Skip to main content
Jamf Nation, hosted by Jamf, is a knowledgeable community of Apple-focused admins and Jamf users. Join us in person at the ninth annual Jamf Nation User Conference (JNUC) this November for three days of learning, laughter and IT love.

Auto DMG Issues

Using AutoDMG to come up with a clean 10.9.2 base OS. Also using CreateUserPkg to create the machine's local administrator \- big fan of both except for one issue. After machine is imaged I am unable to allow access under Remote Management for my local administrator. When I click on the \+ sign it only gives me access to users, nothing for administrators.

Like Comment
Order by:
SOLVED Posted: by pblake

Did you set your user as hidden uid below 500?

Like
SOLVED Posted: by calum_rmit

have you tried using the ard kickstart command to specify the user?

Like
SOLVED Posted: by mculver

Thanks for replying. I have now changed the uid to 501. However now when I re-image and login the permissions for the localadmin are incorrect, and won't even let me open the localadmin home. Think I am on the right track, what am I missing for the permissions end? Thanks!

Like
SOLVED Posted: by pblake

Make sure you are running the latest versions of auto dang and create user. I think that was fixed in one of the versions. Also you can try 502 to be safe.

Like
SOLVED Posted: by mculver

I tried the 502, re-downloaded AutoDMG and CreateUserPkg, and basically started over from scratch with a different computer and Mavericks download. Still had the same issue each and every. At this point I am using AutoDMG without a user, and imaging using Disk Utility and FireWire, running setup on the new Mac for my user, and grabbing that OS using Composer for my base OS. Was really hoping to go completely modular, but keep finding dead-ends.

Like
SOLVED Posted: by gregneagle
I have now changed the uid to 501. However now when I re-image and login the permissions for the localadmin are incorrect, and won't even let me open the localadmin home.

How are you creating the localadmin home? What owner, group and mode does it have?

CreateUserPkg itself does not create the local home. If you do nothing, the OS creates an empty home at first login. Perhaps you have a package that is creating this home?

Like
SOLVED Posted: by mculver

After I did the restore using Disk Utility and FireWire I had to go through and initial computer setup, and create a local administrator \- there was no option to skip that step. So I used AutoDMG without a user package. Interesting to know though about not creating a local home. So which step did I miss for creating a local home?

Like
SOLVED Posted: by nmcspadden

I've seen this problem a number of times.

If you create a user package with something like CreateUserPkg, the home isn't created until first login.

If you create a user with UID less than 500, one of the things you can't do is use the Sharing pane of the System Preferences to give it ARD privileges. That won't show any accounts below 500.

If you change the UID to something, you'll need to change ownership on the home directory as well:
sudo chown -R user:group /Users/user

For example, if this is your local admin account:
sudo chown -R admin:staff /Users/admin

If you want to forcefully mandate ARD privileges for the local admin account named "admin", I use these kickstart commands as part of my deployment workflow:

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -specifiedUsers

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users "admin" -privs -all -restart -agent

I put this into a payload-free package that just runs this script.

Hope that helps some.

Like
SOLVED Posted: by mculver

Thanks Nicholas \- I will give it a try. Are you creating your payload-free package with PackageMaker? Are you running that on the initial image?

Like
SOLVED Posted: by rtrouton

You can use Apple Remote Desktop Admin to help with the kickstart options. I have a post on how to do that available here:

http://derflounder.wordpress.com/2013/03/07/using-apple-remote-desktop-admin-to-help-script-ard-kickstart-options/

If you need a tool to create a payload-free package, I've built a tool to help with this. It's available from here:

https://github.com/rtrouton/Payload-Free-Package-Creator

I have a post on this tool available here:

http://derflounder.wordpress.com/2014/03/08/payload-free-package-creator-app/

Like