Jamf Nation Community

What does "clean" mean? Revert them back to the way they were when you imaged it?

If so, you can reimage the machine again. That's how we use to do labs once a week, boot to a restore partition and reimage automatically. Now I just clean out local user directories once a night and then just maintain the state with patches and software updates like I would other machines. I do reimage them at least once a semester.

I guess be more specific about the problem you are trying to solve.

Craig E

I've considered Deep Freeze from Faronics Inc.. Never tested it though. I'm not sure how it would interact with Casper. I assume you could have a
policy that issues the appropriate command to reboot in "defrosted" mode in
order to perform installs and/or maintenance. I'd be interested in hearing
about experiences from anyone who is using Deep Freeze in conjunction with
Casper.
The higher overhead, simpler setup option is to reimage regularly via
policy. If you have a local restore partition, and either a separate "data"
partition for your /Users directories or just don't care about user data,
this can be a viable solution.

Hi,

Ive used deep freeze, and it restores on a reboot not logout

You can set thawed drives where files can be saved, all other changes will be lost on a reboot, its great for windows machines, but the mac version has a few more option,

very good and cheap

Criss

Criss Myers
Senior Customer Support Analyst (Mac Services)
Apple Certified Technical Coordinator v10.5
LIS Business Support Team
Library 301
University of Central Lancashire
Preston PR1 2HE
Ex 5054
01772 895054

What is the exact higher goal here? I mean you could just make the whole volume read and execute only and then set a r-w-x volume for data, or if they have network/mobile homes and stuff like that.

You can do log in/out hooks.

You could use something like deep freeze. I haven't used deep freeze since like OS X 10.2 and it wasn't very good back then. I hear it is way better now, but I haven't touched it on the Mac side. I run it on the Windows side and it does what it is suppose to do. Cuts down on a lot of spyware issues.

The Apple Stores use DF on their in-store Macs. They all restore to a
given state upon reboot. To make changes, you must unfreeze (thaw) the
computer, then refreeze it again.

The Apple techs I worked with liked DF. It worked as advertised.

HTH,

Jeff Johnson
Technology Coordinator
Glendale-River Hills School District
Glendale, WI 53209
jeff.johnson at glendale.k12.wi.us

I guess it all depends on your tolerances for things from the sounds of it. If you already have the Casper Suite you can utilize a restore partition or a CasperInstall netboot instance to image the machines when you want them to. The only issue there is the time for a rebuild, particularly if you have large applications like Adobe CS3, Final Cut Studio, etc.

If you want that instant gratification it sounds like Deep Freeze (much like on the Windows side with Deep Freeze or SteadyState) will clean out changes on reboot, and would be a good compliment to your Casper deployments. But this then requires you to purchase additional software.

Good luck,

Craig E

Our district will not purchase deep freeze for Mac, so I am trying to write this apple script to clean up the student accounts at the end of the year, however it works great if there is an item in each folder. If there isn't then it will error and not continue running. If someone out there could tell me how to just by pass the " files not found error" and get this script to continue running it might make life easier for a number of us. Here is the script: tell application "Terminal" do shell script "rm -r ~/Desktop/" delay 1 --pause for a sec do shell script "rm -r ~/Documents/" delay 1 --pause for a sec do shell script "rm -r ~/Pictures/" delay 1 --pause for a sec do shell script "rm -r ~/Movies/" delay 1 --pause for a sec do shell script "rm -r ~/Music/" delay 1 --pause for a sec do shell script "rm -r ~/Downloads/" delay 1 --pause for a sec tell application "Finder" to set desktop picture to POSIX file "/Library/Desktop Pictures/Solid Colors/Solid Aqua Dark Blue.png"

end tell

Thanks for any help, Tami

A bash script run directly from Casper would be better than calling all the commands from an Applescript.

Why delete each users individual subfolders, why not just delete the whole folder?
Also if your accounts are on a domain you may be able to identify network accounts because they will have the domain name in the group part of an ls command.

We use a variation on this where THE_DOMAIN would be our AD domain the accounts are in. There are some other if statements wrapped around the rm command because we only want student accounts so we are checking group membership and we only delete accounts not modified for a certain number of days but you get the idea.

#!/bin/bash
for TheUser in $(ls -1 -trl /Users | awk '/THE_DOMAIN/ {print $NF}') ; do
rm -rf /Users/$TheUser
done

As with anything thats deleting stuff, test and use with caution!

Just curious about Deep Freeze, could each machine have individualized functions (like it's own computer name and bound to AD)?

@TJ78620 - check out this prior thread. I used to use a config profile that would delete student accounts on logout, but it didn't work in 10.10, so we went back to scripting it.

https://jamfnation.jamfsoftware.com/discussion.html?id=4502

Thanks CasperSally, I am going to save that script! Found the solution for mine as well. I need to change the -r to -R -f