sysprep for mac osx

The IT industry is changing. Where many of us historically dealt almost exclusively with Windows-centric environments, we are now seeing environments with more and more Mac’s. Which means as system admins we now need to look at ways to streamline Mac imaging like we do with Windows. Although Mac’s are not nearly as finicky when it comes to capturing images and redeploying to other Mac’s that doesn’t mean we shouldn’t prepare our systems so that we are capturing the cleanest image possible. In Windows terminology we refer to this as “sysprep” so for the purpose of the how-to we will use the tem “sysprep for Mac” although it is not a tool provided by Microsoft such as Sysprep is.

What do I mean? In Windows there’s a set of tools available that lets you build a reference computer with all the latest updates, pre-installed drivers, software, and your own configurations. Then using Sysprep.exe you strip out all the bits that make it a unique computer such as user profiles and their associated passwords, unique computer identifiers, and so on. At the end of this you have a clean install of Windows that you can take an image of and deploy to other computers. The first time you boot on a new computer it goes through some basic setup stuff and away you go. We’ve got several articles at on that process, but let’s take a look at the “Sysprep for Mac” process:


Create a default install of Mac OS When you get to the Welcome screens set up an account called ADMIN. Don’t forget to setup a temporary password for this account.

  1. Install System Updates
  2. Install Company Required Software
  3. Create a New User Add a new user called DEFAULT. Make sure they’re an Administrator for the system. As with your other user account, set a simple password for this user.
  4. Configure the User Account, Restart, and log into DEFAULT.
  5. Go through System Preferences and set everything the way you want it.
  6. Start each program, particularly if they’ve been downloaded from the Internet, and make sure the startup normally and with no warnings.

System Cleanup

  1. Clear caches on the DEFAULT account – using Finder go to

    and delete the contents. Make sure you empty the Trash.

  2. Run Keychain Access (Applications/Utilities), select “login” and delete (from File menu).
  3. Clear histories (Apple symbol -> Recent Items -> Clear Menu).

Set Up System-wide Default User Account

  1. Restart the computer and log in as ADMIN.
  2. Run Terminal (Applications/Utilities) and type “sudo -s” and enter your password for ADMIN when prompted.
  3. Clear out the existing system-wide default account:
     rm -rf /System/Library/User Template/English.lproj/* 

    NOTE: Sometimes this doesn’t work as expected and you need to remove each individual sub-folder separately, check that English.lproj is empty after this step and delete anything left as needed.

  4. Copy your new default account to the system default account:
    cp -R /Users/DEFAULT/* /System/Library/User Template/English.lproj

    NOTE: At this point, you’ve now got the start of a system-wide default user profile – this is what gets used every time a new user is created on the system, including the first user when you go through the Apple Welcome process on a new computer.

  5. Type “exit” to get out of the root shell and then close Terminal and reboot the computer.
  6. Log in again as ADMIN.

System Cleanup

  1. Run Disk Utility (Applications/Utilities), select the hard drive and, under the First Aid tab, run “Repair Disk Permissions“. If you got things right to this point you’ll see a whole stack of information where this fixes permissions for the system-wide default user profile you’ve just copied. If you miss this step, permissions issues may get in the way when you create a new user later. Once you’re done, close Disk Utility.
  2. At this point, you can now delete your DEFAULT account. You won’t need it any further.

Optional – Reset Welcome Screen

  1. Run Terminal (Applications/Utilities) and type “sudo -s” and enter your password for ADMIN when prompted.
  2.  rm -rf /var/db/.AppleSetupDone 
  3. delete the usrs accounts
     dscl . delete /users/username 
  4. shutdown -h now

Create Your Disk Image

At this point, you’ve got a computer that’s turned off and is ready to start as a new computer with no existing users but all your configurations and software installs ready to go.


Patch 2823324: Microsoft schrottet Windows

Jeden ersten Dienstag im Monat veröffentlicht Microsoft Patches für seine Produkte, an diesem Dienstag ging etwas schief: Das Sicherheitsupdate mit der Nummer 2823324 kann im schlimmsten Fall den Start des Betriebssystems blockieren.

