As part of a project to assess the deployment options for National Instruments’ LabVIEW 2013 Pro, I was asked to see if I could deploy it through Casper’s Self Service. After some work, I was able to repackage the installer in a way that deploys smoothly. In the process, I saw a number of ways that this particular installer went against The Commandments of Packaging. See below the jump for details.
As part of a domain migration project, I was recently tasked with figuring out a way to handle migrating the Macs from one AD domain to another. I had the following requirements:
- Unbind the Mac from the old AD domain
- Bind the Mac to the new AD domain
- Migrate the user’s data from the old AD domain to the new AD domain
Preferably, it would be a procedure that anybody could use. That way, anyone on the team could be perform the migration process regardless of their personal skill level with Macs.
I had a pre-existing interactive script that I could modify and use to fulfill requirement 3, but I needed a way to fulfill requirements 1 and 2.
With some help from DeployStudio, I was able to develop an unbind / rebind procedure that fulfilled requirements 1 and 2. It also gave me the following features:
- Anyone on our helpdesk team could do it, regardless of familiarity with Macs or Active Directory.
- Potential for human error was minimized
- Reboots (generally a good idea when making directory service changes) were a built-in part of the migration process.
For details, see below the jump.
A while ago, I needed to script a method for binding Macs running 10.6.x and later to our Linux-based OpenLDAP server. Recently, we needed to move our OpenLDAP domain to a different OpenLDAP domain as part of a larger directory service migration project. A small part of that project was moving the LDAP-bound Macs to the new LDAP domain, preferably with as little disruption as possible.
One enormous advantage I had with this LDAP move was the following:
All UIDs, GIDs, usernames, passwords and group names were going to be identical between the two LDAP domains.
As a consequence, I would not need to do any permissions changes, rebuild accounts, make sure people got new passwords or a host of other things normally associated with a directory service change. My task was essentially to tell the Macs “Stop talking to the OpenLDAP service at that address, start talking to this other OpenLDAP service at this address”
As part of the project, I also wanted to accommodate two separate Active Directory domains differently. I wasn’t binding to AD as part of this process, but if a particular Mac was bound to Domain A, I wanted to unbind. If a Mac was bound to Domain B, I didn’t want to unbind but I did want the new LDAP server to be the primary authentication source.
Using my previous OpenLDAP binding script as a starting point, I was able to build a script to handle moving our Macs without downtime or account changes. See below the jump for details.
Apple has released Xcode 5.0.2 through the Mac App Store for all Macs running 10.8.4 and higher. While the command line tools for Mavericks are now included with Xcode, the command line tools for Mountain Lion can be installed separately through the Xcode preferences, in the Downloads section.
For my users who are developers, Xcode is part of their their new machine builds. I wanted to include Xcode 5.0.2 and also, where appropriate, install the command line tools automatically without needing to enter an Apple ID. With a little help from the Mac App Store, I was able to do this using Packages. See below the jump for the details.
One of the challenges that can crop up with deploying software packages can be repackaging packages and metapackages, especially packages that don’t have all of the installer data contained inside themselves. A good example of the latter is iLife ’11, where the installer package is small and instead acts as a master conductor to install other packages.
Another issue are applications that require multiple installs to get fully up to date. An example here would be Microsoft Office 2011, which has an installer that will install a full version of Office 2011 but then additional installer packages must be installed to get Office fully updated and patched.
To address this, you can use Packages‘ ability to add resources to a Packages-built package. See below the jump for an an example using an Office 2011 SP 3 installer package and the Office 2011 14.3.8 Update to build a unified Office 2011 SP 3 14.3.8 installer package.
I’ve updated the FileVault 2 status check scripts so that they’re now able to correctly handle Macs running Mavericks. The scripts should now report accurately on the FileVault 2 status of Macs running 10.7.x – 10.9.x.
The changes are now available as part of my regular script. They have also been rolled into both the Casper Extension Attribute and the Absolute Manage Custom Info Item scripts. Use them in good health and please let me know if you find any problems with them.
Starting in 10.7.2, Apple set the iCloud sign-in to pop up on the first login.
10.7.5 iCloud pop-up message
10.8.5 iCloud pop-up message
10.9.0 iCloud pop-up message
Since having this appear may not be desirable in all Mac environments, it makes sense to be able to turn this off for new user accounts. As part of preparing for Mavericks in my own shop, I’ve developed a script that should disable the iCloud pop-up on 10.7.2 – 10.9.0. See below the jump for the details.
Mavericks desktop background picture settings moved from ~/Library/Preferences/com.apple.desktop.plist
While I was preparing for Mavericks’ release, I ran across little details that had changed between Mountain Lion and Mavericks. One such detail is that the desktop background picture settings have moved.
In Mountain Lion, they were stored in the following location:
In Mavericks, the settings have been moved to a SQLite database at the following location:
Removing desktoppicture.db causes the desktop picture to reset to whatever image is stored as /System/Library/CoreServices/DefaultDesktop.jpg
Fortunately, there are still ways to manage the desktop background picture if that’s needed. For the details, see below the jump.
Apple has released Xcode 5.0.1 through the Mac App Store for all Macs running 10.8.4 and higher. The command line tools can be installed separately through the Xcode preferences, in the Downloads section.
For my users who are developers, I wanted to include Xcode 5.0.1 in their new machine builds and also install the command line tools automatically without needing to enter an Apple ID. I also wanted to build this installer as a flat package, so I’m shifting from my previous method using Iceberg to using Packages to build the installer package. With a little help from the Mac App Store, I was able to do this. See below the jump for the details.
I’ve updated the create_vmware_osx_install_dmg.sh script that I had previously posted about here. The script now includes support for Mavericks, so the script can now be run on 10.7 – 10.9 to create custom OS X 10.7.x, 10.8.x and 10.9.x installers for VMware Fusion and VMware ESXi. See below the jump for the details.