Deployment Solution

 View Only
Back to Library

Mac Imaging Using Deployment Solution - Unicast to Multicast 

Jun 04, 2010 11:01 AM

As a significant presence on our network, Apple Macintosh computers require the same efforts to deploy and redeploy as their Windows counterparts. The purpose of this solution was to create a comprehensive imaging solution to reduce labor effort, bandwidth utilization while increasing the quality control for deploying or redeploying Apple Macintosh computers in the enterprise.



In our efforts to support the Apple Mac OS X platform in our environment, we have utilized the Altiris Deployment Solution 6.9 agent and scripting to create a scripted imaging solution the satisfies the functional objectives below.  

Functional Objectives:

  • To be able to schedule imaging jobs for Apple computers regardless of power state
  • Minimize bandwidth usage from the server to the target computers. 
  • Work in environments with or without VLANs
  • Acknowledge completion or failure
  • Mimic unicast to multicast streaming
  • Allow multiple imaging streams
  • To be able to image a single computer or an entire building at a time.
  • To be able to store images on NFS, AFP or SMB shared storage.

Required Environment

To use this solution you must have:

  • A Deployment Solution 6.9 server
  • An Apple Mac OS X Server
  • An Apple Macintosh client computer

Working Assumptions

  • NetBoot services must be running on the Mac OS X Server. Your client must be able to contact the server and boot from this image. You may need to accommodate the network by adding helper addresses for the NetBoot service. 
  • From this point forward the term "NetBoot image" will be called the "AUTOMATION IMAGE"
  • You have a properly created image to deliver that is stored in a location accessible on the network. This information can be found in KB 40410.
  • The Primary Lookup Key(s) include Serial Number within the Global Settings of the Deployment Solutions server. 
  • You have at least one Mac OS X client created in the console with the computer name and serial number. 

Prerequisite Setup on the Mac OS X Server

You will need to create folders on the Mac OS X Server. These folders will serve the image, act as a temp directory for ASR, and store the support files.

  • A folder will need to be created for the image storage location. For the purposes of this document,  use "Images" as the share name. Ensure you have an account to access this share across the network.
  • A folder within the Images folder must be created called "Support"
  • A folder must be created within the Support folder called "Backgrounds"
  • Download and save the backgrounds in the Backgrounds directory. Ensure these files are accessible through the network.

Instructions

  • Download the referenced script to the desktop of the Deployment Solution server.
  • Within the Deployment Solution console, create an imaging job by right-clicking on the item System Jobs>Image Jobs and selecting New Job

There are no conditions to this imaging job. The default condition will be used.

  • Add a "Run Script" step. 
  • Copy the text in between the quotation marks:

"# Sleep 30

sleep 30"

  • Paste the text into the "Run this Script" field. Ensure Mac OS X is selected in the script operating system. 

The first line will provide a text description in the console in the Details column. Once the computer restarts, it will wait for 30 seconds.

  • Click Next
  • Select "On the client computer" for Script Run Location
  • Select "Automation pre-boot environment" for Client Run Environment.
  • Click Next 
  • Click Finish.
  • Add a "Run Script" step.
  • Open the downloaded script using Notepad on the Deployment Server.
  • Select All (ctrl+A)
  • Copy (ctrl+C)
  • Paste the selected text in the "Run this script" field. 
THERE ARE ONLY 6 LINES OF THE SCRIPT THAT NEED TO BE MODIFIED. THEY ARE LINES 4-9. It is important that you set these variables to values that match your environment.    

The variables are listed below. You will need to replace the text within the quotations with your own values.

SharedFolder - This is the name of the share where the delivered image is stored.
Example: SharedFolder="Images"

MountPoint - This is the name of the volume with the shared folder.
Example: MountPoint="/Volumes/"$SharedFolder

ImageFile - This is the filename with extension.
Example: ImageFile=$MountPoint/"imagename.dmg"

Server - This is the FQDN or IP of your Mac OS X Server running NetBoot
Example: Server="servername.yourcompany.com"

UserName - This is the account name able to mount the share where the image is being stored.
Example: UserName="technician"

Pass - This is the password used to access the share where the image is stored. 
Example: Pass="password"

Once the above variables are populated:
  • Ensure Mac OS X is selected in the script operating system.
              
