Assuming this doesn't interfere with NDA - With 10.10 release soon upon us, has anybody got any first boot scripts to share or find things that don't work that previously did?
- Home
- Community
- Get Support
- General Discussions
- 10.10 Firstboot scripts
10.10 Firstboot scripts
- October 8, 2014
- 31 replies
- 2 views
31 replies

- Contributor
- 33 replies
- October 8, 2014
I am curious how everyone is handling the login screen.. Normally we would customize it to our companies logo and legal talk, not sure how we are going to handle that yet.
- Author
- Esteemed Contributor
- 1310 replies
- October 8, 2014
there's a security banner you can do, added a logo and the disclaimer, that still seems to be working just fine.

- Contributor
- 33 replies
- October 8, 2014
Ya we used that one back in Lion. Kills me to revert back to the old ways haha.

- Contributor
- 24 replies
- October 8, 2014
This is mine for LS&Co. Our company cannot leverage Configuration Profiles due to our firewall settings blocking Apple's AVPN network, so I rely on a master script at the end of our imaging process. Keep in mind, use this at your own risk, I am still tweaking a lot of settings from our old 10.9 script. I have a few settings turned off and on (Gatekeeper off the top of my head) for debugging purposes, until the final release. One thing I did I find that I'm not able to set the trackpad settings correctly via Script. I have cleared out a few settings I wish not share (Security)
#!/bin/bash
# 25-LS-Corporate-Config-Script-OSX-10.10DP8_v7
# Daniel Rheiner
# Date of Compile: X/XX/2014
# Should have last priority After Casper Reboot
# Version 7
# OS X 10.10 Beta
# ** Items are Disabled in this script for BETA Testing **
# Remove Applications, SMB 2&3 Disable
#Scripts executed through the Casper Suite will automatically receive the first three variables in the following order:
# $1 = Mount point of the target drive
# $2 = Computer name
# $3 = Username when executed as a login or logout policy
# Define variables
awk="/usr/bin/awk"
consoleuser=$(/bin/ls -l /dev/console | /usr/bin/awk '{print $3}')
cp="/bin/cp"
dscl="/usr/bin/dscl"
dsconfigad="/usr/sbin/dsconfigad"
dseditgroup="/usr/sbin/dseditgroup"
echo="/bin/echo"
find="/usr/bin/find"
grep="/usr/bin/grep"
ipconfig="/usr/sbin/ipconfig"
JAMF='/usr/sbin/jamf'
kickstart="/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart"
killall="/usr/bin/killall"
launchctl="/bin/launchctl"
ln="/bin/ln"
logdir="/Library/Logs"
mkdir="/bin/mkdir"
mv="/bin/mv"
networksetup="/usr/sbin/networksetup"
OS=$(/usr/bin/defaults read /System/Library/CoreServices/SystemVersion ProductVersion | /usr/bin/awk '{print substr($1,1,4)}')
perl="/usr/bin/perl"
sleep="/bin/sleep"
systemsetup="/usr/sbin/systemsetup"
perl="/usr/bin/perl"
plistbuddy="/usr/libexec/PlistBuddy"
rm="/bin/rm"
touch="/usr/bin/touch"
uuid=$(/usr/sbin/ioreg -rd1 -c IOPlatformExpertDevice | /usr/bin/grep -i "UUID" | /usr/bin/cut -c27-62)
#####################################################
# #
# Network, VPN, Active Directory & Time Services #
# #
#####################################################
killall cfprefsd
sudo killall cupsd
sudo launchctl unload /System/Library/LaunchDaemons/org.cups.cupsd.plist
sudo launchctl load /System/Library/LaunchDaemons/org.cups.cupsd.plist
sudo update_dyld_shared_cache -root /
# Refresh Network Adapters
networksetup -detectnewhardware
#Default search domains
SearchDomains="levi.com"
# Set the time zone
/usr/sbin/systemsetup -settimezone $TimeZone
# Primary Time server
TimeServer1=XXXXXXX
# Secondary Time server
TimeServer2=XXXXXXX
# Tertiary Time Server for Levi Strauss Macs, used outside of Levi's network
TimeServer3=time.apple.com
# Activate the primary time server. Set the primary network server with systemsetup
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer1
# Add the secondary time server
echo "server $TimeServer2" >> /etc/ntp.conf
# Add the tertiary time server
echo "server $TimeServer3" >> /etc/ntp.conf
# Enables the OS X to set its clock using the network time server
/usr/sbin/systemsetup -setusingnetworktime on
# Turns off SMB2 & SMB3 network protocol and forces OS X 10.10 to use SMB1 for legacy Netapp servers
# echo "[default]" >> ~/Library/Preferences/nsmb.conf; echo "smb_neg=smb1_only" >> ~/Library/Preferences/nsmb.conf
# Turn off DS_Store file creation on network volumes
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.desktopservices DSDontWriteNetworkStores true
