I have a possible thief working for me

C

csalex

Registered
I believe an employee is embezzling from my company. The only way to know for sure is to install snoop software on his (mine, in fact) MBP, without his knowing. He uses a password (though not a firmware password), and I don't want to leave it different when installing the hidden software.
Is it possible to ad an administrator account from command line after booting from single-user-mode? Then his login would stay the same, and he shouldn't be the wiser, as long as he doesn't go visiting accounts in sys prefs.
I'm open to other ideas, short of just confiscating it and having it scoured. I want to catch him IN THE ACT, and have the proof available.

Thanks in advance,
Christian Alexander
 
Hi Christian,

http://osxdaily.com/2007/10/29/how-to-add-a-user-from-the-os-x-command-line-works-with-leopard/ has the details for creating the new user with command line. When using single user mode, you can skip the sudo part.

niutil -appendprop . /groups/admin users yourusernamehere for 10.4...

Set up the new user, and you can make it add remote desktop or VNC, without showing user s/he is being observed, and later you can connect to this system as your user, and see what he is doing if needed.
 
Download jollyFastVNC, it has a built in bonjour feature that any macs connected to the same local subnet are viewable. All you need to know is the local administrator login or password for the machine you are viewing.

Just don't move the mouse across the screen because they will see it but it will be just like you sitting there next to them. We use this program for technical assistance for our mac users.

Very simple, one of the easiest, fastest VNCs i have used.
 
You must log in or register to reply here.
Back
Top