Jamf Nation Community

The short answer is yes you definitely can image Apple computers right out of the box without setup assistant. How you get the local admin account setup and other configurations setup can vary depending on what you prefer.

The one way would be to build a monolithic image for your new computers with the admin account configured as well as system settings you would prefer and software preinstalled. Once your image is ready, boot the new computer from an external drive or netboot image (DeployStudio or Casper Imaging) and drop your image on the computer. When you first boot up the new computer be sure to hold down Option to make sure you boot to the external drive or netboot image you prefer.

Another way would be to build an image with Casper by making a base image from an OS installer, setup all of your scripts and packages in an imaging workflow in Casper Admin. Once you are all set boot the new computer from an eternal drive with Casper imaging or a netboot image with Casper imaging, image the computer and you should be all set.

Something we've been working on is leaving the OS in place for imaging, and not replacing the base OS unless we have to (for that reason, the aforementioned fat/modular imaging suggestions don't apply - we already have workflows for that, and it doesn't matter what state the Mac is in, naturally).

For what I'm calling a "roll-up" (apps & scripts only, no OS), we tell the techs to run through the setup assistant (creating a specific account), and then run a config that installs all of our apps/scripts. I'm trying to omit the part where they have to power up the Mac and go through setup assistant, but I've not been able to successfully add accounts this way. Neither the management account (part of the config) nor the local account (added via script after reboot) are working. For now, this config ONLY does that much (or, attempts to, rather). If I go through Setup Assistant and create a dummy account, it works fine (and I suppose I could tell them to do just that, and script it's deletion, but that doesn't really buy me anything).

Two great leads here; one is that it couldn't communicate with the JSS because I neglected the Root CA and Proxy settings. The other is that there were no "after" packages, and I never did see the "after" process kicking off. Trying both...

If you have a NetBoot image and server available that will boot the model of machine you're setting up, you can always NetBoot the machine and use Casper Imaging to deploy packages and scripts to the drive. Just don't include an operating system image and don't select "Erase".

That's how we handle almost all of our deploys and redeploys. If it's a redeploy, we check Erase and select a configuration that includes an OS. If it's a brand new machine, we don't erase the drive and we don't deploy an operating system. We then use a bunch of scripts to configure the system. Using Smart Configurations minimizes the amount of configurations you have to stay on top of and improves consistency of your build.

in the "1001 ways to skin a cat" category, we've abandoned the nuke and pave method of imaging here in favor of the thin imaging approach, except for legacy 10.6 deploys...

We have two netboot images to support thin imaging: NewMacSetup and Reimage-Troubleshoot. When a brand new Mac comes into the office, we netboot it to NewMacSetup. This netboot automatically runs a script to generate a location-based name for the mac, and installs a launch daemon, then reboots the Mac. On reboot, the launch daemon installs a quick-add package, opens a full screen jamf helper window and calls a policy to set it to baseline corporate standards.

Reimage-Troubleshoot does the same exact thing, but first launches a script with a menu to perform 10.8 thin imaging or 10.6 legacy imaging, thent checks for a JSS record based on MAC address and pulls it, then checks for an AD record based on existing Mac name and pulls it, then uses ASR to restore the HDD to it factory default image, then generates a new name, installs the same launch daemon as above. Rinse and repeat as necessary. We tightly control the model types purchased, so I currently have 4 images that might be called by ASR: imac13_2, imac14_2, macbookpro9_1, and macbookpro10_1. This netboot would be used only in the case of troubleshooting or re-provisioning a Mac.

Our nuke and pave uses Casper Imaging and calls a single configuration to wipe the drive and push 10.6.8 and all associated packages for a legacy install. The tech would still use the Reimage-Troubleshoot netboot for this and select the legacy option.

Are you looking to simply disable the Setup Assistant from launching during the ~After Reboot portion of Casper's Imaging?

If so, I worked out a crude hack of simply using Composer to package up a neutered version of Setup Assistant. 1. Make a new package and run your preliminary snapshot.
2. From the command-line, alter the permissions on the Setup Assistant App by typing in "sudo chmod -Rf 664 /System/Library/Core Services./Setup Assistant.app". 3. Run the secondary snapshot in Composer to capture the altered App. NOTE: You'll likely have to manually add this into the Files to Package. Double check the permissions setup for the App in Composer as well. 4. Add a Post-Install script to the .PKG which uses the same line as: "sudo chmod -Rf 664 /System/Library/Core Services./Setup Assistant.app". It's not needed here but can prove useful if you wish to disable Setup Assistant later on an already built system. 5. Save the .PKG and add it to your configuration(s). Do NOT check the box for "Install on boot drive after Imaging"

This replaces the working Setup Asst. App with a non-executable version and allows Casper to continue with it's After Reboot installations unabated. It also disables Setup Assistant from running on 1st Login of new accounts. You can restore Setup Assistant to working status later by running another simple script as "sudo chmod -Rf 775 /System/Library/Core Services./Setup Assistant.app".