  • Click Next
  • Click Finish

How it Works

  • Deployment Solution tells client machine to Netboot to local XServe
  • Client boots to Altiris Automation Image running 6.9 SP 4 (beta) agent
  • Client mounts share (AFP, NFS, SMB) where images are located
  • Client gets its own IP, and determines whether it is on a flat network (255.255.248.0) or on a VLAN (255.255.255.0).  Note: Because our network only has two subnet masks, we assume that if the subnet is not 255.255.255.0 then it is 255.255.248.0
  • Client determines its resolution.  Resolution is detected so that when a new background is applied to the computer, the background is not stretched, and appears at its native resolution.  A background must exist in the Support folder for each supported resolution
  • Client checks to see that a folder exists for its specified subnet, and that a Log Archive folder exists within that subnet folder.  If not, the folders are created.
  • Client checks to see if MCastMaster.txt file exists
    A) File Exists
  1. Client creates file with it's IP address in the MCastClients folder. We chose to create multiple files so that we wouldn't run into an issue where two machines tried to write to the same file at the same time
  2. Client creates file with it's IP address in the root folder ("/")
  3. Client redirects script output to file located at "/".  This was done to accommodate                 QuickLook auto-refresh
  4. Client sets its background to the slave background in the proper resolution.  Client then  displays the IPaddress.txt output located at "/" using quicklook (requires 10.6 for the quicklook view to auto-refresh the screen)
  5. Client reads the IP address of the Master from the MCastMaster.txt file
  6. Client sleeps for 10 seconds to give the Master time to start the server session
  7. Client attaches to ASR session and restores "/dev/disk0s2"
  8. Client removes its file from the MCastClients folder to signify it has completed the imaging.
  9. Client moves its log file (IPAddress.txt) to the Log Archives folder
  10. Client copies adlagent.conf file into restored image
    B)
  1. Client creates MCastMaster.txt file containing its IP address
  2. Client outputs its IP address to the MCastMaster.txt file
  3. Client creates file with it's IP address in the MCastClients folder.
  4. Client creates file with it's IP address in the root folder ("/")
  5. Client redirects script output to file located at "/". 
  6. Client sets background to the master background in the proper resolution
  7. Client displays the contents of "/IPaddress.txt" using quicklook
  8. Client creates asr.plist file
  9. Client starts ASR server session using the asr.plist file and moves the process to the background
  10. Client sleeps to allow the server session to start
  11. Client attaches to ASR session and restores "/dev/disk0s2"
  12. Client removes its file from the MCastClients folder to signify it has completed the imaging.
  13. Client moves its log file (IPAddress.txt) to the Log Archives folder
  14. Client copies adlagent.conf file into restored image
  15. Client checks MCastClients folder to see if any other clients are connected.  If there are other clients it sleeps for a minute and then checks again.  If there are not any, then the client kills the asr server session.
  16. Client removes MCastLMaster.txt file, asr.plist file, and MCastClientsFolder.
  • Client uses %NAME% to set its Computer Name.
  • Client unmounts the shared drive.
  • Client sets startup disk back to /dev/disk0s2
  • Client reboots

Statistics
0 Favorited
1 Views
4 Files
0 Shares
0 Downloads
Attachment(s)
Download All
zip file
ASR Imaging - Large-1.m4v.zip   103.50 MB   1 version
Uploaded - Feb 25, 2020
 
Download
zip file
asr.sh_.zip   2 KB   1 version
Uploaded - Feb 25, 2020
 
Download
zip file
ASR_VLAN_File_With_Comments_3.2.sh_.zip   3 KB   1 version
Uploaded - Feb 25, 2020
 
Download
zip file
Backgrounds.zip   11.28 MB   1 version
Uploaded - Feb 25, 2020
 
Download

Tags and Keywords

Comments

Migration User
Feb 22, 2011 09:18 AM

Hi Malroy,

When I originally wrote the script, I wrote it to rename the computer name in our image which are always named 'SITE-XX-XXXXXM'.  So I am replacing the text in the preference file where 'SITE' followed by anything with the name of the computer.  The line with tmpNamePref should read as the following:

tmpNamePref="/Volumes/Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist.tmp"

This file is created when in the naming function.  Because bash won't let you write to the file you are reading, I write to a tmp file, and then rename it to be the original file. 

I am currently about 80% done rewriting this entire process in C.  After we finish imaging and are about to bind the machine, we are setting the LocalHostName and HostName to what we had previously set the computer name to.  Please let me know if you have any other questions.  You can email me at zeles_joseph@stvrain.k12.co.us.

 

Thanks,

Joe Zeles

Migration User
Feb 22, 2011 02:35 AM

 

Hi Jesse
 
i found a few things that i am wondering if you are kind enough to explain it to me.
 
i couldnt find the tmpNamePref file, i have to create it myself.
 
cp $NamePref" "
tmpNamePref
 
i dont understand what is this meant REGEX="[\>]SITE.*.[\<]"  ?? can you explain ? i cant seems to find the regular expression in the plist file.
 
i also improve your script to include the LocalHostName, HostName and ComputerName as well since it is used in different situation. attached is my version
 
 
Jesse's Version
 
 

function SetComputerName ()

{

NamePref="/Volumes/Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist"

tmpNamePref="/Volumes/Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist.tmp"

oldNamePref="/Volumes/Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist.old"

 

REGEX="[\>]SITE.*.[\<]"

ComputerName=%NAME%

ComputerName="\>"$ComputerName"\<"

 

sed "s/$REGEX/$ComputerName/g" "$NamePref" >> "$tmpNamePref"

 

mv "$NamePref" "$oldNamePref"

mv "$tmpNamePref" "$NamePref"

}

 

 

malroy version 

 

you may need to copy the PlistBuddy in the /usr/libexec

 

