6 Replies Latest reply on Aug 17, 2011 3:05 AM by Richard Carpenter

    OSX Imaging

      I was wondering if anyone else has solved this issue. I create deploystudio images for OSX at my job, in the past we've used symantec products with no issue however since we switched to McAfee we have not been able to capture and deploy a working image with McAfee intact. It states that the product is out of date and a new version will need to be installed on the system. Does anyone know how to prep an install for imaging multiple systems?

        • 1. Re: OSX Imaging

          Hi, I install McAfee Security as part of the DeployStudio build. However it's not installed on the base OS image.

           

          In the deployment workflow I have the task to deploy the image then an Install Task that installs the McAfee Security mpkg (amongst other things).  (If you're using ePO you'll also need to wrap the Agent install.sh script in a standard PKG and have DeployStudio install that too). I realise it's not quite the answer you're looking for but I've found it to be a reliable method to install McAfee when building machines.

          • 2. Re: OSX Imaging

            Just out of curiosity, do you ship machines with user profiles already created or "sysprepped"? I delete all traces of users and remove the .applesetupdone flag so when the user recieves it it's like a new system. Do you know if this would this affect the install?

            • 3. Re: OSX Imaging

              The images I deploy have been made with InstaDMG ( http://code.google.com/p/instadmg/ ). It builds images that have never been booted so there's nothing user or machine specific in them. All the software is installed after the imaging with DeployStudio. Also we bind our Macs to AD so the user account is created when they first login.

              • 4. Re: OSX Imaging

                Gotcha, I use to use instadmg but found it unneccessary for the images I created. It just added to the complexity needlessly. It's good to know that McAfee does install correctly without user profiles, when you install it through the workflow do you launch the mpkg itself or is it scripted? If it's a script would you mind sharing an example of it with me? Thanks for your input.

                • 5. Re: OSX Imaging

                  For McAfee Security I just install the mpkg itself.

                   

                  After that I install the McAfee Agent. I decided to wrap the install.sh from the ePO server in a PKG which "installs" the script to /tmp. The PKG has a simple postflight script that runs install.sh in upgrade mode.

                   

                  #!/bin/bash

                  targetVolume=$3

                  ${targetVolume}/private/tmp/install.sh -u

                   

                  There are surely other ways to run the agent install script but this method has been reliable so far.

                   

                  Also, in DeployStudio both of these are set as postponed installs so they get installed when the machine first boots.

                  • 6. Re: OSX Imaging
                    Richard Carpenter

                    We are using Munki to do all our enterprise deployment once the device has been imaged with Deploystudio.  We opted for this method rather than including the install in the deploystudio process.  We only use deploystudio to restore the base image.

                     

                    We have setup Munki (http://code.google.com/p/munki/) to install the base dmg file and use a post flight script to convert the install from unmanaged to managed as described on page 24 of the product documnetation.

                     

                    This works very well for use and enables us to upgarde the software installation without the need to edit the deploystudio image or workflow.

                     

                    Regards

                     

                    Rich