Upgrade to High Sierra and APFS or Stay at Sierra

dmichels
Contributor II

I am at a community college and this time of year, I work on my image for rolling out in the summer. For the first time in a long time, I am struggling with what to do. Since I can no longer create and push out a Base Image with High Sierra. I would have to install High Sierra on all iMac Intel (Retina 4k, 21.5-Inch, Late 2015). I think my hardware is new enough to handle High Sierra and APFS, but is it worth it? Do I just stay at Sierra for another year? All of my iMacs are in DEP.

If I do go to High Sierra, do I then convert to APFS as well? Or do I go High Sierra and stay with HFS?

What is my workflow for High Sierra? Do I image with JAMF Pro?

Any suggestions or ideas for this, are greatly appreciated.

7 REPLIES 7

georgecm12
Contributor III

The workflow question is very much a "yet to be determined." For .edu with labs and classrooms, DEP is only a partial answer - there are definitely missing pieces that we desperately need to return to a zero touch deployment.

(For one, I believe we really need an "Auto Advance through Setup Assistant" option for macOS, similar to what is offered currently in tvOS. Otherwise, we'll still need to have a tech visit every machine to advance them through Setup Assistant until DEP kicks in.)

That said, I don't think we can avoid going to High Sierra. As demonstrated by Apple's response to Spectre/Meltdown, Apple seems to believe that everyone can and should be running the most current version of the OS. (Yes, they eventually released patches for Sierra and ElCap, but from what I've heard, it may have taken some serious convincing of Apple Enterprise of why people are still running an older OS version before they were willing to commit the resources to release the patches.)

There have been a few threads that have suggested a few work-around strategies, one of which, IIRC, was a base image of Sierra, then an immediate update to High Sierra. You might give some of these a try and see if they can possibly work... then hope that Apple recognizes that we in .edu need some serious help here finding a suitable replacement for imaging.

On that matter - what would people suggest is the best way to get Apple to hear and respond to these issues? We have no contact to speak of with anyone at Apple other than our inside sales rep. We used to have periodic presentations from our regional sales rep, but haven't even had those for several years. I don't even know who our sales engineer might be, if we even have one anymore.

coev
New Contributor III

If you are upgrading existing inventory that contains an SSD you can run the High Sierra installer using the /Applications/Install macOS High Sierra.app/Contents/Resources/startosinstall --converttoapfs NO command. If the iMac has a Fusion or spinning drive it will not convert to APFS automatically. You can capture an image of 10.13 if it is HFS+ and deploy that image. I do not currently image in our environment with JAMF, but it should be usable with the HFS+ 10.13.

Apple is deprecating monolithic imaging, just not sure if that will be official in 10.14

georgecm12
Contributor III

@coev Apple has said that deploying an image of 10.13 is non-supported, because machines won't get the appropriate firmware updates when deployed in that manner.

coev
New Contributor III

When you install a machine with APFS, it is downloading a firmware package that is the key component to blocking the imaging process. I am all for modular imaging workflows, but our fleet is in a rental environment. Our environment is in need of a zero touch solution to bring the machines to a clean base state without re-installing the OS every time. There are allot of deeper issues/challenges with the way Apple is implementing this process and we are along for the ride.

McLeanSchool
New Contributor III

@coeve Not only that, but watch them come out with a solution after the school year begins so it's too late to implement. Apple has done a horrible job with MDM so far.

jmahlman
Valued Contributor

We've decided to stay on Sierra until a real solution comes out. DEP isn't the answer for labs, I'm sorry.

Jamf and/or Apple need to comment on this and give us a bone here.

dgreening
Valued Contributor II

From what I can tell from my extensive conversations with AppleCare, Apple is not intending to throw us any bones here. It is DEP plus touch, or touch-touch-touch-touch. "Zero-touch" seems to mean "make the users touch it. hands off IT!". Very iOSlike...