# Disable external accounts (i.e. accounts stored on drives other than the boot drive.)
defaults write /Library/Preferences/com.apple.loginwindow EnableExternalAccounts -bool false
# Clear text passwords in AFP
/usr/bin/defaults write com.apple.AppleShareClient "afp_cleartext_allow" 1
# Bypass updating Managed Settings Message
defaults write /Library/Preferences/com.apple.mdmclient BypassPreLoginCheck -bool YES
# Disable the save window state at logout
/usr/bin/defaults write com.apple.loginwindow 'TALLogoutSavesState' -bool false
# Remove the loginwindow delay by loading the com.apple.loginwindow
launchctl load /System/Library/LaunchDaemons/com.apple.loginwindow.plist
# Set Shutdown and Logoff timers to 1 second (No Delay)
sudo defaults write /System/Library/LaunchDaemons/com.apple.coreservices.appleevents ExitTimeOut -int 1
sudo defaults write /System/Library/LaunchDaemons/com.apple.securityd ExitTimeOut -int 1
sudo defaults write /System/Library/LaunchDaemons/com.apple.mDNSResponder ExitTimeOut -int 1
sudo defaults write /System/Library/LaunchDaemons/com.apple.diskarbitrationd ExitTimeOut -int 1
# Disable default file sharing for guest
defaults write /Library/Preferences/com.apple.AppleFileServer guestAccess -bool false
# Enable ARD, Remote Management, and Remote Login (SSH) - 1. Removes Administrators Group from Remote login, 2 & 3. Creates xxxxxxxxx Membership, 4 & 5. Adds xxxxxxxxx User to Remotelogin then activates.
sudo dseditgroup -o edit -d admin -t group com.apple.access_ssh
sudo dscl . append /Groups/com.apple.access_ssh user xxxxxxxxx
sudo dscl . append /Groups/com.apple.access_ssh GroupMembership XXXXXX
sudo dscl . append /Groups/com.apple.access_ssh groupmembers `dscl . read /Users/xxxxxxxxx GeneratedUID | cut -d " " -f 2`
sudo systemsetup -setremotelogin on
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -specifiedUsers
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -users xxxxxxxxx -access -on -privs -all
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -activate -restart -console
#####################################################
# #
# Baseline initial System Setup #
# #
#####################################################
# Rename boot drive to Macintosh HD
diskutil rename / "Macintosh HD"
# Disable Hibernation Services
sudo pmset -a hibernatemode 0
# Disable OS X OS Prerelease downloads for all users sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AllowPreReleaseInstallation -bool false
# Set the login window to name and password
defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true
# Enable Fast User Switching option
defaults write /Library/Preferences/.GlobalPreferences MultipleSessionEnabled -bool 'YES'
# Disable iCloud & Apple Assistant Popup for new user creation
for USER_TEMPLATE in "/System/Library/User Template"/*
do
defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE
defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none
defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion 10.10
done
mv /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher.backup
defaults write "/System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder.plist" ProhibitGoToiDisk -bool YES
# Remove Setup LaunchDaemon item
srm /Library/LaunchDaemons/com.company.initialsetup.plist
# Disable Time Machine's & pop-up message whenever an external drive is plugged in
for USER_TEMPLATE in "/System/Library/User Template"/*
do
defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true
done
defaults write /Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true
defaults write /Library/Preferences/com.apple.TimeMachine AutoBackup -boolean NO
# Disable Time Machine snapshots on local disk
sudo tmutil disablelocal
# Expand save panel by default
defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true
defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode2 -bool true
# Expand print panel by default
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint2 -bool true
# Turn off Gatekeeper Message
spctl --master-disable
# Turn off Automatic updates
sudo softwareupdate --schedule off
# Disable the crash reporter
defaults write com.apple.CrashReporter DialogType -string "none"
# Disable disk image verification
defaults write com.apple.frameworks.diskimages skip-verify -bool true
defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true
defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true
