Reset network interfaces via networksetup command

Is this not resolved by deleting the contents of the /Library/Preferences/SystemConfiguration/ directory? That folder stores network interface information in the plist files. From what I've seen, just deleting that stuff on your base image usually fixes this kind of stuff, because when the Mac first boots up it recreates all that based on the model its booting and the available interfaces.

If you haven't already tried that, you may want to give it a try. It might be all that's needed.

In my experience, deleting /Library/Preferences/SystemConfiguration/ accomplishes this task just fine but you also lose your computer name in the process. Not a huge deal but it might interfere with your binding process.

I'll give that a try, but these are factory fresh Macs that have never been booted from the internal Hard Drive. We are unboxing, netbooting to a like version of OS, then using Casper Imaging without erasing the hard drive to install packages and a couple of At Reboot scripts. I would assume that the existing /Library/Preferences/SystemConfiguration would have the known built-in interfaces, but not necessarily have both USB and Thunderbolt interfaces added.

What I have observed is that the "populate" argument within the command "networksetup -createlocation Automatic populate" acts exactly as if a admin user click on the agreement to add a new USB Ethernet port in the GUI; it adds it and enables it.

@jhalvorson][/url][/url][/url][/url][/url][/url I'm currently working on a similar solution for our builds. Thank you for sharing this. I am going to play with your script to see if it can work for us.

@bajones][/url][/url][/url][/url][/url][/url to follow up with this - we had to address a similar issue since we are currently deleting the contents of /Library/Preferences/SystemConfiguration/ at reboot since killing it on our base isn't an option for us. Just sharing what I did to remove the conflict with our bind process was run the following tasks as a part of our First Run Scripts:

-remove the appropriate plist file located in /Library/Preferences/SystemConfiguration/
-run networksetup -detectnewhardware -run our bind script
-set hostname from dsconfigad contents

Works OK.

Back to the topic: However, currently running networksetup -detectnewhardware only works with interfaces that are currently active while imaging. Not thrilled with it. So if a tech uses Thunderbolt for imaging, the USB interface on our Airs does not appear. So the timing of this post is great.

Here is part of a script we are using to detect new hardware and populate two different locations. The grep X.X is the first two octets of your network.

IFS="
"

for i in `networksetup -listallnetworkservices | grep Ethernet | grep -v ^*`; do result=networksetup -getinfo "$i" | grep IP address | grep X.X if [ ! -z "$result" ]; then networksetup -createlocation Home populate networksetup -createlocation Work networksetup -switchtolocation Work networksetup -createnetworkservice "$i" "networksetup -listallhardwareports | grep -A1 "$i" | grep Device | awk '{print $2}'"

I hope this will be of help.

I think this has been answered in other posts, namely https://jamfnation.jamfsoftware.com/discussion.html?id=3422

Here's the relevant section of our first run script, which may help:

1# Set up the variables we need for future changes
2
3MacModel=$( ioreg -l | awk '/product-name/ { split($0, line, """); printf("%s
4", line[4]); }' )
5PrefModel=$( defaults read /Library/Preferences/SystemConfiguration/preferences.plist Model )
6
7# Fix the incorrect model name in /Library/Preferences/SystemConfiguration/preferences.plist
8# Also make sure the .plist is in the correct format
9
10if [[ "$PrefModel" != "$MacModel" ]];
11then
12  /bin/echo $AdminPW | sudo -S defaults write /Library/Preferences/SystemConfiguration/preferences.plist Model $MacModel
13  /bin/echo $AdminPW | sudo -S plutil -convert xml1 /Library/Preferences/SystemConfiguration/preferences.plist
14fi
15
16# Fix the incorrect network service names
17# Script lovingly stolen from https://jamfnation.jamfsoftware.com/discussion.html?id=3422
18
19# Detect new network hardware
20networksetup -detectnewhardware
21
22# List all network services and read one by one
23networksetup -listallnetworkservices | tail -n +2 | while read service
24do
25
26# Remove asterisk from string for renaming disabled services
27    service=${service#**}
28
29# Use filter to select next line which has the hardware port defined
30    filter=false
31
32# Display network services
33    networksetup -listnetworkserviceorder | while read serviceorder
34    do
35        if [[ ${filter} == true ]]
36        then
37            # Grab hardware port
38            hardwareport=`echo ${serviceorder} | sed -e 's/(Hardware Port: //;s/, Device:.*//'`
39
40            # Check if service name if different
41            if [[ ${service} != ${hardwareport} ]]
42            then
43                # Rename the network service
44                networksetup -renamenetworkservice "${service}" "${hardwareport}"
45                echo -e "Renamed network service "${service}" to "${hardwareport}""
46            fi
47        fi
48
49        if [[ ${serviceorder} == *${service} ]]
50        then        
51            # Got the line with the service. Set the filter to true to grab the next line which contains the hardware port
52            filter=true
53            else
54            filter=false
55        fi
56    done
57done

