How To: Use fstab within a Casper Imaging workflow

Standard

For my future deployments, i’ve decided to partition my managed Macs HD’s with 33% for the OS (which i’ve kept as being called Macintosh HD) & the remaining 67% as User data (which i’ve labelled Users HD).

To do this i’ve been using fstab to mount the “Users HD” partition to /Users. Below is how i achieve this, hope it helps.

Continue reading

How To: Silently Setup VPN on 10.6 & 10.7

Standard

The below is hugely plagarised  from a script posted by Mark Bolwell to the Mac Enterprise list.

I use a version of the below in my Casper Imaging workflow to configure the a VPN Cisco IPSec network connection. As i run it at Imaging time i’ve added some logic so it only runs on MacBook models (which you may wish to remove).

The difference for using the below to the other versions i’ve seems is that this method can be ran “silently” with no GUI interaction. As such it can be leveraged to be used with Self-Service. Continue reading

How To: Turn off Wireless Card

Standard

We run the following on all macs with a wireless card as a offline policy via Casper at logout.

This script will:

  1. Enable the wireless service if it’s not been enabled.
  2. Clear any set DNS servers & search domains (can be turned off for 10.4, reasoning is that 10.5+ can receive DNS from DHCP)
  3. Turns off the wireless card.

The script itself has been built from a few scripts contained within Caspers Resource Kit & then modified for 10.7+ by myself.

How To: Map Drives & Printers Based On AD Group Membership On OSX

Standard

UPDATE: Now works with Lion as it reads the correct node name as seen in Directory Utility.

Having recently started a new role, I needed a mechanism for my Mac users to map drives & printers at login.

Script Logic’s Desktop Authority is used by my new employs PC Admins to mount drives & printers on the PC Clients.

This is using AD Security Groups to map both drives & printers &  I decided to follow this methodology for the Mac clients. Continue reading

Managing Apple Software Update Server Across Multiple Servers 10.5/10.6/10.7

Standard

UPDATE: For 10.8+ see: Managing Apple Software Update Server Across Multiple Servers 10.8+.

An internal Apple Software Update Server (ASUS) allows administrators to control what software updates client computers download etc.. more information about this service can be found here.

This all works great, but the initial setup requires you to manually tick each update to enable it to be downloaded.

This can be a bit of a pain especially when managing mulitple servers.

The following post advises on how to setup a Master ASUS with other servers Replicating the enabled updates. Saving the Admin time when setting up new servers & allowing central management.

Apple has a support document on this here & there is also a post from Apple discussions that advises how to setup a 10.5 ASUS to serve 10.6 updates here. Continue reading

How To: Script Generating a Kerberos Ticket Granting Ticket (TGT) during an Active Directory user’s initial login

Standard

I had this issue with a drive mapping app i create not mapping drives at initial login for AD accounts (this app will be discussed in another post shortly).

The Apple KB with the same title as this post advises how to fix, but if you wish to script it do the following:

WARNING: TEST, TEST, TEST THIS. ADDING A EXTRA CHARACTER CAN LEAD TO YOUR MAC BEING STUCK IN A LOGIN LOOP. THE BELOW SHOULD BE ENTERED ON 2 LINES