Imaging and network card names on Lion

evarona
New Contributor II

Still getting my feet wet with imaging Mac so please forgive any "n00b-ness" in this post.

I'm building a 10.7.3 image for our users. I built the first image on a mid-2011 Air (MacBookAir4,3) with USB Ethernet and got it all working and joining AD. Then I realized that it failed on the MBP because there is no embedded Ethernet in the image. I started writing a script based on 'networksetup' to detect all devices, configure, set proxy server/exception and then continue. But because there is no way to set the priority of the AD bind, I figured it would be easier to take the working build, deploy to an MBP and repackage to add embedded Ethernet.

Seemed simple enough... And while it all works, I now have NICs on both MBA and MBP that are "mislabeled". Airport is called "Ethernet" and has a wireless logo, USB Ethernet works but is called Wi-Fi and had a wireless logo, etc. This is going to cause a bunch of support calls.

As a last resort, I'm back to writing a script (and struggling with awk) and am going to try to get this to run at maching startup to hopefully run before trying to join AD. But I figured I'd ask if:

  1. I'm missing something in the imaging process? I double-checked MacTracker and I have the latest models of both units.
  2. Has anyone else experienced this or have a suggestion on how to fix this?
  3. Am I wasting my time with the script idea?

Appreciate any input from the community as this is becoming a time suck.

Cheers,
--Emil

10 REPLIES 10

curullij
Contributor

Hi Emil,

The reason that the MBP is playing up is that on the Macbook Air the Wi-Fi interface is eth0 and on the MBP it is eth1

You could probably write a script to recreate the interfaces in the correct order but what I have done and what will give you the fastest resolution will be to just install a clean copy of Lion on the MBP then download and install the 10.7.3 combo update. Then take an image of the MBP to use for all devices other than the Macbook Air. It'll only take a few minutes to capture the image in Composer and then upload it to Casper Admin.

Cheers
Jacob

rockpapergoat
Contributor III

use instadmg to bake your image, and you won't have to script any of that stuff. http://code.google.com/p/instadmg

rtrouton
Release Candidate Programs Tester

Second for instaDMG. Building your image with that tool will solve the issue you're having. It creates a never-booted image, so all of the networking interface settings are created on the imaged machine's first boot.

If you don't want to figure out InstaDMG, Apple's System Image Utility can also produce a never-booted image. I've had better success with InstaDMG though, so that's my go-to imaging tool.

evarona
New Contributor II

Thanks for the quick responses folks. Just d/l'd InstaDMG. I'll check it out and repost. Hopefully it's easier than learning see & awk... :-P

I'll still be able to create a hidden admin account, right? Here's what I've been following to hide my admin user: http://bit.ly/zwXTmJ

Cheers.

rtrouton
Release Candidate Programs Tester

Emil,

You can use CreateLionUser to add your hidden admin account:

http://code.google.com/p/instadmg/source/browse/trunk/AddOns/createUser/

CreateLionUser is included with InstaDMG.

rockpapergoat
Contributor III

for creating hidden admin accounts, use the CreateLionUser.pkg template included with instadmg. read the directions, and you should be alb ego include it in the instadmg build.

otherwise, you can use the jamf binary to do the same thing as part of a first boot policy. that's sort of what i've been doing. the base image has no local account or anything included. policy handles all that.

rockpapergoat
Contributor III

jinx!

tlarkin
Honored Contributor

Hey Emil,

Nice to see another Mac Admin amongst us! I saw your post here and though I'd chime in to add a few things on top of what the community has already posted. Before I worked at JAMF I was a System Administrator for a school district and last summer we mass imaged 6,000 Macbook Airs with the Casper Suite. So, I am very familiar with mass imaging the Airs. So, here are some pointers and things to consider:

USB-to-Ethernet adapters can be a pain. First you will want to add all of these as removable MAC addresses in the JSS. This will allow them to be "promiscuous" and not be tied to a system, and secondly you don't want a MAC address that isn't physically connected to a system at all times tied to one of your Macs. This could cause some issues with tracking and managing them. If you, in your JSS, go to Settings > Inventory Options > Removable MAC Addresses, you will be able to add them.

For your issue with the networking cards not showing up properly after imaging we can address that as well. It sounds like you are using a monolithic "golden master," approach to imaging. Which is fine, it works and gets the job done. However, when you create a base image off a system, it will also grab that system's hardware information. Specifically for the network cards, the property list containing the configuration is located in: /Library/Preferences/SystemConfiguration. There will be some plist files pertaining to the network. If you delete these in your master image they should not copy over to other systems you deploy the image to. I also believe if the file doesn't exist it will create itself at first boot. Please test this method though as I have never personally used it.

