Managing about 40 iMacs in a college lab environment.
I have found that booting off a USB stick is incredibly slow, and I've never had very good results with NetBoot. So I thought I'd create a Casper Imaging partition on the internal HD of my lab Macs and re-image from there.
I stuck this script in a policy with a restart at the end, and it works.
Don't try this if security is a huge concern for you. In our case, hiding the imaging partition from the Finder, plus the fact that you still need to enter the JSS password, should be adequate, at least during the summer when nobody's here. (And if someone re-imaged a computer by mistake, it wouldn't be that big a deal -- all user data is on the server anyway).
step 1: create a Casper Imaging boot volume in the usual way
step 2: make a read-only compressed .dmg from it
step 3: upload the .dmg to Packages directory of your Casper share (or wherever)
step 4: run this script via policy; force restart after the script
#!/bin/sh #repair the disk diskutil repairvolume / # create mount point mkdir /Volumes/tmpImaging #mount casper share point mount_smbfs //user:email@example.com/sharepoint /Volumes/tmpImaging/ #copy source dmg of the customized Imaging partition to local HD cp -f /Volumes/tmpImaging/Packages/imaging_partition.dmg /Users/Shared/ #unmount casper share point umount /Volumes/tmpImaging #shrink primary HFS+ partition by 5% and create casper_imaging partition with minimum size 20G diskutil resizeVolume disk0s2 95% HFS+ casper_imaging 20G #mount the source dmg hdiutil attach /Users/Shared/imaging_partition.dmg #copy source dmg to the imaging partition ditto /Volumes/imaging_partition/ /Volumes/casper_imaging/ #hide the imaging partition chflags hidden "/Volumes/casper_imaging" #rename the primary partition "Macintosh HD" (otherwise imaging will fail, because that's what's in the Autorun data) - YMMV diskutil rename disk0s2 "Macintosh HD" #set imaging partition as boot volume for next restart bless -mount /Volumes/casper_imaging -setBoot -nextonly
update: this still works in 10.10, but first you'll need to revert the partition type from CoreStorage back to HFS+ :
returns something like:
diskutil cs list | grep Logical
That last gnarly string of characters (ending in 9B9D in the example above) is the VUID. Then:
-> Logical Volume Family 9E9427F5-46F6-47F8-B8DF-12CD3B6C7AE6 +-> Logical Volume 0C7A8FC4-CF72-4C29-8423-7BCB0B909B9D
diskutil coreStorage revert [your VUID]
Scratch that.... it seems to be something with this SMB mount I was testing the command with.......
Do you know how to hide an SMB mounted share?
Luke, is this broken in 10.11?
I noticed that the chflags hidden doesn't work, at least not for me. I keep getting "permission denied" and yes its run as root.