# Give all end-users permissions full access to "Print & Scan, Network, Time" Preference Pane
security authorizationdb write system.preferences allow
security authorizationdb write system.preferences.datetime allow
security authorizationdb write system.preferences.network allow
security authorizationdb write system.services.systemconfiguration.network allow
security authorizationdb write system.preferences.printing allow
/usr/bin/security authorizationdb write system.print.operator allow
/usr/sbin/dseditgroup -o edit -n /Local/Default -a everyone -t group lpadmin
/usr/sbin/dseditgroup -o edit -n /Local/Default -a everyone -t group _lpadmin
/usr/sbin/dseditgroup -o edit -n /Local/Default -a 'Domain Users' -t group lpadmin
# Power Settings for all Users (Display Sleep, Workstation Sleep, Wake for network access) (Pmset -a = All Power modes | Pmset -c = A/C Power | Pmset -b = Battery Power)
pmset -a halfdim 1 gpuswitch 2 hibernatemode 0 lidwake 1 sms 1
pmset -c sleep 180 displaysleep 30 disksleep 0 womp 1 networkoversleep 0
pmset -b sleep 20 displaysleep 15 disksleep 10
# Automatically illuminate built-in MacBook keyboard in low light and turn off in idle after 5 minutes
defaults write com.apple.BezelServices kDim -bool true
defaults write com.apple.BezelServices kDimTime -int 300
# Sets System Volume level to 50% osascript -e 'set volume output volume 50'
# Hide the following applications: Game Center, Time Machine, Boot Camp
sudo chflags hidden /Applications/Game Center.app/
sudo chflags hidden /Applications/Time Machine.app/
sudo chflags hidden /Applications/Utilities/Boot Camp Assistant.app/
# Make a shortcut links to Network Utility, Directory Utility, Screen Sharing, Raid Utility, and Archive Utility under "Utilities" Folder
ln -s /System/Library/CoreServices/Applications/Network Utility.app /Applications/Utilities/Network Utility.app
ln -s /System/Library/CoreServices/Applications/Directory Utility.app /Applications/Utilities/Directory Utility.app
ln -s /System/Library/CoreServices/Applications/Screen Sharing.app /Applications/Utilities/Screen Sharing.app
ln -s /System/Library/CoreServices/Applications/RAID Utility.app /Applications/Utilities/RAID Utility.app
ln -s /System/Library/CoreServices/Applications/Archive Utility.app /Applications/Utilities/Archive Utility.app
# Set the ability to view additional system info at the Login window & adds Levi Strauss & Co. disclosure
defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName
defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "You are attempting to enter a private computer system owned by Levi Strauss & Co. You are authorized to enter this system only if an authorized agent of LS&CO. has provided you with a User ID and password for accessing this system."
# Terminal command-line access warning
/usr/bin/touch /etc/motd
/bin/chmod 644 /etc/motd
/bin/echo "" >> /etc/motd
/bin/echo "This Apple Workstation, including all related equipment belongs to Levi Strauss & Co. Unauthorized access to this workstation is forbidden and will be prosecuted by law. By accessing this system, you agree that your actions may be monitored if unauthorized usage is suspected." >> /etc/motd
/bin/echo "" >> /etc/motd
#####################################################
# #
# End-User Profile Settings & System Setup #
# #
#####################################################
# Remove info files on all
rm -R /System/Library/User Template/Non_localized/Downloads/About Downloads.lpdf
rm -R /System/Library/User Template/Non_localized/Documents/About Stacks.lpdf
# Show the ~/Library folder
sudo chflags nohidden /System/Library/User Template/English.lproj/Library/
/usr/bin/chflags nohidden $HOME/Library
sudo chflags nohidden /Users/xxxxxxxxx/Library
# Expand “General”, “Open with”, and “Sharing & Permissions” in File Information
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder FXInfoPanesExpanded -dict
General -bool true
OpenWith -bool true
Privileges -bool true
# Disable “Application Downloaded from the internet” message
sudo defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.LaunchServices LSQuarantine -bool NO
defaults write com.apple.LaunchServices LSQuarantine -bool NO
# Disable “Application Downloaded from the internet” for the particular applications below
sudo xattr -d -r com.apple.quarantine /Applications/Utilities/ADPassMon.app
# Disable the “Are you sure you want to open this application?” dialog
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.LaunchServices LSQuarantine -bool false
