Jamf Nation Community

Eigger · ‎05-09-2016

@rtrouton Is it possible to use your First Boot Script like this? Running it on boot drive after imaging instead of the first boot package and using LaunchDaemon to run it. I add/remove some commands in your original script. Also I am more successful using the mobileconfig to suppress the iCloud and Diagnostic Pop ups so I also removed it from your original script.

#!/bin/sh

# Initial setup script for Mac OS X 10.11.x
# Rich Trouton, created July 29, 2015
# Last modified 1-21-2016
#
# Adapted from Initial setup script for Mac OS X 10.10.x
# Rich Trouton, created August 20, 2014
# Last modified 11-21-2014
#

# Set Time Zone

/usr/sbin/systemsetup -settimezone "America/Anchorage"

# Set Network Time

/usr/sbin/systemsetup -setusingnetworktime on

# Set Time Server

/usr/bin/systemsetup -setnetworktimeserver "time.nsbsd.org"

# Configure Finder to always open directories in Column view

/usr/bin/defaults write /System/Library/User Template/English.lproj/Library/Preferences/com.apple.finder "AlwaysOpenWindowsInColumnView" -bool true

# Disable Time Machine's pop-up message whenever an external drive is plugged in

/usr/bin/defaults write /Library/Preferences/com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true

# Hide Admin User

/usr/bin/defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool TRUE

# Set separate power management settings for desktops and laptops
# If it's a laptop, the power management settings for "Battery" are set to have the computer sleep in 15 minutes, disk will spin down 
# in 10 minutes, the display will sleep in 5 minutes and the display itslef will dim to half-brightness before sleeping. While plugged 
# into the AC adapter, the power management settings for "Charger" are set to have the computer never sleep, the disk doesn't spin down, 
# the display sleeps after 30 minutes and the display dims before sleeping.
# 
# If it's not a laptop (i.e. a desktop), the power management settings are set to have the computer never sleep, the disk doesn't spin down, the display 
# sleeps after 30 minutes and the display dims before sleeping.
#

# Detects if this Mac is a laptop or not by checking the model ID for the word "Book" in the name.
IS_LAPTOP=`/usr/sbin/system_profiler SPHardwareDataType | grep "Model Identifier" | grep "Book"`

if [ "$IS_LAPTOP" != "" ]; then
    pmset -b sleep 15 disksleep 10 displaysleep 5 halfdim 1
    pmset -c sleep 0 disksleep 0 displaysleep 30 halfdim 1
else    
    pmset sleep 0 disksleep 0 displaysleep 30 halfdim 1
fi

# Set the login window to name and password

/usr/bin/defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true

# Disable external accounts (i.e. accounts stored on drives other than the boot drive.)

/usr/bin/defaults write /Library/Preferences/com.apple.loginwindow EnableExternalAccounts -bool false

# Set the ability to  view additional system info at the Login window
# The following will be reported when you click on the time display 
# (click on the time again to proceed to the next item):
#
# Computer name
# Version of OS X installed
# IP address
# This will remain visible for 60 seconds.

/usr/bin/defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName

# Sets the "Show scroll bars" setting (in System Preferences: General)
# to "Always" in your Mac's default user template and for all existing users.
# Code adapted from DeployStudio's rc130 ds_finalize script, where it's 
# disabling the iCloud and gestures demos

# Checks the system default user template for the presence of 
# the Library/Preferences directory. If the directory is not found, 
# it is created and then the "Show scroll bars" setting (in System 
# Preferences: General) is set to "Always".

for USER_TEMPLATE in "/System/Library/User Template"/*
  do
     if [ ! -d "${USER_TEMPLATE}"/Library/Preferences ]
      then
        mkdir -p "${USER_TEMPLATE}"/Library/Preferences
     fi
     if [ ! -d "${USER_TEMPLATE}"/Library/Preferences/ByHost ]
      then
        mkdir -p "${USER_TEMPLATE}"/Library/Preferences/ByHost
     fi
     if [ -d "${USER_TEMPLATE}"/Library/Preferences/ByHost ]
      then
        /usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/.GlobalPreferences AppleShowScrollBars -string Always
     fi
  done

# Checks the existing user folders in /Users for the presence of
# the Library/Preferences directory. If the directory is not found, 
# it is created and then the "Show scroll bars" setting (in System 
# Preferences: General) is set to "Always".

for USER_HOME in /Users/*
  do
    USER_UID=`basename "${USER_HOME}"`
    if [ ! "${USER_UID}" = "Shared" ] 
     then 
      if [ ! -d "${USER_HOME}"/Library/Preferences ]
       then
        mkdir -p "${USER_HOME}"/Library/Preferences
        chown "${USER_UID}" "${USER_HOME}"/Library
        chown "${USER_UID}" "${USER_HOME}"/Library/Preferences
      fi
      if [ ! -d "${USER_HOME}"/Library/Preferences/ByHost ]
       then
        mkdir -p "${USER_HOME}"/Library/Preferences/ByHost
        chown "${USER_UID}" "${USER_HOME}"/Library
        chown "${USER_UID}" "${USER_HOME}"/Library/Preferences
    chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/ByHost
      fi
      if [ -d "${USER_HOME}"/Library/Preferences/ByHost ]
       then
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/.GlobalPreferences AppleShowScrollBars -string Always
        chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/.GlobalPreferences.*
      fi
    fi
  done

# Turn SSH on

/usr/sbin/systemsetup -setremotelogin on

# Turn Remote Management on

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate  -configure -access -on -allowAccessFor -allUsers -privs -all

# Turn off Gatekeeper

spctl --master-disable

# Disable Gatekeeper's auto-rearm. Otherwise Gatekeeper
# will reactivate every 30 days. When it reactivates, it
# will be be set to "Mac App Store and identified developers"

/usr/bin/defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false

# Set the RSA maximum key size to 32768 bits (32 kilobits) in
# /Library/Preferences/com.apple.security.plist to provide
# future-proofing against larger TLS certificate key sizes.
#
# For more information about this issue, please see the link below:
# http://blog.shiz.me/post/67305143330/8192-bit-rsa-keys-in-os-x

/usr/bin/defaults write /Library/Preferences/com.apple.security RSAMaxKeySize -int 32768

alexjdale · ‎05-09-2016

Should be fine. I perform many of the same steps in a similar "at reboot" script.

View solution in original post

Look · ‎05-09-2016

I run our first run script as "As Reboot" in Casper and included in the imaging configuration, seems to work without any issues like this.

View solution in original post

alexjdale · ‎05-09-2016

Should be fine. I perform many of the same steps in a similar "at reboot" script.

Look · ‎05-09-2016

I run our first run script as "As Reboot" in Casper and included in the imaging configuration, seems to work without any issues like this.

Eigger · ‎05-09-2016

Thanks Guys, I tried running this yesterday and some of them didn't work, so I posted it, I probably running it wrong or something. I reviewed the syntax today for any errors and tried to run them individually, and finally saw the error, and the script works now.
Do you have other recommendation that I can add on this script? I am also looking for a script to Disable "Re open windows the next time you log back in"

Eigger · ‎05-09-2016

Just sharing this link regarding how to disable "Reopen windows the next time you log back in" Kudos to @golbiga

https://github.com/golbiga/Profiles/blob/master/disablereopenwindows.mobileconfig

from

https://jamfnation.jamfsoftware.com/discussion.html?id=14101#responseChild85162