@franton nice, thanks for sharing! Just to confirm - the plist files you're working with are the ones that you kept on your base OS, correct?

We use this as part of a script we run over the top of the loginwindow on first boot. The base OS I now generate from the InstallESD via autodmg.

Any suggestions on how to assign network services to interfaces that don't currently exist (ie. usb ethernet)? I'm trying to preconfigure proxy settings for all possible network interfaces (Display Ethernet, USB Ethernet, Thunderbolt Ethernet, etc...) without having them all connecting during imaging time. Right now I'm looking at modifying /Library/Preferences/SystemConfiguration/com.apple.NetworkInterfaces with Plistbuddy. It looks like each model of machines reserve interfaces consistently MacBook Air (en0 = Wifi, en1=USB Ethernet)

@timkalee.. Where are you trying to set these?

We use the following post imaging & it sets all interfaces proxy URL (for our PAC File). http://macmule.com/2011/09/09/how-to-change-the-automatic-proxy-configuration-url-in-system-preferences-via-a-script/

I have a workaround that I posted up a while ago for Casper 8.7x in which Casper was not keeping the computer name, This was due to a number of things however I found the network adapters not being refreshed correctly as one of the main issues. I made a new version to refresh these adapters as I am using a another script to turn on and off the Airport when an ethernet device is found. This works for our environment so no way a 100% answer to the question however this may help.

Please decompile this .pkg first to ensure everything looks fine. This works on the new Macbook Pro's and MacBook Airs. 1. Download this Package: http://home.comcast.net/~nw_systems/Has_OSX_10.9_Workstation_Network-Adapters_Refresh.pkg

1. Place this in your task sequence right after your base image has been copied over (Before the first reboot)

Test! I found the Thunderbolt Bridge was tripping me up the most

@bentoms @drheiner
Thanks for the links. At image time we're able to at proxy configs to any active interfaces. If/when the user plugs into USB Ethernet or Thunderbolt Display Ethernet, the proxy settings are not there. I was hoping to somehow create those interfaces at image time before the proxy config script runs. I might just need to have a cached script to run at network change.

@franton][/url][/url

I took your script listed above, added a shebang line to it, created a payload free installer package with it as a post install script. Uploaded the package to Casper Admin. Set it the package to "install of boot drive after imaging". Set the package with a priority of 2.

The base image was created using Mac OS X 10.9.2 AutoDMG straight vanilla with no updates or anything applied. Uploaded that to Casper Admin. Created a Configuration that includes the Base OS, two local accounts we create on every machine (I declared those in Casper Admin), the package I created with your script, and a simple script that has the command 'software update -i -a' in it. Every time I image that configuration to a test Mac Pro (2013 model) I have, we end up hanging in jamfhelper. Force quit jamfhelper only to see Bluetooth PAN discovered and my software update -i -a command never seems to run even if I accept the addition of the adapter from the GUI by force quitting jamfhelper!!