# Set Default Screen Saver (Display Computer Name)
mkdir /System/Library/User Template/English.lproj/Library/Preferences/ByHost
defaults write /System/Library/User Template/English.lproj/Library/Preferences/ByHost/com.apple.screensaver.$MAC_UUID "moduleName" -string "Message"
defaults write /System/Library/User Template/English.lproj/Library/Preferences/ByHost/com.apple.screensaver.$MAC_UUID "modulePath" -string "/System/Library/Screen Savers/FloatingMessage.saver"
defaults write /System/Library/User Template/English.lproj/Library/Preferences/ByHost/com.apple.screensaver.$MAC_UUID "idleTime" -int 600
# Enable Screensaver Password
defaults write /System/Library/User Template/English.lproj/Library/Preferences/ByHost/com.apple.screensaver.$MAC_UUID "askForPassword" -int 1
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.screensaver askForPassword -int 1
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.screensaver askForPasswordDelay -int 24
# Show "Mounted Server Shares, External and Internal Hard Disks" on the main Finder Desktop
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowMountedServersOnDesktop -bool true
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowExternalHardDrivesOnDesktop -bool true
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowHardDrivesOnDesktop -bool true
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowRemovableMediaOnDesktop -bool true
# Expand the print window
defaults write /Library/Preferences/.GlobalPreferences PMPrintingExpandedStateForPrint2 -bool TRUE
# Configure Finder settings (List View, Show Status Bar, Show Path Bar)
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder "AlwaysOpenWindowsInListView" -bool true
defaults write com.apple.finder FXPreferredViewStyle -string "Nlsv"
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowStatusBar -bool true
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder ShowPathbar -bool true
# Trackpad & Mouse: Map bottom right corner to right-click and secondary button for Mouse
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.driver.AppleBluetoothMultitouch.trackpad TrackpadCornerSecondaryClick -int 2
defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.driver.AppleBluetoothMultitouch.trackpad TrackpadRightClick -bool true
defaults -currentHost write NSGlobalDomain com.apple.trackpad.trackpadCornerClickBehavior -int 1
defaults -currentHost write NSGlobalDomain com.apple.trackpad.enableSecondaryClick -bool true
defaults write "/System/Library/User Template/English.lproj/Library/Preferences/com.apple.driver.AppleBluetoothMultitouch.mouse" MouseButtonMode -string TwoButton
defaults write "/System/Library/User Template/English.lproj/Library/Preferences/com.apple.driver.AppleHIDMouse" Button1 -integer 1
defaults write "/System/Library/User Template/English.lproj/Library/Preferences/com.apple.driver.AppleHIDMouse" Button2 -integer 2
#####################################################
# #
# Cleanup & Maintenance #
# #
#####################################################
# Remove setup LaunchDaemon item
srm /Library/LaunchDaemons/com.company.initialsetup.plist
# Hide /Opt/ Folder under root drive
chflags hidden /opt/
chflags hidden /private/
chflags hidden /usr/
# Delete Built-in Applications
# sudo rm -rf /Applications/GarageBand.app
# sudo rm -rf /Applications/iMovie.app
# sudo rm -rf /Applications/Keynote.app
# sudo rm -rf /Applications/Numbers.app
# sudo rm -rf /Applications/Pages.app
# Delete Temp User & Folders
/usr/bin/dscl . -search /Users name Temp
sudo /usr/bin/dscl . -delete "/Users/temp"
rm -rf /Users/temp
# Turn on and enable SSH for JAMF Client
sudo JAMF startSSH
sudo systemsetup -setremotelogin on
# Run JAMF Recon sudo JAMF recon
# Flush Managed Policy (Group Policy)
sudo JAMF flushPolicyHistory
/usr/sbin/jamf mcx -verbose
sudo JAMF mcx
sudo jamf setHomePage -feu -fut -homepage http://threads
sudo JAMF updatePrebindings
# Repair Disk Permissions with Disk Utility command line diskutil repairPermissions /
# Run Built-in Unix Maintenance Scripts (Rotate & delete log files)
sudo periodic daily weekly monthly
# Purge System Log
/bin/rm -rf /var/log/system.log
- Author
- Esteemed Contributor
- 1310 replies
- October 8, 2014
I've seen in a few different scripts (10.9 mostly and now 10.10) the send passwords as clear text, why is that? Seems like a security issue.