Like several others have mentioned, you can use instaDMG. I have used it in the past and it is in fact a great tool. It also works with Casper. However, it is not required and Casper has similar built in functionality. I would say it is a personal choice, and you gotta use what works for you best. If you refer to page 119 in the Casper_Suite_8.4_Documentation.pdf (which you can download off of our main website) you will see instructions on how to create a clean OS image from an OS X Installer DVD. As also mentioned in this thread you can use Apple Disk Utility to create it as well. Disk Utility can also "scan for restore," which verifies the image can be block copied. InstaDMG is basically a set of Python scripts, and some catalog files that compile an OS and OS updates for you into one image file. It isn't updated and maintained for every configuration, so there may need to be some minor tweaking on your end. Plus in the end InstaDMG is the same process, you still have to start by importing an Installer DVD. I wrote a quick tips and tricks and posted it here a while ago.

*I wrote this when I did not work for JAMF*

https://jamfnation.jamfsoftware.com/discussion.html?id=3683

To BIND to AD, look at using the built in BIND functions in the JSS, by going to Settings > Casper Admin, and then click on the Directory Binding button. I used to use a script to BIND clients to a specific replica based on naming convention. Casper's built in function and scoping abilities is way better, in my opinion. I ditched my BIND scripts a while ago. For me it was like I was trying to reinvent the wheel since Casper already had that function built in. Binding takes place at first boot when a client gets done imaging, so it should happen before any users log in, which is nice.

I'll still be able to create a hidden admin account, right?

InstaDMG does have tools to deploy users. I personally do not like these tools (personal preference here, this is my opinion not fact) and I use the JAMF binary to create my local user accounts and hide them. My imaging work flow worked like this in a nutshell:

1 - netboot and image client
2 - at reboot run post image script
3 - when all finished shut down

So, after a machine was imaged it would run my post image shell script. My image contained no users, no preferences, it was a never-been-booted OS image. The script would create the users. I also posted an example of my script on the mailing lists a long time ago and I think there is a version of it here on JAMF Nation.

https://jamfnation.jamfsoftware.com/discussion.html?id=51

*disclaimer - I also wrote the above script before I ever worked at JAMF*

The script is a bit dated, and of course customized to my previous environment. Looking at it, I would totally rewrite some parts if I still used it today. However, if you look at the part where the local users are created you can see how I deployed them and kept them hidden. Casper can also deploy local user accounts as well, which is built in. However, looking at it right now I am not seeing a switch that allows me to deploy a hidden one. I can dig into this later and find out for sure.

So, with my work flow we imaged 6,000 Macbook airs and on top of that 2,000 random Mac desktops (and other Mac laptops) with the same image. So, it worked on iMacs, Mac Minis, Mac Pros, Macbooks, Macbook Airs and Macbook Pros. So depending on how large your Mac client base is, it may be worth your time to do some leg work to build a modular deployment. It's really just a decision of time spent versus reward and what works best for you.

Hope this helps,

Tom

Kumarasinghe
Valued Contributor

Hi Tom,
What is the preferred way of getting this done for Lion installer downloaded from App Store?

If you refer to page 119 in the Casper_Suite_8.4_Documentation.pdf (which you can download off of our main website) you will see instructions on how to create a clean OS image from an OS X Installer DVD

tlarkin
Honored Contributor

Hi Kumarasinghe,

I hope you're doing well. There are several ways to deploy Lion. Many of the community here have done a self service deploy of Lion. See this link:

https://jamfnation.jamfsoftware.com/discussion.html?id=3813

Another way is if you view the package contents of the Lion Installer App you download from the app store. Inside the package contents you will find an InstallESD.dmg file. A quick Google search brought up this link, which is a really good guide on how to pull the image file out and use it to create an image for deployment.

http://www.macworld.com/article/1161069/make_a_bootable_lion_installer.html

I have not personally deployed Lion in mass in a production environment, but I would think you could use similar tactics I outlined in my previous post. My last job we were a straight 10.6.8 shop and I was only evaluating Lion.

I hope this helps you deploy Lion. Feel free to ask the community for pointers as many of them are actually deploying Lion in live environments.

Thanks,
Tom