@koszyczj So, do you mean that you did the first command as one script, that runs "After," and the second command as another script that runs "At Reboot?"

I have a similar two-line script for Yosemite that works like a charm, but I am having some issues with El Capitan. I have it set to run "At Reboot." Maybe I can use my script, but just have it run "After" the Base Image install as in your example?

#!/bin/sh
    /usr/libexec/PlistBuddy -c "delete:add-app" /System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist
    /usr/libexec/PlistBuddy -c "delete:add-doc" /System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist
exit 0

HI All,

i use this script set to run "After" the Base Image install which is similar to @itupshot

that works for me.

#!/bin/sh

/usr/bin/defaults delete "$1/System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup" add-app
/usr/bin/defaults delete "$1/System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup" add-doc

exit 0

@malroy @koszyczj It looks like the main difference from yours and mine (besides when to run it), is that you're using the defaults delete command instead of plistbuddy.

I just also realized that because I have to run it "After" the base image, I have to define which volume to run the script on. As in @koszyczj's example:

defaults delete /Volumes/Macintosh HD/System/...

I'll edit mine accordingly for El Capitan, and see if that works for me.

@itupshot

you don't need to hard code define which volume , you can use $1 which is inside my code.

you need to run it "After"

Can I run the above examples from a DeployStudio workflow on an already imaged/configured iMac?

I'm attempting to go the dockutil route, but I'm having no luck with the script I created.

@McKinnonTech

if it is already imaged/configured, SIP is enabled and you can't modify /System/Library/CoreServices/Dock.app

as it is protected

@malroy

Thanks - that makes sense.

What a pain!

For anyone else looking into this while creating a fresh image, I found a solution.

I booted into recovery, disabled SIP in the Terminal

csrutil disable

Ran the following in the command:

 /usr/libexec/PlistBuddy -c "delete:add-app" /System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist
/usr/libexec/PlistBuddy -c "delete:add-doc" /System/Library/CoreServices/Dock.app/Contents/Resources/com.apple.dockfixup.plist

Enabled SIP and reboot:

csrutil enable
reboot

Following this I created a custom User Template with the preferred Dock and tested it with an AD login - the Dock populates fine using the template and no Apple apps are added.

Hopefully we see a better solution for this soon.