- Jamf Nation Community
- Products
- Jamf Pro
- Re: Opinions on Deep Freeze integration with Jss? ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Opinions on Deep Freeze integration with Jss? - Faronics Deep Freeze - For MAC Environment
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 06:11 AM
I'm pretty new to all this, I just moved into this position recently, really excited to learn more about .jss. :)
One of the schools we manage is a creative arts college, with around 100 Macs, imacs, mac pros etc, all scattered between audio studios, labs, and lecture halls. The images between these studios and labs vary greatly, so much so, that Deep Freeze MAC is already in use on around 15 specialty studios MAC Pros, with pro tools HD systems and 100's of third party pluggins etc. The staff are pretty happy with the stability that Deep Freeze provides them in these studios.
We are considering purchasing licenses for the entire school. I see that Deep Freeze has an Enterprise "version", and of course a "MAC" version. Does anyone have any experience, or opinion on which version is better to integrate into a .jss / mac environment? We ideally are hoping to keep students / staff logging into AD. Just looking for general opinions for the moment. i.e. "this is bad, because it is time consuming thawing making adjustments, 1.2.3. then having to re-freeze" etc... or this is great, "it makes my job much simpler because of 1.2.3. etc." I appreciate any and all opinions on the matter. thx
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 08:01 AM
Are the Macs bound to AD or any directory service? Why not just take away admin access? This way you won't have to deal with people mucking around the system.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 08:05 AM
Yes our I.T. dept very much likes to have our machines bound to AD. Users do NOT have any admin access.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 08:10 AM
If the users do not have admin access what benefit does DeepFreeze provide? The users can't really do much outside of their home folder. And if you're managing preferences then you can lock down things even further and/or set the desktop experience you want.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 08:22 AM
I have no idea what benefit deep freeze would provide honestly, that's why I'm asking. I'm trying to stay open, and neutral to the idea; however, most everyone I have spoke to within our IT dept, has the opinion that Deep Freeze, is un-necessary and will simply make things more complicated to manage within the .jss, with regard to having to run scripts to thaw- then make adjustments then re -freeze again of course...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 08:27 AM
I will concur with the others in your IT department. If your users had admin access then maybe you could make an argument for using it. But not in this case. Good on you for keeping an open mind though. Always worth exploring and questioning processes/workflows. Very often people tend to just keep doing something because that's been the status quo for years and they forget the reason they actually started that workflow/process which may no longer be relevant.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-10-2015 09:04 AM
I'd side with them as well. As an alternative, try setting up the autorun features of the JSS. That way you can have the machines reset fairly often.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-11-2015 07:13 AM
Deep Freeze isn't necessary and makes patching and sending fixes out more difficult, but users not being admins isn't enough either IMO.
Look into config profiles that whitelist where apps can run from to lock down the system so apps can only be launched where students don't have read/write access.
To keep the system clean, consider a config profile or script to wipe user accounts off the machine, as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-11-2015 09:59 AM
@CasperSally Do you have a good link to a script like that? We have a lab that we're moving from DeepFreeze for all the obvious reasons now that we're on Casper. Domain accounts, bound by Casper, force local home directory, etc. Mostly just the default settings. We're looking to not delete user directories immediately, but rather after X days of inactivity. Had a lot of other things on my plate, so I've backburnered it for a bit.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-11-2015 10:01 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-22-2015 07:55 AM
It turns out one of our art colleges has Deep Freeze in place on a number of studio machines (Pro Tools HD systems, with sophisticated images, loaded with 3rd party pluggins' etc. It has been a pain in the a$$ to work with to say the least..and i'm not even dug in deep just yet. I don't even know where to begin, in fact... after ssh'ing into a number of them and having them re-boot thawed via a simple script, I would lose remote admin access (no idea why)...then have to go touch them, and dig into sys prefs... I'm NOT a fan of Deep Freeze right now...
