I am in the process of developing workflows for our apple machines (we're a k-12 school)
Using DEP and Casper Policies/Configurations for a brand new Mac is a simple, clean workflow - I love it.
When it comes to taking an existing computer at your institution, and applying the same workflow listed above to it, it becomes a little complex, because as far as I know, Casper Imaging and the DEP workflow are two separate things. So the goal for an existing non-DEP enrolled machine, is to make it look like a brand new machine. As such my workflow currently looks like: (assume machine has already been added into DEP, and scoped to a pre-stage enrollment profile, and the necessary Policies and Configuration Profiles in the JSS)
1. Boot to a Bootable USB drive with Yosemite Installer
2. Use Disk Utility to erase machine's drive
3. Install Yosemite
4. After installation completes, and machine is added to wifi, your are prompted with DEP notification to allow management of device.
5. Device is enrolled, and policies and configuration profiles begin installing.
This works for me, but I was wondering if anyone out there has any other ideas, that might speed up the process of "re-imaging" an existing computer with DEP method for redeployment.
Yep, you simply load the serial number into DEP, and it passes it through to your JSS. It generally works for computers less than 3 yrs old, purchased with the same Customer ID associated with Your DEP Account.
You don't need to use the Yosemite installer. You could create a base OS image with AutoDMG and apply that to the computer and just boot up (noting but OS updates should be applied to that OS image). Once it boots up it will go through the regular registration steps as you normally would get on a brand new computer. And the DEP portion should kick in at some point so long as the computer has a network connection. Re-imaging in this fashion would take a few minutes as opposed to using the full installer which would take 30 minutes (give or take).
Thanks for the response. How would you install that AutoDMG base image without using Casper Imaging? Same process using USB Stick or target boot drive, but using disk utility / restore disk with USB Drive as Source/Local HD as Destination?
@jaymckay You can either boot up from a USB that has a bootable OS for that hardware or netboot to a bootable OS for that hardware. Alternatively, you can target disk boot that computer that needs to be re-imaged to a computer that has the image you want to apply and just use Disk Utility. You can also look into something like DeployStudio if you want to as well or perhaps script something that you could run so that a computer is easily imaged without having to deal with using Disk Utility manually each time (automate it).
You do bring up a good point though whether intended or not. I don't think Casper Imaging has a mode that lets you apply an image and packages without installing the jamf binary/components. Because the point of DEP is that it should pull those jamf components automatically on its own. Perhaps a feature request for a DEP mode that just applies the OS on a computer without the jamf components would be useful so you can still use Casper Imaging. If you think that would be beneficial, I'd recommend creating a request for it.
@bpavlov You hit the nail right on the head. That's the feature I'm looking for. I'd prefer to stick with netbooting as we have in the past, for re-deployments. Thanks for the thoughtful response.
I'll put in such a feature request (I haven't actually done one before, but it's never to late to start)
@bpavlov Just wanted to shoot over a note, that I tested the AutoDMG image, and used the Target Boot method over Thunderbolt, and restored this image over the existing one. It took 3-4 minutes.. I turned the target booted machine back on, and poof - right at the setup screen, and DEP registration went through perfectly.
Thanks for the suggestion - I hope this helps others as well!