- New Contributor
- 9 replies
- October 8, 2014
Any passwords we put into scripts we pass as a variable so they aren't in the actual script.
- Author
- Esteemed Contributor
- 1310 replies
- October 8, 2014
sorry, I meant AFP passwords...
# Clear text passwords in AFP /usr/bin/defaults write com.apple.AppleShareClient "afp_cleartext_allow" 1

- Contributor
- 24 replies
- October 10, 2014
Jwojda
This Command you mentioned
# Clear text passwords in AFP
/usr/bin/defaults write com.apple.AppleShareClient "afp_cleartext_allow" 1
I have enabled for debugging purposes, I think I mentioned this in my post above. No one in our environment is running OS X 10.10. Our team controls architectural design of our workstations, so I comfortable keeping that command in our test script as our team is the only one that has access to our POC OS X 10.10 image.
- Author
- Esteemed Contributor
- 1310 replies
- October 10, 2014
oh, testing only :) good point, yeah i missed that the first time. thank you.

- Contributor
- 41 replies
- October 10, 2014
@drheiner , why can't you use profiles?
APNS is only one distribution method. You can still manually generate the profiles and deploy them via package (they are just .mobileconfig files, a profiles command in post flight will install them just fine), or even via policy (which is essentially the same trick).
@jwojda , what functions were you specifically looking for in a "first boot" script. I would be interested in what needs set in such a manner these days. Assuming that the machine is under Casper management, on enrollment script have likely taken over "first boot".
We do have a package that we include in the "upgrade procedure" for each OS. If the receipt for that package isn't seen by Casper, it will push it, once. We then have a subset of those settings as a separate script that gets executed by Casper on recurring checkin.
I could post (or link to) either of those scripts, but they are customized for our environment. Hence my original question, I'd be interested in hearing what your needs are, if only to see how much they overlap with our own.
- Author
- Esteemed Contributor
- 1310 replies
- October 13, 2014
@c0n0r - it's just kind of the way we've always done it. We've dabbled in the thin imaging - even see some gaps that it fills, but even the nuke and pave with modular imaging is relatively fast (20min over gigabit to less than 1hr over 100mb), compared to our Windows deployments which can take upwards of 8hrs...
Anyway, our FB script does stuff like set multiple time servers, stop the iCloud prompts, set login/password for login screen, show the admin info on login screen... things like that.

- Contributor
- 61 replies
- November 20, 2014
we are updating our 10.9.5 machines via self services. caching the ESD for 10.10 in a separate policy, then installing 10.10 through self services. After the reboot, the user logs in and get the icould window. How do i get rid of the icloud window and the diagnostics window? I was looking at this page.
https://derflounder.wordpress.com/2014/10/16/disabling-the-icloud-and-diagnostics-pop-up-windows-in-yosemite/
I have this script running at the end of install policy, but it does not seem to work.
- Valued Contributor
- 1811 replies
- November 20, 2014
Most of the "standard" first boot script items we used in 10.9 are still working ok. We like to split ours into two (assuming we are imaging machines), one to create a local admin account and enable SSH so its available as soon as the machine first reboots, then the rest of the stuff along with the remaining postponed install items.
Putting a local admin account and SSH in first means you can definitely get to the Mac via SSH while postponed install items are running. Handy if you need to check the jam.log etc.
For 10.10 we're using the sysadminctl command to create the initial local admin account for early SSH access (partly because its new and we wanted to try it out!)

- Contributor
- 76 replies
- December 5, 2014
Having a few problems with some of my Yosemite first boot scripts
Firstly, com.apple.timezone.auto.plist seems to have been moved or removed - can't find it anymore. Anyone found a replacement or another way to auto update the timezone?
Secondly, does anyone know how I can set the following on Yosemite:
Date to be displayed as dd:mm:yy instead of mm:dd:yy it's currently defaulting to
Add website to Chrome pop-upblocker whitelist

- New Contributor
- 9 replies
- December 5, 2014
I have a "com.apple.timezone.auto.plist" in "/Library/Preferences/" although the content is almost non-existent.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Active</key>
<true/>
</dict>
</plist>
A better (slightly more future proof) way to set it would probably be to use script that runs "systemsetup -settimezone <timezone>". Use "systemsetup -listtimezones" to find the one you need.

- Contributor
- 35 replies
- January 21, 2015
Has anyone been able to stop the iCloud/Diagnostic screens for a 10.10 upgrade via a script running after upgrade install? From reading around the forums, it looks like it can be done with a custom installer package using createOSXinstallPkg. Has anyone been able to disable the setup prompts using the stock 10.10 installer?

