"Mac computers that have the Apple T2 chip don't support starting up from network volumes."

• https://support.apple.com/en-us/HT202770

This would mean that no T2 chip Mac's can NetBoot period.

No.

FWIW, as far as I understand, macs with the T2 chip can't netboot at all officially, but the mechanism is obviously built in to boot to apple diagnostics, internet recovery, or onsite AST2 diagnostics.

That'd be a no, which came as a shock to the Apple Genius last night.

How do Apple Stores "re-image" their 2018 Macs at night?

I believe they use deepfreeze on the in-store Macs

@dstranathan and @rlincoln , yeah, Deepfreeze. I'm a former Apple Retail employee. Try going into an Apple Store, change the wallpaper, create some files on the desktop, change the dock, etc. then just restart the computer. I loved watching people go around and change all the wallpapers to something funny, crude, etc., then follow behind them doing a Control-Command-Power Button to force a restart and revert back to our "image".

@nvandam i doubt deepfreeze is used anymore, since deepfreeze doesn't support APFS in High Sierra.

One of the first things I checked on our first T2 enabled Mac...for my own curiosity. I can confirm for a fact it doesn’t work even with the most liberal settings chosen in Startup Security Utility.

Thanks everyone. I wasn't sure if Apple considered NetBoot "External Media" or not (I do but, Tim Cook doesn't return my calls).

I got my first T2 Mac today. In a pinch, I was able to disable Secure Boot, boot from a 10.13.6 (build 17G2112) USB drive, and then run Jamf Pro Imaging app from USB to get to the Mac enrolled/managed/on-boarded.

I have DEP but Im not fully leveraging it yet. Time for me to start rockin' DEP deployments. Only concern is a few pre-boot scripts that I need to figure out soon.

Is it possible to turn a netboot .nbi folder into a bootable flash drive for use in T2 macs?