Jamf Nation Community

What about using the Casper Suite Tools?

InstaDMG is going to give you the best and cleanest output for an image with no accounts set up on it, so I agree with dpertschi here.
However, if you really wanted to do this with the Casper Suite tools, you could build your image normally onto a separate disk or partition, with a local 501 admin account on it, configure it the way you want, then boot to another disk/partition and script the removal of the local admin account from the disk/partition you just set up using something like dscl, as well as the files dpertschi refers to above which will make the Setup Assistant appear after its imaged and booted.
Capture that as a DMG in Composer to use as your deployment image.

You'd probably also want to remove a few other items that could get accidentally captured, like SystemConfiguration settings and some cache files, but that would be the basic idea.

I've never actually done the above steps. I'm going almost completely on assumptions, so I might be missing a step or two.

I suppose my only concern with InstaDMG is we need to apply a theme to these machines. The apps will be installed with Casper Imaging/CasperAdmin. Would that be easy to do? By theme I simply mean a set of custom wallpapers and a custom screensaver.

InstaDMG is JUST for your base. Add as many customizations as you want to your configuration utilizing the "fill user template" features in casper suite.

I see what you are saying, but we don't want any users on the machine. There won't be a home directory to copy from for "fill user template" to work.

@powellbc, if you can use composer to create a .pkg file containing the theme customizations you can use that .pkg file in your InstaDMG workflow. Prior to having Casper, I would use InstaDMG to create an image that contained everything (OS, applications, files) that we wanted on an image without having any user accounts on the image. For some things I would have to put my customizations in the appropriate folders located in /System/Library/User Template/English.proj for the customizations to get applied to the new user that gets created when walking through the setup assistant. But otherwise, I've had very good luck building images using InstaDMG.

"fill user templates" still work - even with no users on the box. but it will leave a directory behind in /Users We solve this with scripting. After system boots up, we do a ton of mods via scripting, but one item is:

echo -e " Cleaning up relics from MITRE User Template and ensuring accounts created with Casper Admin get new user home..."
/bin/mv /Users/Shared /private/tmp/
/bin/mv /Users/* /private/tmp/
/bin/mv /private/tmp/Shared /Users/

This makes sure that /Users only has "/Shared" in it by the time the first user logs in.

/System/Library/User Template/ is still there even though there is no user accounts, in fact thats where new user accounts will get their settings.

As long as whatever you do modifies the template, then you should be good. Only gotcha may be to determine if a setting is a straight /Library/Preferences/ file or a ByHost one.

The ever awesome Rich Trouton has some great examples of how to write preferences to the Default template via script on his GitHub page, his First Boot script especially. https://github.com/rtrouton/rtrouton_scripts

I too use InstaDMG to create my clean image, and then apply user accounts later either thru script or package during imaging, or thru Casper Remote or Apple Setup Utility.

I do a lot of customization on my macs, from user settings to custom desktops and login windows, and i usually compose the items on a test machine and apply those settings during the imaging or post Casper enroll process ( in a thin imaging workflow)

In this case, I ended up building a standard image and booting into SU mode to remove the accounts used to build the base profile. I realize it is a less elegant way to do this but it works.

I appreciate the ideas everyone offered here. Thanks!