Posted on 12-15-2015 04:27 PM
Hi All,
New to the Casper suite so sorry for the long post :). I have been testing deployment methods with some test machines over the past few weeks and have been trying to nail down a deployment solution. To give you an idea of what we need to deploy we have several base apps (Office 2016, Sophos AV, Adobe Reader, Google Chrome etc.) and need to have machines bound to AD. We also have a couple of scripts that configure various system settings.
I have been using Casper Imaging and Target Mode Imaging during my testing and have some questions about its functionality and am looking to figure out a way to speed up my deployment. Right now the process that I have been using is:
1) In Casper Imaging my configuration on the right hand side is to erase the drive and reimage with a AutoDMG base OS and create an admin account and name the computer. I also point to a local drive instead of the file share distribution point as it is obviously much quicker than trying to get a 9GB file over the LAN.
2) I then need to manually reboot the computer when finished and log into the local Admin account. From there, since the computer is connected to LAN it is able to enroll in JSS and that triggers an enrollment complete policy to bind the machine
3) I then logout of local admin account and into the AD user account
4) After logging into the AD account I basically let the machine sit as all of the applications and policies are triggered at Login and get all the other applications and policies/scripts over the LAN. This takes a while as everything is trying to be pushed down.
This process takes upwards of 1 hour+ as everything is coming over LAN (and potentially triggered at the same time?) and I know I am doing several things wrong along the way that could speed this up.
Questions:
1) I noticed that some applications don't end up opening (i.e. Office 2016) if I push them during the Target Mode process hence why I only do the base OS and then later let it get the apps over the air. Am I missing something that could allow all my apps to be imaged during Target Mode? Also, has anyone seen issues with certain scripts not working if the computer is not booted into?
2) I know Casper Imaging has a FirstRun script that I believe should reboot the computer for me and then complete additional tasks like install the apps? From my testing it doesn't seem that the computer can reboot on its own. Am I missing something? I would assume I could add my AD binding, all apps and policies to this section of the imaging process if this was working.
Any other tips or suggestions are greatly appreciated! thanks in advance for your help. This community has been so helpful.
Posted on 12-16-2015 01:10 AM
With Casper Imaging, Just check the box : "boot to target drive after imaging", and yes, Erasing HD also will block copy, which is a quicker deployment.
On reboot, All post-install scripts should run automatically.
If you create the base configuration, then Compile it' This will also speed up deployment...
And, Good luck with Sophos :-).. Here's an informative article which I've just used to deploy:
https://www.sophos.com/en-us/support/knowledgebase/14179.aspx
gluck!
Posted on 12-16-2015 07:17 AM
@sams9000 IIRC, in Target Mode Imaging (TMI) the machines you are imaging will not restart. Since you have the machine connected via Thunderbolt cable I believe the thought is that you do not want to reboot while that cable is still plugged in.
I would place everything that you want on the machine into the Casper Imaging configuration and lay it on during the TMI process. If you have an app that isn't working, like Office, make sure that app is set to install at boot. That may correct that issue (I've had no issues deploying Office 2011 this way, haven't tried 2016 yet).
You still need to manually reboot, as I mentioned above, but Casper should start installing everything from the local machine, which should hopefully cut down on your imaging time.
Of course, while I'm not a huge fan of monolithic imaging, if you have a large number of machines to get out at a time, a monolithic image with TMI can cut your entire process down to minutes instead of hours.
HTH
Posted on 12-16-2015 09:24 AM
Another option is to lay down your image as described above, unplug from the target disk unit after the image is completed. Do not restart your newly imaged unit until you hardwire it. Then preform a hard restart. Let the machine set for 10-15 minutes after the restart before restarting again. That way all of the post scripts and packages come down from JSS.
Posted on 04-27-2016 04:22 PM
@stevewood
IIRC, in Target Mode Imaging (TMI) the machines you are imaging will not restart. Since you have the machine connected via Thunderbolt cable I believe the thought is that you do not want to reboot while that cable is still plugged in.
Why? Is there an issue with booting a machine with a thunderbolt cable plugged in?
Can this be sent up as a modification request? I don't understand why 'direct imaging' (why would you image your server?) allows for a restart in the process, but not imaging a remotely connected machine.
I too have the need to reboot after the image to give the machine time to set up everything.
We only use Target Mode Imaging, and we have the machines hard wired into the network during the image, to bind to AD and whatever other things need access to the network.
This may sound a bit like i'm a 'noob', but it is what it is...... I was kind of thrown into JAMF and Casper and am learning while deploying it out to the few (15 - 20) MAC's in the company.
Posted on 04-27-2016 05:17 PM
@rbean to be honest, I'm not certain if there would be a problem booting a machine that was connected via TB to another machine. The logical part of my brain says that there would be, but I've never tried. I always disconnect the TB cable before rebooting.
I'm not certain exactly what you mean by 'direct imaging'. There are several ways to image a machine using Casper Imaging, and I'm sure I'll leave one out:
Boot the machine to be imaged from an external disk that contains Casper Imaging (CI). Run CI from that external drive, selecting the appropriate configuration in CI for your purposes, and tell CI to reboot the machine when finished.
Boot the machine to be imaged off of a NetBoot instance that contains CI. Again, run CI from the NetBoot, selecting the appropriate configuration in CI for your purposes, and tell CI to reboot the machine when finished.
Boot the machine to be imaged into Target Disk Mode (TDM), connect to another machine that is already booted and has CI running, select the configuration in CI for your purposes. Once the machine is imaged, disconnect from TB and connect the next machine to be imaged.
There is, of course, the method of using a machine that is enrolled in Apple's DEP and triggering the "imaging" (laying on of files and settings) via a policy in the JSS that is triggered to "Enrollment Complete".
I do not utilize TMI normally. The only times that I utilize TMI is when I have a large number of machines to image. When that is the case, I set up one machine with my default "image" on it (I do not replace the OS, I just lay down apps and settings) and then utilize Composer to capture an OS image. I then add this fat image to Casper Admin. Once in CA I replicate (sync) my distribution point down to that same computer, creating an Imaging Station out of it, placing a copy of Casper Imaging at the root of the hard drive. With that imaging station created, I then boot the computers to be imaged into TDM. I start CI, set CI to use Target Disk Mode, choose the config, and start imaging. I used this method recently and imaged 30 MacBook Air laptops in just over an hour.
If you are using TMI, once the machine is imaged, simply disconnect from TB and reboot the machine. That's really all that needs to happen. Is there a reason you are using TMI instead of one of the other methods I mentioned above? And are you creating a fat image to deploy or layering on your apps/settings.
Hope that explains it a little bit more.