How are you Re-Deploying & Provisioning your T2 Macs?

Question

Hello,

My DEP Provisioning workflow is predicated upon an OEM Apple Image as if it were right out of the box.

Currently we internet recovery the T2 Mac back to an OEM Apple Image, at first boot DEP hits and it's back enrolled to our system, first script runs and removes the policy history of that machine & then it is Re-Provisioned.

How are you "Re-Imaging" the machine back to an OEM Apple Image as if it were out of the box? What do you do besides Internet Recovery? I know it can be expedited (I hope & at least faster than internet recovery)

Thanks!

sshort · Accepted Answer

If the Mac is still responsive (and you have admin access to an account) I've found the simplest method is to use a self-service policy that places the macOS installer in a directory of your choice, and then run

/path/to/macOS Installer/Contents/Resources/startosinstall --agreetolicense --eraseinstall --newvolumename "Macintosh HD"

You can even add a --installpackage flag if you need some base config pkg before DEP picks up and you re-enroll. Here's a good example.

Hugonaut · Answer

@ega  I use depnotify to pull all the &#034;heavy&#034; stuff down, all of our enrollment policies are set to ongoing for t2 dep machines, with the first being the policy wipe which isjamf flushPolicyHistorythen, everything else for enrollment trigger is pulled, then once we login (all the logins are set to once per user, per computer) the login triggers start & depnotify kicks off, and brings everything else down.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded