how it is worse, perhaps, to be locked in” ~ Virginia Woolf

Related macOS commands

screen - Multiplex terminal, run remote shells via ssh.
Enabling Directory Services Group Authorization


 
Copyright © 1999-2024 SS64.com
Some rights reserved