Posted on 07-09-2014 11:35 AM
I am sure the answer to this is completely obvious and I am just missing it for some reason.
The bug with using Casper Imaging over NetBoot with a JDS master DP is really beating me up, so for the group of Macs I've got that are frequently re-imaged, I've changed to a different workflow that I actually like better:
I've set up the policy and manually kicked it off after reimaging, but I cannot for the life of me figure out where to put the FirstRun script. Here on JAMFNation I see numerous mentions of FirstRun scripts and a lot of cool ideas on other things that can be done with them. But what is the right way to automatically trigger the script after imaging completes and the Mac reboots?
Solved! Go to Solution.
Posted on 07-09-2014 12:34 PM
You'll find a good example of the use of LaunchDaemons and first boot script from @rtrouton https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/first_boot/10.9
The plist file goes into /Library/LaunchDaemons
Posted on 07-09-2014 12:38 PM
I found this pretty helpful too. John Kitzmiller is a JAMF employee
https://github.com/kitzy/MacDeploymentScripts/tree/master/postimagingconfig
Posted on 07-09-2014 12:21 PM
@stevehahn I don't know that there is a "right way" to do this. As is generally the case in the Mac admin world, there's about 9 different ways to do something. The way that I handle this is to use a LaunchDaemon to kick off the script.
I create a package file that contains my post imaging script (placed in a hidden folder structure) and a LaunchDaemon that is set to RunAtLoad. I add that package to Casper Admin, set it to install after restart, and then place that in the configuration Casper Imaging uses. NOTE: I do not use Casper to re-image machines. If I need to re-image a machine I will boot it off of an external drive and run the Mavericks installer, then I will NetBoot and run Casper Imaging. I am in the process of changing this to use Casper since it is easier that way.
After initial reboot, my post imaging package is installed on the machine and the machine is restarted. After the second restart, my LaunchDaemon kicks in and runs my script, which installs all my software and does all of the other magic things. The last lines of the script remove the LaunchDaemon and restart the machine.
Hope that helps. If you want to see any of the script or the LaunchDaemon, just let me know.
Posted on 07-09-2014 12:30 PM
I've built an installer package-based tool to help with this kind of situation. I have a post on it here:
http://derflounder.wordpress.com/2014/04/17/first-boot-package-install-revisited/
Posted on 07-09-2014 12:34 PM
You'll find a good example of the use of LaunchDaemons and first boot script from @rtrouton https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/first_boot/10.9
The plist file goes into /Library/LaunchDaemons
Posted on 07-09-2014 12:38 PM
I found this pretty helpful too. John Kitzmiller is a JAMF employee
https://github.com/kitzy/MacDeploymentScripts/tree/master/postimagingconfig
Posted on 07-24-2014 09:04 AM
Thanks everyone! I actually took some pieces from both John Kitzmiller and @rtrouton firstrun scripts, and packaged the resulting Franken-script up with a LaunchDaemon. Works great!
Posted on 07-24-2014 09:22 AM
One other question... what's the slickest workflow for doing this on brand new Macs? I know a lot of folks are deploying new Macs directly to users out of the box with instructions for self-enrolling in the JSS, but I don't see that happening here. As far as I can tell we're looking at either:
Posted on 07-29-2014 04:41 PM
Netbooting and applying a minimal configuration has less margin for error and is the preferred way to do it of the two you mentioned imo. If the machines are 'brand' new you will of course have to consider making a new Netboot set to support them.
Also, depending on the hardware you're supporting you should consider target mode imaging which would allow you to install your materials over thunderbolt/firewire to machines that you put into target disk mode. You have to do it consecutively vs. being able to Netboot machines in parallel, but I often find that in the time it takes to Netboot one machine you can do two peer to peer over thunderbolt. This approach can be impractical if you prefer an unattended imaging process but is wonderful if you're in a time crunch.
Posted on 11-12-2014 06:36 AM
So I'm trying to mod this so that it calls a custom policy trigger at first boot as well as calling the jamf helper before the login window (all after I've installed 10.9.5 from self service).
So Far I'm looking at this as ```
/usr/sbin/jamf launchJAMFHelper -path '/Library/Application Support/JAMF/bin/jamfHelper.app'
sudo jamf policy -trigger FinishUpgrade
```
But how do I call this with a launch daemon? I need to create a plist file that calls this script at reboot correct? Also how do I keep this from running directly after the 10.9.5 installer reboots the system (or is this not an issue?).
Gabe Shackney
Princeton Public Schools
Posted on 11-12-2014 06:58 AM
You could use @rtrouton 's amazing First Boot Package Install Generatorhttp://derflounder.wordpress.com/2014/10/19/first-boot-package-install-generator-app/ for that
and create your Mavericks installer with https://github.com/munki/createOSXinstallPkg to include your First Boot Package installer
Posted on 01-30-2015 01:46 PM
@gshackney I think that first boot package install is overkill. As from my experience, I simply check the box on packages I need installed after imaging in Casper Admin and I havent seen any issues so far. As for triggering this script, you can create a Launch Daemon to call script, package it, add to your config.
Posted on 01-31-2015 07:33 AM
@gshackney, if you're installing via a policy.. You should be able to trigger a policy that sets the settings as you need.
I'd probably write a dummy receipt, then do a recon before the policy completes.
Then have a smart group scoped to that dummy receipt & a policy to run at startup for things like iCloud etc.