[Casper] after image, first time run scripts

Jeremy Matthews jeremymatthews at mac.com
Mon Dec 15 12:25:11 PST 2008 

Well, I suppose a few reasons...

Firstly, some clients wanted these items to be done at first boot. At  
first boot these machines did not already have casper installed.  
Catch-22 there. Hard to run a Casper policy without casper being  
installed. Some wanted "fresh" machines at boot, with nothing but the  
core OS. Next step install X, then Y, then Z, etc.

Additionally, some clients in larger implementations have casper in  
some places, but not others. In other cases, there were other network  
issues or Technical/Administrative concerns. I can't go into this too  
much, but you can probably guess as to why.

Other than that, we wanted to be able to deploy using native  
technologies for some companies. Though Casper is definitely a  
preferable option, it does give our clients the ability to deploy a  
single package that includes all of this tech, will run at first boot  
(or next boot, depending on if you're already booted!), and does not  
require Casper to intervene, poll, make decisions, etc.

So, altogether now...

1) Use whatever distribution tech you want
2) Little (or no) reliance on networks or other services
3) Native methodology (Casper not required - some places use Casper,  
some don't, some mix and match)

-jeremy

On Dec 15, 2008, at 3:17 PM, Miles Leacy wrote:

> Are you seeing any benefits to using a launchd task as opposed to  
> "at reboot" scripts in your configuration and/or creating Casper  
> policies?
>
> I ask because I'm wondering if your method is driven by function or  
> preference.  As I look at your list, I think I can accomplish each  
> item via Casper directly or via a Casper-delivered script.  Did you  
> encounter any situations that made launchd more desirable?
>
> ----------
> Miles A. Leacy IV
>
>  Certified System Administrator 10.4
>  Certified Technical Coordinator 10.5
>  Certified Trainer
> Certified Casper Administrator
> ----------
> voice: 1-347-277-7321
> miles.leacy at themacadmin.com
> www.themacadmin.com
>
>
>
>
> On Mon, Dec 15, 2008 at 3:08 PM, Jeremy Matthews <jeremymatthews at mac.com 
> > wrote:
> We actually do this in a few spots.
>
> We have several packages and scripts that run after a machine is
> booted for the first time via LaunchDaemon (some after someone first
> logs in) - this does a number of things, including:
>
> 1) Renaming the system volume so our scripts actually work!
> 2) installing casper and creating a casper-only service account
> 3) creating a new hidden admin account (and removing the temporary  
> one)
> 4) installing computrace
> 5) creating a loginhook for all users
> 6) naming the machine
> 7) setting ARD access
> 8) Installing certs and binding to our OD Server via SSL
> 9) Cleaning up caches
> 10) Fixing permissions
> ....etc
>
> ....then the script securely deletes each item, including the
> LaunchDaemon, while securely deleting itself last.
> Works great!
>
> -jeremy
> _______________________________________________
> Casper mailing list
> Casper at list.jamfsoftware.com
> http://list.jamfsoftware.com/mailman/listinfo/casper
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20081215/9b37abc1/attachment.htm

More information about the Casper mailing list