Jamf Nation Community

cwaldrip · ‎05-05-2015

We're looking at replicating one of the key features of our old monolithic imaging features - being able to reimage the machine in the middle of nowhere without an internet connection.

It happens, from time to time, that our users might be literally in the middle of nowhere (Afghanistan hill country, Yemeni desert, Amazon jungle, Alaska outback, Nebraska, etc) and we might need to reimage their machine or reinstall software while they lack an internet connection.

In our monolithic image our restore partition had a copy of the disk image hidden on it that could be used to reimage with a command file which opened Terminal, gave the user a few prompts, and then ran ASR to deploy the image on the main partition. Or they could fish around in a Restore older on their primary partition where they could find a collection of most likely urgent application installers.

We've got a restore partition setup in our main configurations, and it includes Casper Imaging for when they do have (fast) internet.

My first thought is to setup the Restore Image as an off-line distribution point. But how can I make sure that the contents of that off-line distribution point are up-to-date with the configuration when the computer is deployed. We're less worried about keeping the restore distribution point up-to-date, and more with making sure we have a functional machine in the field during breaking news.

Anyone done anything similar? Ideally everyone would just have gigabit ethernet everywhere. ;-)

psliequ · ‎05-06-2015

I don't deal with this day to day but your problem is interesting and I was thinking of ways to solve it.

Coud you consider some manner of version control for restore points? i.e. "this combination of OS and third party packages is at 1.0 final and is tested to work on this model of hardware..."
Then you wouldn't have to worry so much about restore points being up to date, just that it would reliably be able to restore the machine in question.

If possible, I'd also recommend looking into outfitting your field workers with usb drives that can act as restore points (two partitions, one with an OS and Casper Imaging, another with packages. It'd be much easier for you to make sure those are up to date (you could regularly image them prior to someone leaving without having to tie up their machine to prep it.) Just ideas...

cwaldrip · ‎05-06-2015

We've been lucky in that our machines have all been mostly homogenous (MacBook Pros). We've used version numbers to indicate monolithic builds over the years, so this outside of consideration.

Your USB suggestion has given me a thought. Maybe a self-service policy that runs a script to copy the latest files over to the restore partition. Might need to do a mysql query though (and that's another ball of wax) or just make sure the script is updated semi-regularlly. Hmm...

psliequ · ‎05-06-2015

If you were OK with the restore partition being visible and mounted at all times you could always write policies that update any packages on the restore partition. That's sort of creating twice the management overhead per machine, but possible.

Also possible just to give them a self contained bootable OS X installer on a thumb drive; when all else fails, they can do a re-install of the OS with that, preserve all of their user data and apps, and get by until they come back to hq?

cwaldrip · ‎05-06-2015

So, i've been mulling this over more. Hard to stop thinking based on our old workflows.

We obviously don't need to do a full re-image. Just enough to get the machine working in a critical situation until they have time/bandwidth to do more. So only about a dozen packages.

Next problem is going to be how to image without an internet connection. Our crews are lucky to get a 350Kbps satellite internet connection sometimes. Guess I can go with a compiled image as a emergency solution for when they don't have any internet (no internet, can't talk to the JSS to get the configuration info - right?), and still have most packages locally for more up-to-date emergency imaging.

mm2270 · ‎05-07-2015

I know you probably may not want to look at solutions outside of Casper, but just to give you more to think about, we use DeployStudio here for our imaging and have self contained bootable thumb drives (or external HDs) to do imaging. While our specific process requires both a network connection to the company network, and an internet connection for the purpose of AD binding among other things, this is not at all a requirement for DS to work. You can design it so it uses itself from the bootable image as the sharepoint when the DeployStudio Runtime application opens. Meaning no internet connection at all would still allow a re-image.
This wouldn't get around the issue of needing to keep that DeployStudio process updated periodically, but how that is accomplished here is a new "imaging setup" application is compiled that erases and does a restore of the whole setup back to the drive. Its really just an Applescript app that uses command line to do its work on the selected drive. Once its done, the drive is ready for our techs to use to image machines with.
We've been toying with and looking at another process techs can run from perhaps Self Service that would update their imaging drives on demand once we have a new setup to issue out. Right now they have to download a rather large DMG file to do the update, which can be a bit slow. But it works.

Anyway, just food for thought. Since this would not be the actual "re-imaging" you'd normally do with a Mac that is in an office location (which you'd use Casper imaging for), looking at a quick and dirty DeployStudio setup that can work entirely in an offline state might be an option.

Jamf Nation Community

Installing cached installers on restore partition at imaging time