Lion Upgrade via Self Service?

bentoms
Release Candidate Programs Tester

Hi All,

Just wondering if any of you are upgrading to Lion via Self-Service? If so, please share!

I built all 140+ of our macs last year manually, as part of a company wide migration from Lotus Notes (amongst others).

All macs have: 10.6, Office 2011 & Adobe CS5.

Would upgrading to Lion break any of the above?

We have some Canon print drivers to remove too. Also, we use 802.1x for wireless & the inbuilt Cisco IPSec client.

Normally i'd wipe & build, (migrating user data pre & post).

TIA!

13 REPLIES 13

golbiga
Contributor III
Contributor III

We just started pushing out Lion via Self Service to select users. Instead of using the default installers, we're using the InstallLion.pkg created by Greg Neagle. Going this route allows you to customize your installesd.dmg and to have a completely automated upgrade process.

I've added Java, a payload free pkg that disables the initial registration window and a firstboot script that recreates our admin account and kicks off a few custom policy triggers (along with a few other things) to the installESD.dmg. The upgrade process shouldn't break CS5 or Office 2011.

The only issue that I'm having with this deployment method is that the installer will fail if there is an issue with the users file system (it will fail at creating the recovery partition and restart back into Snow Leopard). Now I have to come up with a workflow that includes verifying the boot volume (any ideas?).

Besides that hiccup I couldn't ask for an easier method for upgrading my users to Lion. Hope this helps.

Allen

mfennelly
New Contributor III

We also used the InstallLion.pkg by Greg Neagle to do our Lion upgrade. We added Java as well and set it up to be an automated install.

I had Casper cache the package and then once the package was cached, the computer would added to a smart group and would be able to see the installer icon in Self Service.

We had a couple of scripts that ran before, one to delete software we knew was incompatible, and another to temporarily give the user admin privileges (we wanted them to set up iCloud) and then the InstallLion.pkg would run and reboot the computer.

It worked really well. We upgraded about 100 people in two weeks. There were two cases where the automated part of the installer didn't work and it had to be clicked through (and if you didn't pay attention the OS was installed to the Data partition) and a few cases where the caching didn't work properly and the installLion.pkg needed to be downloaded again.

I was really happy with the process. And the users appreciated being able run the installation at home. 45 minutes is a long time to be without your computer.

bentoms
Release Candidate Programs Tester

Hi guys, thanks for the responses..

I'm trying it now with little success!

Did you guys cache the installLion.pkg THEN install from cached?

nkalister
Valued Contributor

hey ben, i'm curious what the upgrade is doing to the 802.1x, since that's handled differently under lion . . . Are your 10.6 802.1x profiles continuing to work after the upgrade or are you having to re-configure them?

bentoms
Release Candidate Programs Tester

Nick,

I'll let you know once I have a successful upgrade.

1st attempt, install failed... Restarted & went through install then errored saying something like "couldn't install on /Volumes/Install Volumes"

But it could be an oddity with the mac.

I'll try again tomorrow.

holger
New Contributor

I recommend InstallLion.pkg and firstboot.sh. With that you can do an easy Selfservice-Upgrade. Our firstbootscript:

###
# First Boot script that is used along with a launchd item.  Deletes both itself and the launchd item after completion.
###

#Get rid of SetupAssitant
touch /var/db/.AppleSetupDone
touch /Library/Receipts/.SetupRegComplete

#Create Admin-Account
/usr/sbin/jamf createAccount -username "admin" -realname "Admin-Name" -password "password" -home /private/var/admin -shell "/bin/bash" -hiddenUser -admin

#Sleep a while to take care that everything has its time to setup
/bin/sleep 5

#Starts SSH
/usr/sbin/jamf startSSH

#Starts ARD and sets privs
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -users Adminname -access -on -privs -all

#Sets HostName by retrieving the name from our DNS
/usr/sbin/systemsetup -setcomputername $(/bin/hostname -s)

#Sets computer to never sleep while plugged in to a power source
pmset -c sleep 0

#Updates inventory and submits it to the JSS
/usr/sbin/jamf recon

#Securely removes the launchd item and script.
srm /Library/LaunchDaemons/intern.mpibc.firstboot.plist
srm "$0"

mfennelly
New Contributor III

Yes, I cached the InstallLion.pkg and then installed the cached package.

ernstcs
Contributor III

Really dumb question, when Greg Neagle's installlion README says dump the InstallESD.dmg that the customizeInstallESD command creates into the InstallLion.pkg, where in the PKG does it need to go? In the root of contents or in the Resources folder? Somewhere else? I'm getting an error from the installer when I try to run it through Self Service on postflight. Do the files need to be somewhere special directory wise when I'm building this stuff?

Just trying to build one with a QuickAdd pack to fix the management account stuff and a pkg I made that just runs a postflight script to mv the file for Setup Assistant (which I could have made wrong in Composer). I've made it work fine using the plain installer with JAMF's KB. I can't seem to conquer Greg's.

Thanks in advance in assisting me with my incompetence.

rockpapergoat
Contributor III

the quickadd pkg produced by recon failed every time i tried adding it to the installlion pkg, so i replaced it with one that adds the hidden admin account another way.

figure out which postflight step is failing first.

the esd image needs to be in the resources folder within the pkg bundle itself.

vadmin
New Contributor

@Holger what does your launchd look like for the firstboot. I am trying to build my own

golbiga
Contributor III
Contributor III

vadmin, here is what mine looks like.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>Label</key>
  <string>org.organization.firstboot</string>
  <key>ProgramArguments</key>
  <array>
    <string>/var/firstboot.sh</string>
  </array>
  <key>RunAtLoad</key>
  <true/>
</dict>
</plist>

myronjoffe
Contributor III

I follow the instructions as per Gregs readme. Drop the InstallLion.pkg into Casper admin. But not matter what I do, be it Casper Remote or Self service with caching the install will fail:

Preparing Policy...
Installing InstallLion.pkg...
Installing InstallLion.pkg...
Installation failed. The installer reported: installer: Package name is OS X Lion

If I manually double click on the package it works fine. What am I missing?

myronjoffe
Contributor III

Sorted out the issue by adding /sbin/reboot command at the end of the self service policy. For some reason using the reboot options in the gui caused that error.