Laut Microsoft treten die Systemfehler im Zusammenspiel mit dem Patch undThird-Party-Software”, also Programmen von anderen Herstellern auf. Die Folge: Während des Starts von Windows kann ein schwerer Systemfehler den Bootvorgang unterbrechen, die einzige Lösung des Problems ist dann das Wiederherstellen des Systems in einen Zustand ohne den Patch.

Microsoft selbst warnt jedenfalls alle Windows-User vor dem Patch und rät, alle Kunden sollten der Anleitung zur Deinstallation des Patches folgen.

Federal government plans minimum equipment of smartphones with apps

After the copyright levy for smartphones, currently each new touch screen phone and more than 8 GB capacity already 36 Euro is, the Federal Government plans now another intervention in the freedom of the German smartphone users: So are the legal conditions for the pre-installation of so-called standard apps are created on new smartphones by decision in the Bundestag and Bundesrat in an emergency procedure. These apps have been proposed by the mobile-Commission of the German Bundestag and be adopted in the Cabinet.

Each new smartphone, the starting 1. July 2013 goes on sale, is then delivered with Apps, which can not be deleted. "The sales of smartphones in Germany is in 2013 on 28 Million pieces rise ", explains Hubertus von Battental, Mobile Federal Government Commissioner in the Ministry of Economy, "If we want to quickly reach as many citizens, the legislative process must be beschleuningt. "Already have every citizen statistically more than a smartphone, if the government wants to reach out to citizens efficiently and cost-conscious, whether the smartphone better than the mass media so-called, so Battental further.

The then preinstalled apps include a navigation system, because traffic experts have calculated, that the more widespread use of navigation apps on mobile phones contributes significantly to reducing congestion on Germany's roads and so the economic losses of 100 Billion euros per year 37 Percentage may be reduced, if all motorists would use a navigation system with traffic jam avoidance and alternative recommendations.

The date is not too successfully launched at great expense DE-mail will now be spread over the smartphones. In DE-Mail of the German population gets its unique and individual email address, authentication takes place once the purchase of the smartphone and then allows all authorities, handle correspondence only by e-mail about the EN-mail app Smartphone. As expected, the German Post reacted to this proposal with indignation and the postal union speaks of the death knell for the postman. "We can not stop the development", so of Battental, "If Germany does not want to lose the connection technology, we need to modernize the communication with the citizens. "The Taxpayers Association sees more of a federal Trojans on the taxpayers would. Namely, it is also denkabr, that fines and tax- Now the future arrive and fee notices via email when citizens and the authorities in order to post billions in interest income in addition, since the post will be invisible.

The Ministry of Finance has submitted an application in a template, also taxes, levy, Fines and fees can withdraw any type directly on the smartphone usage bill. So one could pay nodules directly at the traffic warden, if you have an existing NFC smartphone. The numerous fees for authorities visit could be paid cash on the mobile phone, which would lead to savings of cash function in the Behören, whereby the state and country and Komunen would significantly reduce financing. It is therefore also negotiated currently with the smartphone manufacturers, extent compulsory Aiusstattung smartphone with NFC chips is enforceable.

Another App, which will be pre-installed on every smartphone, is the governmental App. About this app, its icon will be adorned with the federal eagle, the or the Federal(in) and enter the current Minister directly in contact with the voters and citizens. "Our ministers have learned from the German Chancellor Angela Merkel, that you can use mobile phones to many more, than to make calls just so. Important decisions are already informed of the Chancellor via SMS, sometimes they overshadowed during the plenary sessions and takes such dialogue the solution to current problems. In the future, will the Chancellor now also occur randomly with citizens in contact and interview them about their opinion on upcoming policy decisions.

Another App, the pre-installed with every smartphone will be delivered is the GPS History App, transmitted permanently in the backdrop records the current location of the smartphone user perspective and data encrypted to the Federal Intelligence Service. Use this app to promises the federal government a significant step against terrorism and organized crime. "Those who have nothing to hide, need be because not to worry ", so of Battental at yesterday's press conference in Berlin. The data would be transmitted secured, automatically evaluated and compared with perpetrators motion profiles.

Currently, the tenders for the app developers run. Since the tenders must be held European, one hears in Berlin, that so far no German app developer has received a coveted development contracts. "The developers from Eastern Europe have simply much cheaper", so of Battental conclusion, "But they promise us a good safety