 

function SetComputerName ()
{
NamePref="/Volumes/
Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist"
tmpNamePref="/Volumes/
Macintosh HD/Library/Preferences/SystemConfiguration/preferences.plist.tmp"
oldNamePref="/Volumes/
Macintosh HDLibrary/Preferences/SystemConfiguration/preferences.plist.old"
 
ComputerName=%NAME%
 
cp "$NamePref" "$tmpNamePref"
/usr/libexec/PlistBuddy -c "Set :System:Network:HostNames:LocalHostName $ComputerName" "$tmpNamePref"
/usr/libexec/PlistBuddy -c "Set :System:System:ComputerName $ComputerName" "$tmpNamePref"
/usr/libexec/PlistBuddy -c "Set :System:System:HostName $ComputerName" "$tmpNamePref"
 
mv "$NamePref" "$oldNamePref"
mv "$tmpNamePref" "$NamePref"
}

 

Thanks alot for sharing , your script is amazing , still reading through 

 

 

 

 

Migration User
Nov 17, 2010 02:51 PM

Mac OS X Server will certainly run on a a 20" Intel iMac as long as the server version is universal. If you really wanted to, you wouldn't even have to have the server running all of the time. You could have an external HDD attached to a client computer that has Mac OS X Server installed. As a part of a mass imaging job, you could send a script step to set the startup disk, then follow on to the actual imaging job. Or you could then remote into the client computer to change the startup disk to the external drive and do your imaging. After the imaging is done, you could then change the startup disk back to the client drive. I wouldn't really recommend this, as you will lose the capabilities of starting the job and walking away. There would be some setup time and then you'd have to reset the "server". If at all possible, keep the server running. That way you wont have to think about the setup. 

There are many ways to skin this cat. The best way (using this technology) is to have a dedicated computer for the server service. 

Migration User
Nov 17, 2010 01:57 PM

Thanks for the reply. So is I understand, OSX Server OS can run on a "desktop" machine? If this is true I have a 20' imac that has an intel chip. 

Migration User
Nov 17, 2010 12:21 PM

That was the document I would have referred you to as well as a starting point. 

A Mac OS X Server will need to be located at each site that you support where you intend to manage the imaging process. Depending on how many computers are going to be managed at each site, you could potentially use a Mac Mini for your NetBoot services.

We have an Xserve at every location, but these are only providing two legitimate services to the end users now. The first is configuration control through MCX settings, i.e. Dock Settings, Software Update, Etc. The second is for NetBoot services. Since Apple is discontinuing its Xserve lineup, you could possibly get away with using a Mac Mini if you can live with knowing the hardware is not server-grade and may have a lower MTBF than an Xserve. An alternate could be purchasing a Mac Pro and getting the RAID card and decent drives. The Mac Pro is just as expensive as the Xserve, which is kind of a turnoff. Neither the Mac Mini or Mac Pro have redundant power supplies... 

When the time comes to refresh our Xserves, I know we'll go through an exercise of trying the Mac Mini and Mac Pro as alternatives and see which will better fit our needs. For several months, we were running Mac OS X Server from a 20" iMac to run the imaging service for our shop. It worked, but we moved it to an Xserve before it had a chance to fail. 

 

 

Migration User
Nov 17, 2010 10:49 AM

This is what I need to justify the purchase of the server 

 

 

http://www.symantec.com/business/support/index?page=content&id=HOWTO8571&actp=search&viewlocale=en_US&searchid=1290008888117

 

 

Migration User
Nov 17, 2010 10:47 AM

 

Thanks for the article Jesse. Do you have any official documentation from Symantec showing these requirements and steps to create this image? I remember an article a while ago that showed how to create the image, but I can’t find it after kb.altiris.com has been converted. I also will need something official that will justify me requesting a Mac server.

 

Thanks

Migration User
Oct 08, 2010 03:56 PM

I assume this error message is coming from the Multicast master?  Is multicast enabled on your network?  Have you scanned the image for restore?  If this is coming from the master, are other clients able to connect to the stream?  What kind of computers are you imaging?  What are you using for your multicast settings in the asr.plist.  If you have more questions, you can email me directly at zeles_joseph@stvrain.k12.co.us.

 

Thanks,

 

Joe

mabdelnabi
Sep 03, 2010 12:27 PM

Jesse,

Thank you so much for posting the script. I'm having a problem and I hope you can help.
The script mounts the image folder and everything seems to be starting fine. But I get an error message once the ASR session starts 
"asr -source /volumes/ServerHD/Images/ReadyImage.dmg -server /volumes/ServerHD/172.16.96/asr.plist
NetBoot002
asr -source asr://127.0.0.1 -target /dev/disk0s2/ -erase -noverify -noprompt -puppetstrings
XSTA start 95 multicast-client
Could not access multicast stream information
XSTA fail"

Any idea what I'm missing?

Thanks again for your help...

Migration User
Jun 07, 2010 03:12 PM

Special Notes

If you are going to use an account that uses a special character in the username or password, that you will need to substitute the character with the ASCII value within the script.

There is a limit to the number of lines to a script within the DS script step. The attached script is stripped of comments to accommodate the limitation. 



 

Related Entries and Links

No Related Resource entered.