- Employee
- 920 replies
- January 21, 2015
I've got a post on how you can suppress the iCloud and Diagnostic screens with Casper available from here:
You can also control which diagnostic info is sent back. I have a post on how to do that available from here:

- Contributor
- 35 replies
- January 21, 2015
Excellent, thank you! So the script needs to run at startup, but not until after the 10.10.1 upgrade has completed. Hmm..
A policy scoped to a smart group of 10.10 machines to kick off your script would work, but the machine won't fall into the smart group until a recon telling the JSS its on 10.10; which won't happen right away. Whats the best way to get your script to run immediately after the 10.10 upgrade?
This is all stemming from a bigger issue of having setup assistant run on upgraded AD bound Macs with no local/mobile user accounts at the time of upgrade. I started a thread (link below) for that, but this is all circling the same issues.
https://jamfnation.jamfsoftware.com/discussion.html?id=13081

- New Contributor
- 3 replies
- April 22, 2015
Hi all,
I can't seems to bypass the initial setup at boot. My script ran fine up to 10.10.2 but now it don't. I cant figure out how, im pulling my hair!
Disable iCloud & Apple Assistant Popup for new user creation
defaults write /Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE
defaults write /Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none
defaults write /Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion 10.10
mv -v /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher.backup
defaults write /Library/Preferences/com.apple.finder.plist ProhibitGoToiDisk -bool YES
Were are the parameters to bypass the startup configuration now?
Regards
p
- Valued Contributor
- 143 replies
- April 22, 2015
@drheiner Good script example, thanks for posting. And say hi to Eduardo over there. :-)
I've skipped first-run scripts lately in favor of good ol' every15 policies, because of the environments I work in often don't have a consistent worldwide imaging procedure. (Something I'm often helping to remedy.)

- Contributor
- 286 replies
- April 22, 2015
@pierogiobbi - Just throwing it out there. I dn't have my mac right now. But take a look at your /Library/Preferences/com.apple.SetupAssistant.plist. See if LastSeenCloudProductVersion is 10.10 and not 10.10.3.
That my be the thing. I remember this being an issue in 10.9 when going to 10.9.3 or 4.

- New Contributor
- 3 replies
- April 23, 2015
Thanks for input pblake.
Sorry to say it looked right.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>DidSeeCloudSetup</key>
<true/>
<key>GestureMovieSeen</key>
<string>none</string>
<key>LastSeenCloudProductVersion</key>
<string>10.10</string>
</dict>
</plist>
Compared it to my own 10.10.3 computer:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>DidOfferFMM</key>
<true/>
<key>DidSeeCloudSetup</key>
<true/>
<key>GestureMovieSeen</key>
<string>none</string>
<key>LastSeenCloudProductVersion</key>
<string>10.10</string>
</dict>
</plist>
Even copied over my file to the computer via TB but it still wants to run the SetupAssistant.
Im starting to pull my hair on this one. Is this the only criteria to skip the SetupAssistant or are there more must-do-things? On startup im creating an admin on uid 499, everythings seems to run as it should, only thing is the SetupAssistant insisting to run..
Thx.

- Contributor
- 286 replies
- April 23, 2015
@pierogiobbi - https://derflounder.files.wordpress.com/2014/11/screen-shot-2014-11-18-at-9-34-03-am.png. Shows how you can put in the current version as last one seen.

- New Contributor
- 3 replies
- April 24, 2015
Thanks for the input. It turned out to be much simpler.
touch ./var/db/.AppleSetupDone
: )
Have a great weekend all.
p
Reply
Related topics
Share your firstboot script for 10.11icon
General DiscussionsHigh Sierra iclould login pop for existing usersicon
General DiscussionsChanges in Yosemiteicon
General DiscussionsLanguage, Keyboard Layout and Regionicon
General DiscussionsDisables iCloud & Diags pop-up on first login 10.7-10.10icon
General Discussions
Most helpful members this week
- mvu
33 likes
- ThomM
22 likes
- mattjerome
20 likes
- Chubs
15 likes
- AJPinto
14 likes
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Scanning file for viruses.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
OKThis file cannot be downloaded
Sorry, our virus scanner detected that this file isn't safe to download.
OKCookie policy
We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.
Cookie settings
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.