Last updated 2011/08/29
Return to the Suffield Academy Network Documentation Homepage
A printable version of this document is also available.
We repair and set up hundreds of machines each year at Suffield Academy. To help us with this process, we have set up several pre-made system images that we use to reformat computers. Each image contains an operating system and common applications.
This document describes how to build a new image for computers running Mac OS X. It is intended for someone who has experience installing applications on Macs, and who has a general familiarity with the applications used at Suffield. No system administration experience is necessary.
Note: this document describes how to create images that will be installed on user machines (erasing and replacing whatever is there). We also use a special rescue image for booting machines and running diagnostics. If you need to know how to create a rescue image, please see our NetBoot documentation on rescue image creation.
When building an image, always start with a clean machine. If possible, restore the computer using the restore CDs (or DVD) that came with it. Otherwise, erase the hard drive and perform a full install of the operating system from installation media.
Use the newest model of computer available when you build your image. Try to find one with as many "extra" features in it (such as DVD burners, large screens, etc). Images built on the best machines tend to work well on all other machines. Images built on "average" machines, however, do not tend to work well on better machines.
We're assuming that you're starting with a machine that has a fresh install of the OS on it. The Apple Registration program should launch on start, and ask you the basic configuration questions.
Register the computer to Suffield Academy, and provide the school's
address and phone number for the registration form.
When asked to create a user account, use Suffield Academy
as the name, and suffieldacademy as the short name. Use
the proper master password for shared machines. If you do not know
which password to use, consult the Network Administrator.
Continue through the rest of the setup program, setting up the network, date and time, and other settings.
When you're done with the registration program, the computer should boot to a default desktop, and be ready to use.
Suffield uses a custom background picture so we can tell which computers have been restored with our system image. These images reside on our file server. To get them, connect to the fileserver and mount the Installers partition. Then, open the Fun, Screen Backgrounds, and Suffield folders, which will get you to the pictures we need.
The folder contains a series of background images for use
on the machines. Choose the one for the type of machine you're
setting up. In general, Laptop Aqua Blue.jpg is the one we use.
Copy it to your desktop.
This copies the default background. Open Terminal and type the following commands (when prompted, enter your administrative password):
cd /System/Library/CoreServices/ sudo cp -p DefaultDesktop.jpg DefaultDesktop_original.jpg sudo cp ~/Desktop/Laptop\ Aqua\ Blue.jpg DefaultDesktop.jpg
When you're done, you may quit Terminal.app and remove the images
from your desktop.
Run Software Updates on the computer until there are no updates left to run. This may require multiple installations and reboots.
Connect to the Installers and move into the Suffield Installers folder. Double-click the Suffield Academy Network Certificates file. Enter your administrator password if prompted.
Suffield has licenses for several commonly-used applications. You must install these applications before building the image so that they are immediately available when a computer is re-imaged.
The applications in this section should be installed on all computers at Suffield Academy. We have unlimited licenses for them, and they are used by nearly everyone on campus.
Install the FirstClass 10 client from the file server (you can find it in the Suffield Installers folder).
Once installed, FirstClass automatically launches. Quit the program immediately.
Copy the "home.fc" file from the server into the root library
folder (/Library/firstclass/settings/). This ensures that the
settings are passed along when a user logs in for the fist time.
Add the FirstClass client to the dock.
Run the Sophos Anti-Virus Installer off of the file server (you can find it in the Suffield Installers folder).
After installation, run the automatic update to ensure that the client has the most recent version available.
Run the Microsoft Office installer from the file server (you can find
it in the Suffield Installers folder). When prompted to register
the program, use Suffield Academy as the name, and leave all
other fields blank. Click Install to complete the installation.
After installation, start Microsoft Word. Personalize the copy to Suffield Academy. If you are presented with any updates, install them.
Install from the server, and choose "Never Register" (you may need to say "later" and re-launch several times before the option of "never" appears).
Install from the server if iLife was not included as part of the default OS install.
Run the Adobe installer from the file server (you can find it in the Suffield Installers folder).
Our custom-built installer should pre-serialize the applications.
Run "Check for Updates" from the Help menu of one of the applications, and install any pending updates.
Install from the Network folder on the server. Register with the name "Suffield Academy" and the serial number in the name of the disk image.
Download the latest off the web and install.
On the file server, in the Multimedia folder, find and open the folder called Video.
Install VLC.
Install Perian by double-clicking the Perian prefPane. Choose Install for all users of this computer. When the preference pane loads, uncheck Automatically Update.
On the file server, in the Multimedia folder, find and open the
folder called Fonts. Copy the contents of this folder
into the /Library/Fonts/ folder on the computer's hard drive.
On the Installers section of the file server, open the Suffield Installers folder. Open and install the Suffield Printer Drivers disk image.
Download and install the Canon CanoScan drivers (5600 and LIDE) for our scanners (see the Scanners folder on the server).
After installing software, run Software Update again to confirm that there aren't any additional Apple Software Updates available.
Before building an image out of this computer, we need to make sure and "tidy up" any other aspects of the system.
Make sure the dock has all of our standard applications on it. You may wish to remove unused applications (such as Mail and Address Book) to create more space.
Look at the root level of the hard drive and delete any temporarly log files left over from the installation of software.
Open Safari and choose Reset Safari... from the Safari menu. Check all the boxes and reset, then quit.
Netboot the master machine.
Start DeployStudio.
Choose the "Create master from hard drive" option.
If you've changed the image that is used automatically by our Workstation and Loaner workflows, edit those workflows to reference the new image.
We use DeployStudio to restore our images onto client computers. DS has many powerful features, including an easy workflow tool that allows you to create different client configurations from the same basic parts.
We set up several workflows, but they all follow the same basic recipe:
sa_ds_master script with bootstrap as its
parameter, to initialize any custom variables for the rest of the
workflow.
/tmp/sa_ds_master, which is the serialized version of the
script set up in step 1, with an argument of postinstall. This
should be set for postponed execution so it runs on the client
machine. See below for details on this script.
/tmp/sa_ds_master, with an argument of reboot. The
script looks at the workflow name and automatically reboots after
install if the workflow contains the keyword "Auto".
The sa_ds_master script contains all the post-restore steps to set
the machine up for different client types. We have different builds
(loaners, workstations, unregistered), but they only differ in their
settings, not in the software installed on them. The script does the
work of removing admin accounts, changing passwords, disabling
autologin, etc. so the machine is in the correct state.
You can find a copy of the script here: sa_ds_master
DeployStudio is the program we use to create master images, and to pave them back out on the machines.
The DeployStudio Wiki is also helpful for finding tips and sample scripts.