Skip to main content

Mac OS X "SOE" Day 1

Page Redirection Getting Started on this today, goal is to build a set of easily customisable scripts that will allow me to; build a MASTER SOE image (one image that will work for all models), easily update the image.

*** TARGET - a mac that is booted in TARGET DISK mode, also the mac that I am using to capture a DMG image.

Thinking of starting as follows.

1. Boot a TARGET mac from an Apple USB Recovery disk.
2. Install 10.7.3
3. Reboot into TARGET DISK mode.
4. Capture a "vanilla" FMG for use later.
5. Drop a set of scripts onto the TARGET DISK that I can use in single user mode.
6. Boot into single user mode, run the scripts.
7. Reboot into TARGET DISK mode.
8. Capture the standard SOE.

For the scripts I mention in step 5 I am planning to have 3 phases; single user scripts (a.k.a "build" scripts), "first boot" scripts and "localiser" scripts.

"build" scripts (at a minimum);
- enable root, set root password
- create local admin account(s)
- disable registration
- disable setup wizard
- enable ssh access
- disable software update schedule
- enable access for assisted devices
- modify the default prefs in the system user templates
- cleanup redundant files, ie, swap, sleep image, Alex Voices.

"first boot" scripts (primarily used for scripts and settings that can't be run in single user mode);
- Name workstation, HostName, hostname, ComputerName, LocalHostName for identification whilst in localisation phase (renaming to SERIAL-MACADDRESS)
- Energy Saver defaults (so it doesn't go to sleep in the localisation phase).
- Order Network Interfaces
- Disable un-necessary Network Interfaces (Bluetooth, FireWire)
- Disable IPv6 (don't use it yet and can cause some AD binding bugs)
- Disable Airport power (where applicable)
- modify the default prefs in the system user templates where the pref is a byhost (contains a UUID In the file name)
- activate ARD

"localisation" script (at a minimum);
- Name workstation, HostName, hostname, ComputerName, LocalHostName
- Set the language
- Set the "locale"
- Set the country
- Set the keyboard input
- Set the measurement units
- Set the time zone.
- Set the time server
- Set the NIC speed
- Set a LoginHook
- Bind to a directory service
- Setup software deployment/management


Stay tuned...

Popular posts from this blog

Mac OS X "SOE" Day 7

Page Redirection > continued from day 6... In summary, here is my method for creating a Mac OS X 10.7.3 Standard Operating Environment "SOE" Image. Overview The goal is to create a "MASTER" non-booted SOE that can be used with multiple models and it multiple sites with different local requirements. My intention is to use this "MASTER" image in a manual restore procedure due to the fact netboot facilities cannot be made available to all the sites I support however the DMG files are netboot compatible. Requirements Lion Recovery Disk Assistant v1.0 "TARGET" workstation. A compatible workstation that will be used to install Mac OS X 10.7.3 and capture a DMG image(s). "ADMIN" workstation. A workstation with Disk Utility that you will use to capture your DMG image(s). External storage such as a USB HARD DISK. Setup Downloaded the Lion Recovery Disk Assi...

Mac OS X key-based ssh login

To set up key-based SSH, you must generate the keys the two computers will use to establish and validate the identity of each other. To do this run, the following commands in Terminal: Check to see whether a .ssh folder exists in your home directory by running the command ls -ld ~/.ssh. If .ssh is listed in the output, move to step 2. If .ssh is not listed in the output, run mkdir ~/.ssh and continue to step 2. Run: cd ~/.ssh Run: ssh-keygen -b 1024 -t dsa -f id_dsa -P '' This command generates the public and private keys. The -b flag sets the length of the keys to 1,024-bits, -t indicates to use the DSA hashing algorithm, -f sets the file name as id_dsa, and -P '' sets the private key password to be null. The null private key password allows for automated SSH connections. Run: touch authorized_keys2 Run: cat id_dsa.pub >> authorized_keys2 Run: chmod 400 id_dsa The permissions on the private key must be set so that the file is not world readable. Run...

Mac OS X "SOE" Day 6

Page Redirection > continued from day 5... Continuing on from the "firstboot" phase setup we need to script our "localiser" options. I previously set my build phase to autologin and run the firstboot script, the localiser phase essentially sits there and waits for you to run it. In my case I have an applescript GUI wrapper that requests some info to use in the localisation. I request a TAG number which is an organisational internal number and I also request a user name that will be set as the OWNER. NOTE : I ordered these specifically...not just because it makes sense logically but also technically. For example, setting the Language actually zaps a plist file (.GlobalPreferences) which you need to write to for Locale and Country info. This stuff is going to be totally dependant on your environment, as an example here is what I do. So what's the minimum we need in the "localiser" phase? Depends on how many sites you support,...