I have been trying for days to figure out how to not have 'Bluetooth PAN adapter detected' come up using different base OS creation techniques to no win. Saw your script and that it seemed to work for you and others. For whatever reason it's not working here.

What advice can you give on workflows, scripting syntax, etc to make this work?

I'm with you, I'd rather use a vanilla AutoDMG image with no accounts personally, but can't seem to make a go of it despite my best efforts. There is one way I know I can make a go of this using AutoDMG, but it seems like a painful method. I could just capture the /Library/Preferences/SystemConfiguration/preferences.plist and /Library/Preferences/SystemConfiguration/NetworkInterfaces.plist on each hardware model that we use, but honestly that method makes me want to groan as I would have to maintain separate configurations by hardware model.

@drheiner][/url][/url seemed to have a good idea but when it looked at the postinstall script in his package (as posted below), I noted that my AutoDMG vanilla base image doesn't even have a /Library/Preferences/SystemConfiguration/preferences.plist file at all so I wonder why (or how) to delete keys from a file that isn't there or why I would want to remove the two files at the end (they aren't on the base OS either).

1#!/bin/sh
2# Has_OSX_10.9_Workstation_Network-Adapters_Refresh
3# Daniel Rheiner
4# Should have priority 2 after Base Image
5# Version 1
6# OS X 10.9
7
8pathToScript=$0
9pathToPackage=$1
10targetLocation=$2
11targetVolume=$3
12
13defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" NetworkServices
14defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" CurrentSet
15defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" Sets
16defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" Model
17defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" Interface
18defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" VirtualNetworkInterfaces
19defaults delete "$2/Library/Preferences/SystemConfiguration/preferences" Thunderbolt Bridge
20rm "$2/Library/Preferences/SystemConfiguration/com.apple.smb.server.plist"
21rm "$2/Library/Preferences/SystemConfiguration/NetworkInterfaces.plist"
22
23exit 0      ## Success
24exit 1      ## Failure

In the end very confused and frustrated and seeking help from folks who have already tamed Mavericks imaging well.

My scripting runs over the top of the loginwindow on first boot. Attempting to run it anywhere else is not guaranteed!

This seems like a lame question @franton][/url][/url, but I've got to ask to be specific.

loginwindow at first boot: so to implement that, I would create a launchdaemon (or launch agent whichever you recommend), have it and your script laid down after the OS is being laid down but before it reboots to do post imaging .pkg files (I can see doing that...make a DMG that contains your script called by a launchdaemon plist) and later get rid of said script and launchdaemon (or launch agent) after it has run successfully?

Is that you how implement running it "over the top of the loginwindow on first boot". Not a newbie, but since I'm having troubles, it always helps to be specific I'm guessing. I am going to try that but would appreciate any confirmation of your methodology. I thank you for responding to my earlier post.

@blackholemac Essentially that's it. Our implementation uses a launch agent (as daemons do not run on the loginwindow tag in launchd plists), to run iHook. iHook is called to run our firstrun script including the stuff you see above.

(iHook incidentally is used to provide a user accessible display of what the computer is doing while locking it out for general use until all tasks are done. This includes our initial software and policy installation.)

that is why I was thinking a very simple daemon, it runs at boot, not as a user considering we are messing with system settings. I don't use iHook but am not opposed, it just isn't in our environment yet as I've never needed it. I'll try both as launch agent and launchdaemon to see what works, I have injected some upped logging code in the launchdaemon script to see how far things are getting.

Basically my overall goal is this, lay down the autodmg OS package and anything that doesn't need scripting logic to run. Reboot, install all the packages that do require scripting logic (maybe about 10 or 20 depending on our labs).

At installing all of those pkgs, I want to call an "environment package" I have that adds custom folder/file payloads for users where I want them and sets permissions right. As part of that "environment package", I have a post flight script that sets the behavior of the machine's environment.

