We moved to Jamf in December and I have had quit a few iMacs that are not DEPable.
My goal was to install MacOS Sierra from scratch and have a package run that will assign the correct Jamf Recon package based on IP.
Making this post to share what worked for me and also get feedback, as I am still learning.
I used a Mac Mini, running 10.12.6, running Mac Server and the System Image Utility program.
Downloaded MacOS Sierra from the App Store.
Ran System Image Utility and created a NetInstall Image, adding my package.
After trial and error with adding a package to the System Image Utility, with it being "not signed".
I had to renew our developer account and used XCODE to add the Developer ID Installer certificate.
Used this as a guidet
Using the app Packages, I was able to create a flat package with a preflight script that curled my main script. curl -s http://path-to-script-hosted/ISD728_JamfAdd.sh | sh > "/Users/Shared/728/Jamf.log" 2>&1
I then signed the flat package I created. krypted helped me
Once I had my package set, I tested with created a new Sierra Net-Install, adding the signed package.
Using the same cert, i exported it and used it in Recon to create my individual site, signing them with the exported cert.
example of script being curled:
#!/bin/bash
# Created by Jeffro @ isd728
# Last Update Jan.26.2018
# Variables
#
mountSharedFolder (){
sharedFolder="/Volumes/LoginScripts"
mountSMB="//username:password@path-to-mounted-folder/LoginScripts /Volumes/LoginScripts"
if [ -d "$sharedFolder/UpdateME" ]; then
echo "Volume Mounted"
else
echo " Volume NOT Mounted... exiting "
if [ -d ${sharedFolder} ]; then
echo ""
echo "Removing mounted volume: "${sharedFolder}
sudo diskutil umount force ${sharedFolder}
sudo rmdir ${sharedFolder}
fi
exit 0
fi
fi
}
#
while read -r enPort
do
if ifconfig | grep $enPort > /dev/null; then
echo ""
echo "Port $enPort exists"
echo ""
INTERFACES=$enPort
fi
done <<< $(networksetup -listnetworkserviceorder | grep "Hardware Port" | grep -E "Ethernet|USB" | awk -F ": " '{print $3}' | sed 's/)//g')
echo $INTERFACES
if [[ $INTERFACES == "" ]]; then
INTERFACES="en0"
fi
NetworkIP=$(echo $(ipconfig getifaddr $INTERFACES | perl -pe 's/\./\n/g' | cut -d "." -f 2))
echo $NetworkIP
#
if [ $NetworkIP == "0" ]; then
Building="Elementary"
elif [ $NetworkIP == "2" ]; then
Building="Middle"
elif [ $NetworkIP == "3" ]; then
Building="High"
#Removed another 17 items
fi
if [ $Building == "" ]; then
Building="All"
fi
echo $Building
echo ""
mountSharedFolder
jamfPackage="/Users/Shared/${Building}-QuickAdd.pkg"
if [ -d $sharedFolder ]; then
cp -Rfv $sharedFolder/Jamf/${Building}-QuickAdd.pkg /Users/Shared/
sudo chmod -Rf 775 /Users/Shared/${Building}-QuickAdd.pkg
if [ -f $jamfPackage ]; then
sudo installer -pkg /Users/Shared/${Building}-QuickAdd.pkg -target / -allowUntrusted
sleep 60
echo ""
fi
fi
# disconnect Shared Folder, if exists
if [ -d ${sharedFolder} ]; then
echo ""
echo "Removing mounted volume: "${sharedFolder}
sudo diskutil umount force ${sharedFolder}
fi
if [ -d ${sharedFolder} ]; then
echo ""
echo "Removing mounted volume: "${sharedFolder}
sudo diskutil umount force ${sharedFolder}
sudo rmdir ${sharedFolder}
fi
##########################################################################
exit 0
Not sure how quality my scripting is, but i gets the job done.
