Skip to main content

Mac OS X "SOE" Day 7 (continued)

Considering switching from ADMitMac to Native AD plugin for some users.

#* Bind AD using built-in AD Plugin
#+ Unbind
logger "POSTBUILD PHASE : Unbind Native AD."
sudo /usr/sbin/dsconfigad -remove -u ${USERNAME} -p ${PASSWORD} -force
#+ Bind
logger "POSTBUILD PHASE : Bind ${workstation} to ${OU}"
sudo /usr/sbin/dsconfigad -f -a ${workstation} -domain ${DOMAIN}.COM -u ${USERNAME} -p ${PASSWORD} -ou ${OU}
#+ Configure
logger "POSTBUILD PHASE : Configure Native AD."
sudo /usr/bin/dscl /Search -create / SearchPolicy CSPSearchPath
sudo /usr/bin/dscl /Search -append / CSPSearchPath "/Active Directory/${DOMAIN}/All Domains"
sudo /usr/bin/dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
sudo /usr/bin/dscl /Search/Contacts -append / CSPSearchPath "/Active Directory/${DOMAIN}/All Domains"
sudo /usr/sbin/dsconfigad ${options}
sudo /usr/sbin/dsconfigad -groups "${groups}"
if [ "${preferreddc}" != "" ]; then
 logger "POSTBUILD PHASE : Native AD Preferred DC ${preferreddc}"
 sudo /usr/sbin/dsconfigad -preferred $preferreddc
fi

Changed this up, modified the search paths to remove the /All Domains path. The "Network Accounts Unavailable" bubble now lasts only 5 seconds instead of 15 seconds.

#* Bind AD using built-in AD Plugin
#+ Unbind
logger "POSTBUILD PHASE : Unbind Native AD."
sudo /usr/sbin/dsconfigad -remove -u ${USERNAME} -p ${PASSWORD} -force
#+ Bind
logger "POSTBUILD PHASE : Bind ${workstation} to ${OU}"
sudo /usr/sbin/dsconfigad -f -a ${workstation} -domain ${DOMAIN}.COM -u ${USERNAME} -p ${PASSWORD} -ou ${OU}
#+ Configure
logger "POSTBUILD PHASE : Configure Native AD."
sudo /usr/bin/dscl /Search -create / SearchPolicy CSPSearchPath
sudo /usr/bin/dscl /Search -append / CSPSearchPath "/Active Directory/${DOMAIN}"
sudo /usr/bin/dscl /Search/Contacts -create / SearchPolicy CSPSearchPath
sudo /usr/bin/dscl /Search/Contacts -append / CSPSearchPath "/Active Directory/${DOMAIN}"
sudo /usr/sbin/dsconfigad ${options}
sudo /usr/sbin/dsconfigad -groups "${groups}"
if [ "${preferreddc}" != "" ]; then
 logger "POSTBUILD PHASE : Native AD Preferred DC ${preferreddc}"
 sudo /usr/sbin/dsconfigad -preferred $preferreddc
fi

Popular posts from this blog

Mac OS X "SOE" Day 7

Page Redirection> continued from day 6...

In summary, here is my method for creating a Mac OS X 10.7.3 Standard Operating Environment "SOE" Image.


Overview The goal is to create a "MASTER" non-booted SOE that can be used with multiple models and it multiple sites with different local requirements.

My intention is to use this "MASTER" image in a manual restore procedure due to the fact netboot facilities cannot be made available to all the sites I support however the DMG files are netboot compatible.

RequirementsLion Recovery Disk Assistant v1.0"TARGET" workstation. A compatible workstation that will be used to install Mac OS X 10.7.3 and capture a DMG image(s)."ADMIN" workstation. A workstation with Disk Utility that you will use to capture your DMG image(s).External storage such as a USB HARD DISK. SetupDownloaded the Lion Recovery Disk Assistant v1.0 and followed the instructions to setup an external Recovery D…

Mac OS X "SOE" Day 6

Page Redirection> continued from day 5...

Continuing on from the "firstboot" phase setup we need to script our "localiser" options.

I previously set my build phase to autologin and run the firstboot script, the localiser phase essentially sits there and waits for you to run it.

In my case I have an applescript GUI wrapper that requests some info to use in the localisation. I request a TAG number which is an organisational internal number and I also request a user name that will be set as the OWNER.

NOTE : I ordered these specifically...not just because it makes sense logically but also technically. For example, setting the Language actually zaps a plist file (.GlobalPreferences) which you need to write to for Locale and Country info.

This stuff is going to be totally dependant on your environment, as an example here is what I do.

So what's the minimum we need in the "localiser" phase? Depends on how many sites you support, I support over 50 si…