Jamf Nation Community

MBrownUoG · ‎02-11-2019

Hey folks.

So we re-image all of our lab machines here every summer, and until now that's been a manual process where the techs will visit each machine, format all partitions, install the latest version of OSX and then name the Mac correctly so it drops into the right groups in Jamf and pushes out software.

I'm still relatively new to Jamf, but I was wondering if it's an easy process to automate this whole sequence? I have the Jamf OSX Upgrade script (pulled from https://github.com/kc9wwh/macOSUpgrade/blob/master/macOSUpgrade.sh) set up for a self-service deployment of Mojave already, so I presume I can modify that fairly easily to do an erase-and-install deployment, then push it out via a one-time policy to each group of Macs we're targeting?

My questions then would be around maintaining the name of each Mac and also formatting any secondary partitions during this process, is there a simple way to achieve that?

Hopefully this is a basic question! And thanks again for all the resources and discussions here, it's been an incredibly valuable resources over the last few months.

cpresnall · ‎02-11-2019

We do this with a two policy approach with a static group "To Be Imaged". This lets us image in bulk and isn't bothered by the T2 chips in the newer units.
One policy drops the Mojave installer on all systems at logout. This makes sure that every system is ready for imaging at any time. Second policy runs the silent erase and install from the installer, and is only available after the installer is present. ["/Applications/Install macOS Mojave.app/Contents/Resources/startosinstall" --eraseinstall --newvolumename "Macintosh HD" --agreetolicense]

We do make the second policy available in Self Service as well, but its primary use around here is to wipe returned systems.

MBrownUoG · ‎02-12-2019

Thanks for the reply.

I like the idea of dropping machines into a group for imaging and running a "once per computer" policy that does a silent install. I'll have a play around with that ready for summer.

Can I ask how you deal with machines that have secondary partitions on them? We'd need to wipe all partitions as part of the process, but I guess this is something I could do with a script to discover and erase each partition ahead of calling the Mojave installer?

The main issue we have will be keeping the name of the machines as they go through the process... is it possible to store this in a variable somewhere and have jamf pump it back to the machine afterwards? Or to pass it to the OS installer somehow?

tjhall · ‎02-12-2019

We add three extra packages to the erease-install which installs Jamf QuickAdd, a pre-made admin account and Splashbuddy (which we use to specify build).
Potentially you could be able to script the naming based on serial number corresponding to name in Jamf database. Then have a policy kick off at a certain time which wipes, re-installs and puts on all the apps automatically.

jkaigler · ‎02-12-2019

If you can get DEP working you can setup prestage enrollments. The macs will automatically be added to your JAMF server and you can assign policies as well. I am still in testing phase. Really hope to have it done for lab refreshes.

Jamf Nation Community

Automated Mac OSX Re-Install