[Casper] after image, first time run scripts

Jeremy Matthews jeremymatthews at mac.com
Mon Dec 15 12:32:48 PST 2008 

Well,

I suppose running a script only once is not a problem, since you can  
have it issue a command to securely delete itself after complete.

You can create a user-specific launchd item, so you're covered there  
as well. Since I haven't tried to do using this method I suppose if  
you wanted to run something only at first login, you could create a  
loginhook which executes said scripts, and then create a logouthook  
which deletes the loginhook and the logout hook.

Would that work?

-j

On Dec 15, 2008, at 3:21 PM, Thomas Larkin wrote:

> That is pretty much exactly what I want to do.   I am familiar with  
> all the commands since I already have scripts that do all of this.   
> However, I am looking for a script that only runs for the local  
> admin account and only runs at first log in.  We image behind  
> routers at times and these routers run NAT so it doesn't always hit  
> the JSS since I don't have FQDN set up and all the forwarding, etc  
> on each router.  We also run CompuTrace which is MAC address  
> sensitive which is why I have the NIC and Airport turned off in the  
> master image.
>
> I found really when mass imaging machines block copying performs  
> faster than package based deployment and I never image one to 4  
> machines at a time.  I always image over 10 at a time if I can, if  
> not more than that even.  So, I like to block copy and have all the  
> basics in the main image.
>
> So when someone from my department images a machine they just log in  
> as local admin once, it runs all it needs to do, then it shuts down  
> the machine.  So they can log in and walk away and when they come  
> back they can toss it in a laptop cart.
>
> Overall, not a huge deal but it wold definitely make our lives like  
> 1 or 2 percent easier.
>
> thanks,
>
> >>> Jeremy Matthews <jeremymatthews at mac.com> 12/15/08 2:08 PM >>>
> We actually do this in a few spots.
>
> We have several packages and scripts that run after a machine is
> booted for the first time via LaunchDaemon (some after someone first
> logs in) - this does a number of things, including:
>
> 1) Renaming the system volume so our scripts actually work!
> 2) installing casper and creating a casper-only service account
> 3) creating a new hidden admin account (and removing the temporary  
> one)
> 4) installing computrace
> 5) creating a loginhook for all users
> 6) naming the machine
> 7) setting ARD access
> 8) Installing certs and binding to our OD Server via SSL
> 9) Cleaning up caches
> 10) Fixing permissions
> ....etc
>
> ....then the script securely deletes each item, including the
> LaunchDaemon, while securely deleting itself last.
> Works great!
>
> -jeremy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20081215/35f5393f/attachment.htm

More information about the Casper mailing list