Anyway, given that, the whole workflow seems to barf when I get to any package that requires network access (or if I take all the packages out leaving just the "environment package", it seems to barf when I get to the softwareupdate -i -a command)

What you propose could work ... it's not all that different from what we have. I prefer to get the jamf binary to do it's work when the full OS is present however. The disadvantage of my way is that you're operating not as the root user, so you have to do nasty kludge work if you need root level access such as the shutdown command.

Well given what you told me about running it as a LaunchAgent at the loginwindow, I did some reading up (plus I tried doing it my way and spectacularly continued to fail.)

I formulated a launchagent here:

1<?xml version="1.0" encoding="UTF-8"?>
2<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3<plist version="1.0">
4<dict>
5  <key>Label</key>
6  <string>refreshnetworkprefs</string>
7  <key>LimitLoadToSessionType</key>
8  <array>
9    <string>LoginWindow</string>
10  </array>
11  <key>Program</key>
12<string>/Library/Scripts/Admin/refreshnetworkprefs.sh</string>
13  <key>RunAtLoad</key>
14  <true/>
15</dict>
16</plist>

I formulated a very minorly modified version of your script here..primarily to inject some breadcrumbs to see where I am failing and allow the network interfaces time to get IPs and settle:

1#!/bin/sh
2
3# Set up the variables we need for future changes
4
5echo "script kicked off" >> /Library/Scripts/Admin/refreshnetworkprefslog
6
7MacModel=$( ioreg -l | awk '/product-name/ { split($0, line, """); printf("%s
8", line[4]); }' )
9PrefModel=$( defaults read /Library/Preferences/SystemConfiguration/preferences.plist Model )
10
11# Fix the incorrect model name in /Library/Preferences/SystemConfiguration/preferences.plist
12# Also make sure the .plist is in the correct format
13
14if [[ "$PrefModel" != "$MacModel" ]];
15then
16  /bin/echo $AdminPW | sudo -S defaults write /Library/Preferences/SystemConfiguration/preferences.plist Model $MacModel
17  /bin/echo $AdminPW | sudo -S plutil -convert xml1 /Library/Preferences/SystemConfiguration/preferences.plist
18fi
19
20# Fix the incorrect network service names
21# Script lovingly stolen from https://jamfnation.jamfsoftware.com/discussion.html?id=3422
22
23echo "variables declared" >> /Library/Scripts/Admin/refreshnetworkprefslog
24
25# Detect new network hardware
26networksetup -detectnewhardware
27
28# List all network services and read one by one
29networksetup -listallnetworkservices | tail -n +2 | while read service
30do
31
32# Remove asterisk from string for renaming disabled services
33    service=${service#**}
34
35# Use filter to select next line which has the hardware port defined
36    filter=false
37
38# Display network services
39    networksetup -listnetworkserviceorder | while read serviceorder
40    do
41        if [[ ${filter} == true ]]
42        then
43            # Grab hardware port
44            hardwareport=`echo ${serviceorder} | sed -e 's/(Hardware Port: //;s/, Device:.*//'`
45
46            # Check if service name if different
47            if [[ ${service} != ${hardwareport} ]]
48            then
49                # Rename the network service
50                networksetup -renamenetworkservice "${service}" "${hardwareport}"
51                echo -e "Renamed network service "${service}" to "${hardwareport}""
52            fi
53        fi
54
55        if [[ ${serviceorder} == *${service} ]]
56        then        
57            # Got the line with the service. Set the filter to true to grab the next line which contains the hardware port
58            filter=true
59            else
60            filter=false
61        fi
62    done
63done
64
65sleep 10
66
67launchctl unload -w /Library/LaunchDaemons/refreshnetworkprefs.plist
68
69echo "script ran" >> /Library/Scripts/Admin/refreshnetworkprefslog
70exit 0

I am testing this as I type...I'll keep you posted. Thank you @franton for being a patient man with us.

No worries. I've been through the pain of this firsthand, so glad to help. Anyway while I wait for a large amount of CS6 installs to finish, here's what I have.

LaunchAgent first. This calls a "wrapper" script as I found passing parameters from launchd to be fiddly.

