Mosandl

sysprep for mac osx

by

Thomas Mosandl
in , , ,

The IT industry is changing. Where many of us historically dealt almost exclusively with Windows-centric environments, we are now seeing environments with more and more Mac’s. Which means as system admins we now need to look at ways to streamline Mac imaging like we do with Windows. Although Mac’s are not nearly as finicky when it comes to capturing images and redeploying to other Mac’s that doesn’t mean we shouldn’t prepare our systems so that we are capturing the cleanest image possible. In Windows terminology we refer to this as “sysprep” so for the purpose of the how-to we will use the tem “sysprep for Mac” although it is not a tool provided by Microsoft such as Sysprep is.

What do I mean? In Windows there’s a set of tools available that lets you build a reference computer with all the latest updates, pre-installed drivers, software, and your own configurations. Then using Sysprep.exe you strip out all the bits that make it a unique computer such as user profiles and their associated passwords, unique computer identifiers, and so on. At the end of this you have a clean install of Windows that you can take an image of and deploy to other computers. The first time you boot on a new computer it goes through some basic setup stuff and away you go. We’ve got several articles at www.kace.com on that process, but let’s take a look at the “Sysprep for Mac” process:

Process:

Create a default install of Mac OS When you get to the Welcome screens set up an account called ADMIN. Don’t forget to setup a temporary password for this account.

  1. Install System Updates
  2. Install Company Required Software
  3. Create a New User Add a new user called DEFAULT. Make sure they’re an Administrator for the system. As with your other user account, set a simple password for this user.
  4. Configure the User Account, Restart, and log into DEFAULT.
  5. Go through System Preferences and set everything the way you want it.
  6. Start each program, particularly if they’ve been downloaded from the Internet, and make sure the startup normally and with no warnings.

System Cleanup

  1. Clear caches on the DEFAULT account – using Finder go to 
     /Users/DEFAULT/Library/Caches

    and delete the contents. Make sure you empty the Trash.

  2. Run Keychain Access (Applications/Utilities), select “login” and delete (from File menu).
  3. Clear histories (Apple symbol -> Recent Items -> Clear Menu).

Set Up System-wide Default User Account

  1. Restart the computer and log in as ADMIN.
  2. Run Terminal (Applications/Utilities) and type “sudo -s” and enter your password for ADMIN when prompted.
  3. Clear out the existing system-wide default account: 
     rm -rf /System/Library/User Template/English.lproj/*

    NOTE: Sometimes this doesn’t work as expected and you need to remove each individual sub-folder separately, check that English.lproj is empty after this step and delete anything left as needed.

  4. Copy your new default account to the system default account: 
    cp -R /Users/DEFAULT/* /System/Library/User Template/English.lproj

    NOTE: At this point, you’ve now got the start of a system-wide default user profile – this is what gets used every time a new user is created on the system, including the first user when you go through the Apple Welcome process on a new computer.

  5. Type “exit” to get out of the root shell and then close Terminal and reboot the computer.
  6. Log in again as ADMIN.

System Cleanup

  1. Run Disk Utility (Applications/Utilities), select the hard drive and, under the First Aid tab, run “Repair Disk Permissions“. If you got things right to this point you’ll see a whole stack of information where this fixes permissions for the system-wide default user profile you’ve just copied. If you miss this step, permissions issues may get in the way when you create a new user later. Once you’re done, close Disk Utility.
  2. At this point, you can now delete your DEFAULT account. You won’t need it any further.

Optional – Reset Welcome Screen

  1. Run Terminal (Applications/Utilities) and type “sudo -s” and enter your password for ADMIN when prompted.
  2.  rm -rf /var/db/.AppleSetupDone
  3. delete the usrs accounts 
     dscl . delete /users/username
  4. shutdown -h now

Create Your Disk Image

At this point, you’ve got a computer that’s turned off and is ready to start as a new computer with no existing users but all your configurations and software installs ready to go.

Source http://blog.kace.com/2012/09/13/sysprep-for-mac-os-x/