Best practice to rebuild/create Recovery Partition

maiksanftenberg
Contributor II

Hi.

We have some people in the company with machines that does not have a Recovery HD present.
That mean certain features like FileVault does not work.

I know there are tones of articles in the web about "how to create a new Recovery Partition".
Did anybody of you come across an idea how to do this via Self Service e.g.?

It would be very interesting to see if this, in general is somehow possible? That would take the pain from the local tech guys.

Thanks

10 REPLIES 10

daz_wallace
Contributor III

Hi Maik,

for some site's we've started using AutoDMG to build an OS image. Once deployed this automatically creates / replaces a Recovery Partition with an up to date one. Although not usable in your scenario above it has helped elevate this issue in new image deployments.

One way would be to string a few items together. For Example:

Have a policy that will create a 1 GB partition called "Recovery HD".
Have the policy then restore a captured Recovery HD (of the correct OS!) to this partition
Then have the policy run a script to hide the Recovery HD.

Another option would be utilising a "Recovery HD installer like Christopher Silervtooth's - http://musings.silvertooth.us/2013/10/recovery-partition-creator-3-7-updated-for-mavericks/
Possible loading the finally installer package into Casper and push out as a normal installer but scoped to those missing the recovery HD.

Hope that helps!

Darren

gregneagle
Valued Contributor

See also: http://managingosx.wordpress.com/2012/08/15/creating-recovery-partitions/
and: http://magervalp.github.io/2013/10/30/create-recovery-partition-installer-v1.1.html

maiksanftenberg
Contributor II

Great stuff.
Than you very much!!!!
I will look into this.

krichterjr
Contributor
Contributor

I have an EA I either found or put together that checks to see if a computer is ready for FileVault2 based on Apple's and our requirements. One of those checks to see if it has the Recovery HD. I basically searched for the "Apple_Boot" as in our environment the only partition that has this type would be the Recovery HD.

# First let's check the OS version
OSversionfull=`sw_vers -productVersion`
OSversion=${OSversionfull:3:1}

if [[ $OSversion -lt 8 ]]; then
echo "<result>FileVault 2 Encryption Not Available For This Version Of Mac OS X</result>"
exit 0
else


# Now let's check to see if there is the required Recovery HD.
# This does not check to see if this is Recovery HD is good.
Recovery=`diskutil list | grep "Apple_Boot"`

if [[  -z $Recovery ]]; then
echo "<result>FileValut 2 Encryption Not Available Without Recovery HD</result>"
exit 0
else


# Last let's check to see if the User is was using FileVault 1.
User=`last -t console | cut -f 1 -d ' ' | sort | uniq -c | sort -nr | head -1 | awk '{print $2}'`
FV1=`dscl . -read /Users/"$User" | grep sparsebundle | awk '{print $1}'`

if [ "$FV1" == "HomeDirectory:" ]; then
echo "<result>An Earlier Version of FileVault Exists</result>"
exit 0
else
echo "<result>Ready for FileVault 2</result>"
fi
fi
fi

From there I have a Smart Group to find those who do not have a Recovery HD with a policy to install it on those who don't have it.

I recommend the link @gregneagle posted above to create a nice pkg that can be pushed to created the Recovery HD.
http://managingosx.wordpress.com/2012/08/15/creating-recovery-partitions/

krichterjr
Contributor
Contributor

I meant to add that instead of pushing it you could just make it available via Self Service if you prefer. Either way it's worked well for us. :)

krichterjr
Contributor
Contributor

douh!!! Double Post <head shake>

brock_walters
Contributor
Contributor

There really isn't a need for any 3rd party tools. The most viewed Knowledge Base article on JAMF Nation

Deploying OS X v10.7 or Later with the Casper Suite - https://jamfnation.jamfsoftware.com/article.html?id=173

has a step-by-step workflow for upgrading OS X using the App Store OS X Installer (thereby putting the Recovery HD in place) & also a step-by-step workflow for creating OS packages with Composer & imaging computers with Capser Admin & Casper Imaging to completely re-install the Macintosh HD partition & lay down the correct version of the Recovery HD as well.

Not applicable

Many of the third-party tools (like AutoDMG and autopkg) offer far easier and more elegant solutions than the JAMF approaches. i.e. with AutoDMG I can create a never-booted up-to-date base OS DMG that includes the Recovery partition, utilize it in an imaging workflow as a single DMG, and not have to screw around with Composer, second partitions for Recovery, hide recovery partition scripts, etc.

brock_walters
Contributor
Contributor

JAMF's products are flexible & work with all sorts of 3rd party tools. Without having a discussion of people's opinions on using one tool over another (which is perfectly valid) just want to make note of all the tools that are available.

maiksanftenberg
Contributor II

Many ways, many solutions right.
I used the Create-Recovery-Partition-Installer and it worked super great.

Once again, thanks to all of you.