#JNUC Thin Imaging: A Healthier Approach?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-22-2012 06:56 AM
Jeremy Borger and Tim Rocque will be presenting on their implementation of "Thin Imaging" within a Fortune 50 enterprise. Jeremy and Tim will talk about how and why their organization has chosen to take this approach, pros and cons of this approach, and how they've actually implemented this in production.
Feel free to use this thread to post thoughts, ideas, links, and questions regarding the presentation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-23-2012 03:33 PM
Gah, would love to see this, just investigating to change the way we image here to thin imaging!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2013 09:44 AM
Were there any videos or slides from this presentation?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2013 12:58 PM
Hi Sean, unfortunately due to some proprietary information contained within the presentation we weren't able to record the presentation or provide the slide deck.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2013 01:03 PM
Disappointing, though I understand.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2013 02:07 PM
@beckerbm A bit of selective editing/censoring by a capable FCPX (etc.) guru..well.... :)
Oops...I missed the part about not being able to record.
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2013 06:45 PM
I sat through that session. Nothing proprietary about it. I use thin imaging at my company so I would be happy to answer a few questions. Lots of others on here do as well. It's not rocket science it just takes some planning.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-11-2013 11:07 AM
Here is my current workflow idea and I would appreciate any feedback.
Assume:
New Mac out of the box, connected via Ethernet to network.
No Netboot.
No golden master image anywhere in the process.
Going for a "keep it simple" process because eventually, after the process is created and the environment established, the day-to-day operations will be handed over to another team.
- Tech logs in with admin account (either from AD or creates local admin account)
- Mounts server share, where tech copies a Recon package to desktop
- Runs Recon package, which enrolls Mac into JSS, then, in post-flight script, policies to install software and to establish some settings will be run.
- Additional management of settings will be through configuration profiles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-16-2013 08:13 AM
Sean -
If the machine is straight out of the box, step 1 will require the creation of a local account correct? The machine has no prior knowledge of your domain.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-16-2013 08:17 AM
In our testing:
- Set up Smart Computer Group with Serial Numbers of new Macs, or Macs to be (re)built.
- Install QuickAdd.
- JSS does the rest.
This assumes you'll have polices scoped to the group to do stuff like bind to domain, create user accounts, install software, configure services, add/delete stuff, etc...
Don
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-16-2013 08:26 AM
As @frozenarse stated, you'll need to setup a local account to do this. So your techs would have to run through the Setup Assistant to get to this point.
Rather than that, an external USB hard drive, or a thumb drive (I have not tried that yet), that has a minimal OS on it along with Casper Imaging is all you need:
- Tech unpacks the computer and plugs in the external drive.
- Hold down Option key to get boot picker and choose external drive to boot from.
- Casper Imaging starts up and the tech logs in to it and choose the thin config to load.
- Machine loads apps, scripts, and runs first boot script on restart.
- Tech logs in, unmounts external drive and unplugs. Hands computer to user.
That's a very down and dirty, very basic description. During step 4 your scripts would bind to your OD or AD, set any environment variables, etc. and all of your apps would get loaded.
To take it a step further and more automated, as @donmontalvo mentioned, you can create a Pre-Stage Imaging configuration that will make it automatic. This means that you'll need a system for getting serial numbers or MAC addresses into the JSS before the tech unboxes. A simple barcode reader can handle that in a few minutes.
- Tech that receives the equipment scans barcode into the Pre-Stage configuration for your thin imaging.
- Imaging tech unboxes equipment and plugs in external drive.
- Boots off of external drive. Casper Imaging is set to launch on startup.
- Casper Imaging finds the machine in the Pre-Stage config and automatically begins imaging machine.
- Machine loads apps, scripts, and runs first boot script on restart.
- Tech logs in, unmounts external drive and unplugs. Hands computer to user.
This is how I handle most of my machine imaging. I am a one man shop with a small foot print (roughly 140 machines) and we refresh a portion just about every month. I have about 35 machines coming in for my Feb/Mar refresh and I'll use this method (except I'll use a NBI to boot from). I can have a new machine imaged and ready (with CS 5.5 DS) loaded on it within 15 minutes.
Hope that helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-16-2013 10:08 AM
@stevewood When we tested Thin Imaging, we installed QuickAdd and let JSS do the rest. This way you don't have to worry about booting off another drive, NetBoot, etc. In a global environment, as long as you have local Distribution Points, it's fairly fast and reliable.
To Steve's point, our test procedure did require a few minutes for the tech to get past the wizard and get to the Desktop to install QuickAdd. I have only done limited testing, very interested in getting some hands on (maybe at the DFW JAMF User Group? <g>).
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2013 07:04 AM
so, how do you all handle reimaging using the thin imaging method?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2013 07:12 AM
well, we get images of new hardware for the forked instances and keep them around, and we make a unbooted image (many ways for that, AutoDMG, manually, the installer into the JSS etc) for all the hardware that can be supported by it. or you can do the internet recovery nightmare :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2013 07:13 AM
@mahughe][/url We've always made base images, agnostic (including combo updater) handy, so we wouldn't have to rely on Internet Recovery to get the Base OS re-installed. Really trivial to build and manage, and great to be ready if there's a need. So while we try not to touch the OS on new Macs, we also have a fast/reliable/manageable way to re-image using Base OS images.
https://donmontalvo.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2013 08:20 AM
we too have a base, and normally image everything even those out of the box with that image/config we use. I'm trying to use the same theory of Self Service OS X upgrade in the imaging process by dropping the OS X installer app into casper admin and running against it but not having any luck, though I just look at an old asr script we used that I'm going to try and modify if possible to run that installer as it would if it was called for via the script to launch the Self Service install.