1<?xml version="1.0" encoding="UTF-8"?>
2<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3<plist version="1.0">
4<dict>
5  <key>Label</key>
6  <string>com.ual.casperfirstrun</string>
7  <key>LimitLoadToSessionType</key>
8  <array>
9    <string>LoginWindow</string>
10  </array>
11  <key>Program</key>
12<string>/firstrun/firstrun.sh</string>
13  <key>RunAtLoad</key>
14  <true/>
15</dict>
16</plist>

Now for the first run script itself. I'm going to redact a few ... interesting sections.

1#!/bin/bash
2
3# Firstrun script for a freshly imaged JSS managed OS X client.
4
5# Author      : r.purves@arts.ac.uk
6
7# Version 1.0 : 1-11-2012 - Initial Version
8# Version 1.1 : 5-11-2012 - Added MS DNS server settings
9# Version 1.2 : 6-11-2012 - Now forcibly resets all network services to default
10# Version 1.3 : 8-11-2012 - The above but also:
11# 1) Finds the mac model name from the current computer
12# 2) Fixes the /Library/Preferences/SystemConfiguration/preferences.plist to use correct model name
13# 3) Removed MS DNS server settinsg
14# This is because casper imaging 8.62 isn't changing the model key at all in this file causing headaches
15# Version 1.4 : 13-11-2012 - Forces a policy flush and an mcx push.
16# Version 1.5 : 19-11-2012 - Added assistive device and AD authenticated printing settings.
17
18# Version 2.0 : 22-11-2012 - Added cascading menu system to fix Casper 8.62 building/dept bug
19# Version 2.1 : 22-11-2012 - Now with added error trapping! Moved MCX refresh to just before manual software install trigger.
20# Version 2.2 : 23-11-2012 - Interrogates JSS for building/dept config and skips menu if it has one.
21# Version 2.3 : 23-11-2012 - Moved variables behind iHook invoke code to stop spurious screen on startup.
22# Version 2.4 : 26-11-2012 - Tidied up JSS interrogation and added Adobe installer policies.
23# Version 2.5 : 28-11-2012 - Implemented change of background for menu at specific points.
24# Version 2.6 : 03-12-2012 - Process check function to try and avoid multiple jamf triggers running at once.
25# Version 2.7 : 10-12-2012 - Changed timer on check function. Added code to make sure network and local hostnames are correct.
26# Version 2.8 : 20-12-2012 - Debugged (again) the JSS check and added a computer/hostname refresh. Should keep DNS up to date.
27# Version 2.9 : 18-01-2013 - Removed energy saver as this is now deployed automatically via smart groups
28# Version 2.91: 24-01-2013 - Added time zone setting for incorrect clock on first boot.
29# Version 2.92: 06-02-2013 - Removed spaces from department names.
30# Version 2.93: 22-03-2013 - Added ARD enable for remote imaging purposes.
31# Version 2.94: 28-03-2013 - Added the deletion of Adobe SpeedGrade symbolic link to fix inventory issues.
32# Version 2.95: 20-05-2013 - Moved uadmin account creation to start of script along with addition to allowed SSH users list.
33
34# Version 3.0 : 12-06-2013 - Initial Deploy version. Removed menu. Hard code building for Self Service deploy later.
35# Version 3.01: 12-06-2013 - Added final recon to keep inventory correct
36# Version 3.02: 12-08-2013 - Recording current imaging time to file for extension attribute
37# Version 3.03: 18-10-2013 - Modification to re-enroll section that checks if the "jamf manage" stuff left by Imaging has finished
38# Version 3.04: 29-01-2014 - Modified to set UAL energy saving settings before script finish, and to force curl install to use option "-3"
39#                            This option forces the use of SSLv3. It only needs to be present on Casper sshadmin management account.
40# Version 3.05: 07-02-2014 - Records last update time after performing the update
41# Version 3.1 : 04-03-2014 - Work by j.durler@arts.ac.uk and myself to detect if computer inventory building/dept settings are present.
