ADPassMon and FileVault 2

adpassmon icon + filevault2 icon

ADPassMon user Cesar Gonzalez sent me a nice note to let me know that Apple engineers suggested using ADPassMon to work around a problem he encountered after deploying FileVault 2. Due to the EFI boot authentication passthrough, his users are no longer notified of the pending password expirations at the login screen. Since ADPassMon runs after the login process, it works whether FileVault 2 is enabled or not.

Adding to ADPassMon’s feature list without any additional work seems like a big win to me. :) Thanks again, Cesar!

Create a Leopard to Snow Leopard Upgrade NetInstall Image

UPDATE (10/15/09): I’ve gotten mixed results from some individuals who’ve tried the workaround with 10.6.1. I’m working on and testing an extended workaround that should fix the problem for everyone. Look for that info soon.

— — — —

UPDATE (10/13/09): I’ve updated the article (and posted it as new) with a workaround for the issue that prevented additional packages from being installed. I submitted the bug that this workaround avoids to Apple — id #7247968 — on September 23, 2009.

— — — —

This post is a Snow Leopard update to a process I wrote about when Leopard (10.5) came out. This post will tell you how to create a NetInstall image that will upgrade a Mac running Leopard to the latest version of Snow Leopard in one step. It will also work to upgrade a Mac running Tiger to the latest version of Snow Leopard.

What You’ll Need

  1. A 10.6 software license, or individual retail copy of Leopard, for each computer you are upgrading from Leopard or Tiger to Snow Leopard — this is easily overlooked, so let’s keep things legal.
  2. A read/write disk image (.dmg) of a Mac OS X v10.6 Snow Leopard Install DVD (i.e. not shipped with a computer). You’ll convert this to read-only after making a small modification to one of the files.
  3. One build computer running Snow Leopard with the latest version of Snow Leopard’s Server Admin Tools installed (10.6.0 as of this writing).
  4. A computer running OS X Server providing NetBoot services — Tiger, Leopard, and Snow Leopard Server will all work
  5. A copy of the OSUpgrade.pkg found on the Install DVD at /Volumes/Mac OS X Install DVD/System/Installation/Packages. This is a hidden folder, so use Go to Folder from the Finder’s Go menu to reveal it.
  6. Optional: the latest Combo Updater — 10.6.1 as of this writing. (Yes, it’s not a Combo Update, but only because it’s a .1 updater.) Continue reading

Easily Change Your Server’s Default NetBoot Image from the Command Line

I have five different NetInstall/NetRestore images living on an Xserve that I use for deployment purposes. I find myself using Server Admin pretty often to change the default NetBoot image so I can boot computers to that image while holding down option-N. I was starting to find it pretty tedious to do this via the GUI. After launching the application, it takes seven clicks to change a default image in Server Admin (Tiger and Leopard). The times that I wasn’t at my computer and wanted to change the default image were starting to pile up, too.

So, what does any intrepid admin do at a time like this? That’s right. We take it to the command line and find a way to script it. My goal now was to create a script that I could run (from any computer) after ssh’ing into the server.

Continue reading

Create a Tiger to Leopard Upgrade NetInstall Image

(UPDATE: If you’re interested in a Snow Leopard upgrade process, please see this post for updated instructions.)

adminertia : an admin at rest tends to stay at rest and an admin in motion tends to want to return to rest as soon as possible.

When Leopard was first released, I was almost grateful that it didn’t work reliably with Active Directory since that flaw provided me with a valid excuse for not having an upgrade procedure ready to roll when upgrade requests started trickling in from my users. I knew that by the time Apple got around to releasing an update that made Leopard work well with AD, the number of requests would have increased significantly. I needed to have a method of handling them in a timely manner.

Walking around the building with an installer DVD or a FireWire drive in hand doesn’t exactly rank as timely, nor does it rank as anything close to what I want to be doing with my time. NetBooting from a copy of the installer DVD is a slightly better option, but that would require applying a handful of OS and security updates after the initial install in order to bring each computer up-to-date. NetBooting with a NetRestore set created with Mike Bombich‘s (otherwise) excellent software is not an option because it can’t upgrade a computer, only overwrite it.

Because I have chosen not to use Radmind in my environment, it seemed my options for creating a more or less automated upgrade to take Macs running 10.4.x directly to the latest version of Leopard were severely limited. After much despair, head scratching, and a little behind-the-scenes investigation, I discovered that Leopard’s System Image Utility could be wrangled to accomplish my goal.

Continue reading