Jamf Nation Community

AHolmdahl · ‎01-02-2018

Hi,
we wanted to speed up the DEP + Prestage Enrolment during the testing phase.
Previously we had to reboot into macOS recovery, re-format the drive, download the macOS and install the OS. Using the new process we cut down our DEP process time from 35 minutes to 5 minutes.

The expanded Time Machine built into macOS 10.13 High Sierra has a new ability.
You can make a local backup on the local drive using a command in the terminal.

Update
Apparently a manually created Time Machine local snapshot expires after a 24 hours according to Apple.
However we still find this method useful for initial testing purposes where we DEP our testMac 10+ times a day.

More info on local snaphots : maclovin ... and here developer.apple.com

The process is as follows:
( an external bootable macOS 10.13 drive is needed )

Boot into macOS recovery ( Option-Command-R )
(Re)format the drive using Disk Utility.
Install a new macOS 10.13
After reboot, before performing any additional setup - shut down the computer.
Connect the external bootable macOS 10.13 drive
Start with option key and boot onto the external drive.
Open up a terminal window and type tmutil localsnapshot
Shut down the computer and disconnect the external drive
Boot into macOS recovery.
Choose "Restore from Time Machine Backup"
Select the local disk as Backup Source.
Select the local snapshot you just created in step 7 and reboot. DONE!

You can now perform the DEP and PreStage Enrollment , testing all the JAMF packages and so on.
When you want to start over with a clean macOS - just perform steps 9 - 12.

This save us hours of test deployment each day.

Any thoughts?

rskolden · ‎01-02-2018

Maybe as an alternative, this is what I run on my VMs when testing DEP:

sudo mv /var/log/system.log{,.bak} sudo rm /var/db/.AppleSetupDone sudo rm -r /var/db/ConfigurationProfiles sudo rm /Library/Keychains/apsd.keychain sudo touch /var/db/MDM_EnableDebug sudo touch /var/db/MDM_CKSupportRequestsFromDaemon sudo shutdown -r now

Makes the DEP trigger again.

Nix4Life · ‎01-02-2018

@AHolmdahl and @rskolden . Glad to see others also working on this. I'm in the process of testing a similar workflow. I bootstrap with iMagr, then to DEP. As part of the workflow I install a first-login script via outset that creates the snapshot, then self destructs. Working well so far. Keep up the good work!!!

dpertschi · ‎01-02-2018

Because there are 5 ways to do everything…

To test on real hardware I partitioned a tMBP in two (one for admin and one to test with) and created a base OS with AutoDMG. I can restore the dmg to the test partition in 55 seconds from asr command line. Nice!

With that; I can restore, boot and test DEP workflow, destroy it, re-image, re-test all day long with very little hassle.

guidotti · ‎01-02-2018

@dpertschi so DEP doesn't care that you are using two different installs on the same machine?
In other words, you just ignore any DEP prompt when you boot the admin partition?

AHolmdahl · ‎01-02-2018

@rskolden Good to know, I might try that out of curiosity.
What we needed was a clean computer - no leftovers from previous installed packages or programs.
Thats why we wiped the drive.

AHolmdahl · ‎01-02-2018

@dpertschi @guidotti I am also curious how DEP behaves with two different installs.

dpertschi · ‎01-03-2018

@guidotti @AHolmdahl I don't get any DEP nags on my admin partition OS, presumably because it's run through once already.

AHolmdahl · ‎01-03-2018

Update
Apparently a manually created Time Machine local snapshot expires after a 24 hours according to Apple, more info here : support.apple

robertliebsch · ‎01-04-2018

was a neat trick though. i had fun setting it up. I got excited,I wanted to do this to all computers before I enroll so I had a super fast redeploy method.

Nix4Life · ‎01-04-2018

@AHolmdahl

I may still look at moving them or cloning, but that's a low priority

Jamf Nation Community

Speed up DEP + Jamf Prestage Enrolment process (macOS 10.13 High Sierra)