42#                            If they are, auto image with correct software. If not, dump into holding group.
43
44# iHook 1.2 - for status display over login window
45# Copyright 2006 - Research Systems Unix Group
46# http://rsug.itd.umich.edu/software/ihook
47
48# Set up the variables we need for future changes
49
50RunLoc="/firstrun"
51AdminPW="xx"
52MacModel=$( ioreg -l | awk '/product-name/ { split($0, line, """); printf("%s
53", line[4]); }' )
54PrefModel=$( defaults read /Library/Preferences/SystemConfiguration/preferences.plist Model )
55errorcode=1
56EnrollLD="/Library/LaunchDaemons/com.jamfsoftware.firstrun.enroll.plist"
57EnrolWait=$(( 8 * 60 ))
58EnrolWaitIncrement=30
59
60# Start iHook progress display and to lock out the user from the mac
61
62/bin/echo %BECOMEKEY
63/bin/echo %WINDOWSIZE MAX
64/bin/echo %WINDOWLEVEL HIGH
65/bin/echo %WINDOWPOSITION CENTER
66/bin/echo %BACKGROUND ./UAL.jpg
67/bin/echo %BACKGROUNDSCALING PROPORTIONALLY
68/bin/echo %BEGINPOLE
69/bin/echo %SHOWTIMER
70/bin/echo %0 Preparing to start OS X Software Deployment
71
72# Set System Timezone to avoid clock sync issues and record imaging time.
73
74systemsetup -settimezone Europe/London
75systemsetup -setusingnetworktime on
76systemsetup -setnetworktimeserver timeserver.com
77/usr/sbin/ntpd -g -q
78
79/bin/echo %TITLE "UAL Software Deployment - Started at" $( date )
80
81/bin/echo $AdminPW | sudo -S touch /usr/lastimaged
82/bin/echo $AdminPW | sudo -S echo "`date`" > /usr/lastimaged
83
84/bin/echo %6 Detecting current building/department groups
85
86# Set up variables for building/department autodetect and processing
87
88ethernet=$(ifconfig en0|grep ether|awk '{ print $2; }')
89apiurl=`/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url`
90apiuser="xx"
91apipass="xx"
92cmd="curl --silent --user ${apiuser}:${apipass} --request GET ${apiurl}JSSResource/computers/macaddress/${ethernet//:/.}"
93hostinfo=$( ${cmd} )
94building=$( echo $hostinfo | xpath '//computer/location/building' )
95department=$( echo $hostinfo | xpath '//computer/location/department' )
96
97# Hide users under UID 500 and create uadmin account here if it doesn't already exist
98
99/bin/echo %12 Creating admin account
100
101defaults write /Library/Preferences/com.apple.loginwindow.plist Hide500Users -bool YES
102
103if id -u uadmin >/dev/null 2>&1; then
104    echo "admin already exists. Skipping account creation."
105else
106    jamf createaccount -username uadmin -realname admin -password "$AdminPW" -home /Users/admin -shell /bin/bash -admin
107fi
108
109# Disable iCloud popup.
110
111/bin/echo %18 Disabling iCloud pop up on first login
112mv -f -v /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher /System/Library/CoreServices/Setup Assistant.app/Contents/SharedSupport/MiniLauncher.backup
113
114# Enable ARD for remote access for all users.
115
116/bin/echo %24 Enabling Apple Remote Desktop access
117
118/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -restart -agent -privs -all 
119
120# Make sure the computer has enrolled
121
122/bin/echo %30 Enrolling computer in JSS
123
124echo "Checking to see if JAMF enroll.sh is still running"
125
126while [ -e "$EnrollLD" ]; do
127    if [ $EnrolWait -le 0 ]; then
128        echo "Reached wait timeout of ${EnrolWait} seconds!"
129        break
130    fi
131
132    echo "Still not complete. Waiting another ${EnrolWaitIncrement} seconds..."
133    sleep $EnrolWaitIncrement 
134    (( EnrolWait -= $EnrolWaitIncrement ))
135done    
136
137# Set up error trapping function for multiple jamf binary processes
138
139function multiplejamf {
140    # Check to see if jamf binary is running, and wait for it to finish.
141    # Trying to avoid multiple triggers running at once at the expense of time taken.
142    # There are two existing jamf processes running at all times. More than that is bad for us!
