Help

Policy to kick in when a computer is manually upgraded or rebuilt

donmontalvo
Esteemed Contributor III

Posted on ‎06-06-2011 11:04 AM

For logistical reasons, there are times when a Mac has to be manually upgraded (pop in DVD, upgrade from 10.5 > 10.6) or manually rebuilt (clean-install).

That said, the techs ALWAYS reinstall Casper agent (QuickAdd) since we noticed it breaks.

Is there a way to flag a computer as having been rebuilt, so we can trigger a policy to kick in and fix other stuff that may have broken?

Thanks,
Don

--
https://donmontalvo.com
0 Kudos
Reply
9 REPLIES 9

bentoms
Release Candidate Programs Tester

Posted on ‎06-06-2011 12:33 AM

Would jamf -flushpolicyhistory work?

Regards,

Ben.

0 Kudos
Reply

donmontalvo
Esteemed Contributor III

Posted on ‎06-06-2011 12:40 AM

Thanks Tom and Ben,

We're looking for a way to identify computers that were originally imaged using Casper, but that have been rebuilt/upgraded manually (using Apple DVD). This way once the tech reinstalls QuickAdd, we can have JSS do the rest (run a policy that fixes/reinstalls stuff that broke because of the manual rebuild/upgrade). We want to automate so the techs don't have to learn any command line stuff (which they're not comfortable with).

Thanks,
Don

--
https://donmontalvo.com
0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎06-06-2011 12:42 AM

Create a custom pkg of quickadd that creates a dummy receipt at time of install?

Regards,

Ben.

0 Kudos
Reply

tlarkin
Honored Contributor

Posted on ‎06-06-2011 12:44 AM

create a custom package that does a policy flush, any once only policy will be reran.

-Tom

0 Kudos
Reply

stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎06-06-2011 12:47 AM

I think you two hit it on the head. Put a PostInstall script into the Quick
On Mon, Jun 6, 2011 at 2:44 PM, Thomas Larkin <tlarki at kckps.org> wrote:
Add package that simply calls the JAMF flush:

jamf -flushPolicyHistory

That should trigger the policies to run.

Steve Wood
Director of IT
swood at integer.com

The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
T 214.758.6813 | F 214.758.6901 | C 940.312.2475

0 Kudos
Reply

RobertHammen
Valued Contributor II

Posted on ‎06-06-2011 12:54 AM

What I do in a similar situation:
On Jun 6, 2011, at 12:40 PM, Don Montalvo wrote:

1) All of the initial, first-run policies (establish proxy servers, install VPN profile, install AV, ensure current versions of Flash/Flip4Mac/Silverlight et. al. are deployed) are set up using a custom trigger

2) Modify the QuickAdd that the techs use to call the custom trigger in the postflight script.

Machine gets upgraded, techs run special QuickAdd, all of the first-run setup items get done. Boom!

0 Kudos
Reply

tlarkin
Honored Contributor

Posted on ‎06-06-2011 11:12 AM

If a machine becomes unmanaged how do you plan on managing it again via a casper policy?

0 Kudos
Reply

donmontalvo
Esteemed Contributor III

Posted on ‎06-06-2011 11:15 AM

After the manual upgrade or rebuild (both done using Apple installer DVD), the tech reinstalls QuickAdd.

Don

--
https://donmontalvo.com
0 Kudos
Reply

donmontalvo
Esteemed Contributor III

Posted on ‎06-06-2011 02:53 PM

We need to keep using the current QuickAdd, since introducing a new one would disrupt day to day work. Several teams, many geographical regions, many techs speaking many languages. So we're trying to find a way to manage this in JSS.

The problem with "jamf -flushpolicyhistory" is that most of these techs are no comfortable in Terminal (I know...why are they supporting Macs!).

One of the reasons for needing to manually upgrade or manually rebuild a Mac is to prevent from having to deal with reinstalling a lot of "heavy" applications, so flushing policy history can bite us there.

We're exploring pulling ticket reports to identify those computers...hope that does the trick.

Thanks,
Don

--
https://donmontalvo.com
0 Kudos
Reply