143
144    TEST=$( pgrep jamf | wc -l )
145
146    while [ $TEST -gt 2 ]
147    do
148        /bin/echo Waiting for existing jamf processes to finish ...
149        sleep 3
150        TEST=$( pgrep jamf | wc -l )
151    done
152}
153
154# Set energy saving settings to never sleep
155
156/bin/echo %36 Setting Energy Saving Settings for Deployment
157
158/usr/bin/pmset -a displaysleep 0
159/usr/bin/pmset -a disksleep 0
160/usr/bin/pmset -a sleep 0
161
162# Fix the incorrect model name in /Library/Preferences/SystemConfiguration/preferences.plist
163# Also make sure the .plist is in the correct format
164
165/bin/echo %42 Setting correct network details
166
167if [[ "$PrefModel" != "$MacModel" ]];
168then
169  /bin/echo $AdminPW | sudo -S defaults write /Library/Preferences/SystemConfiguration/preferences.plist Model $MacModel
170  /bin/echo $AdminPW | sudo -S plutil -convert xml1 /Library/Preferences/SystemConfiguration/preferences.plist
171fi
172
173# Fix the incorrect network service names
174# Script lovingly stolen from https://jamfnation.jamfsoftware.com/discussion.html?id=3422
175
176# Detect new network hardware
177networksetup -detectnewhardware
178
179# List all network services and read one by one
180networksetup -listallnetworkservices | tail -n +2 | while read service
181do
182
183# Remove asterisk from string for renaming disabled services
184    service=${service#**}
185
186# Use filter to select next line which has the hardware port defined
187    filter=false
188
189# Display network services
190    networksetup -listnetworkserviceorder | while read serviceorder
191    do
192        if [[ ${filter} == true ]]
193        then
194            # Grab hardware port
195            hardwareport=`echo ${serviceorder} | sed -e 's/(Hardware Port: //;s/, Device:.*//'`
196
197            # Check if service name if different
198            if [[ ${service} != ${hardwareport} ]]
199            then
200                # Rename the network service
201                networksetup -renamenetworkservice "${service}" "${hardwareport}"
202                echo -e "Renamed network service "${service}" to "${hardwareport}""
203            fi
204        fi
205
206        if [[ ${serviceorder} == *${service} ]]
207        then        
208            # Got the line with the service. Set the filter to true to grab the next line which contains the hardware port
209            filter=true
210            else
211            filter=false
212        fi
213    done
214done
215
216# JAMF imaging should have set the machine name correctly. Let's make sure hostname is also set properly
217
218setName=`networksetup -getcomputername`
219scutil --set ComputerName ${setName}
220scutil --set LocalHostName ${setName}
221scutil --set HostName ${setName}
222
223# Enable Assistive Device Access
224
225/bin/echo %48 Enable Assistive Device Access
226
227/usr/bin/touch /private/var/db/.AccessibilityAPIEnabled
228
229# Enable AD authenticated printing
230
231/bin/echo %54 Enable AD authenticated printing
232
233/usr/sbin/cupsctl DefaultAuthType=Negotiate
234pause 5
235
236/bin/echo %60 Installing Department Specific Software
237
238# Based on info obtained from JSS at start of script, detect if the building or department is set.
239# If not set or incorrect, give it the holding group. Reset the building variable to stop it installing EVERYTHING!
240
241if [ "$department" = "<department />" ] || [ "$building" = "<building />" ]
242then
243    multiplejamf    
244    jamf recon -building InitialDeployment
245    multiplejamf
246    jamf recon -department InitialDeployment    
247    building="InitialDeployment"
248fi
249
250# Process building/department variables to remove XML tags. Sorry for the terse bash but it worked. Eventually.
251
252building=${building##*<building>}
253building=${building%%</building>*}
254
255department=${department##*<department>}
256department=${department%%</department>*}
257
258# If the building is correct (and it should be), install the proper departments policy load out.
259
260case $building in
261    building1|building2|building3|Unmanaged)
262        multiplejamf
263        jamf policy -trigger $department -verbose
264        multiplejamf
265        jamf recon
266    ;;
267esac
268
269/bin/echo %66 Installing Initial Software
270
271# This will install University wide software and policies (and CS6)
272
273multiplejamf    
274    jamf policy -trigger SoftwareInstall -verbose
275multiplejamf
276    jamf recon
277multiplejamf
278    jamf policy -trigger AdobeCSInstall1 -verbose
279    rm /Applications/Adobe SpeedGrade CS6/Adobe SpeedGrade CS6.app/Contents/MacOS/Adobe SpeedGrade CS6.app
280    jamf recon
281multiplejamf
282    jamf policy -trigger AdobeCSInstall2 -verbose
283
284/bin/echo %72 Installing Updates
285
286multiplejamf
287    jamf policy -trigger UALUpdatePolicy -verbose
288multiplejamf
289    jamf recon
290
291/bin/echo $AdminPW | sudo -S touch /usr/lastupdated
292/bin/echo $AdminPW | sudo -S echo "`date`" > /usr/lastupdated
293
294/bin/echo %78 Installing MCX Settings
295
296multiplejamf
297jamf mcx
298
299# Final recon to make sure Inventory is up to date.
300
301/bin/echo %84 Updating computer inventory record
302multiplejamf
303    jamf recon
304
305# Cleanup on aisle three!
306
307/bin/echo %90 Setting UAL Energy Saving settings
308
309/usr/bin/pmset -a displaysleep 30
310/usr/bin/pmset -a disksleep 0
311/usr/bin/pmset -a sleep 0
312/usr/bin/pmset -a womp 1
313/usr/bin/pmset -a ring 0
314/usr/bin/pmset -a autorestart 1
315/usr/bin/pmset -a powerbutton 0
316
317/bin/echo %96 Final cleanup of files
318
319rm -f /Library/LaunchAgents/com.ual.casperfirstrun.plist
320rm -rf /firstrun
321
322# Shutdown iHook and the computer
323
324/bin/echo %100 Complete! Mac will now restart in 10 seconds
325/bin/sleep 10
326/bin/echo echo %ENDPOLE
327
328/bin/echo $AdminPW | sudo -S /sbin/shutdown -r now
329
330exit 0

So what all this gets you is a first run script where unless your computer has an existing correct inventory record, it'll install base configuration and place it in a holding group. Self Service policies finish the configuration. If the computer has already been set up, the reimaging process becomes completely automatic.

Obviously this requires a lot of policy configuration to work as well.

Looks very good...I'm gonna try to keep from having to reconfigure everything, but using the part I had before, the script called properly, but hung about midway at the second echo line I added to your script. I added about 3 or 4 more echo lines to see how far I get this time. I am going to study your script and learn man.

One of the reasons, I don't do things more the style you are doing them is that we operate in a modular imaging model (not thin, because i have to regularly refresh labs and what not). I could do thin imaging the first time but I don't want to have to send a tech later to boot all the Macs to Recovery partition and reinstall the OS and kick off a QuickAdd.

I am going to study and learn for sure. In the meantime, I added more echo lines to the script you had provided before and see where I get.

I found myself wondering while reading your script what the $AdminPW variables were being used for as I didn't see them declared. (Of course that is not something you would declare on a public forum, but is it something I have to declare in the script somewhere?).

No worries ;) The change log shows how long i've been working on it.

Rather than clog up this thread anymore, my email address is in the script. Shoot me an email and i'll discuss.