Source: Aulin – Munki with SSL Part1
Network booting a computer is a fairly straightforward, yet complex task involving many different pieces of technology. As such, troubleshooting it can be challenging. In this article I lay out the steps of the Netboot process on Mac OS X clients and indicate what technologies are involved at each step, how they could fail, and how to solve the issue.
GBG! (God bless Greg!) Couldn’t figure out why a package wasn’t working. Much banging of head. Compared to template, duh, file in wrong place. Voila!
Here is a template payload-free package you can use to create custom payload-free packages for your own use. To use it, duplicate it, rename it, and edit the following files: payload-free.pkg/Contents/Info.plist – edit the CFBundleIdentifier, CFBundleShortVersion, and possibly the IFPkgFlagRestartAction. payload-free.pkg/Contents/Resources/en.lproj/Description.plist – edit the IFPkgDescriptionDescription and IFPkgDescriptionTitle. Repeat for other languages if desired. payload-free.pkg/Contents/Resource
The concept here is simple. Instead of a lengthy process of building an installation image from a great number of packages, you build a “thin” image that consists of the OS, perhaps an admin account, and the munki tools. You restore the image to the target machine, and upon reboot, the munki tools take over and complete the configuration of the machine by installing all the rest of the software your organization needs, including the majority of your configuration packages…
Integration with other tools – it can be tricky at times to get integration correct. For example, DeployStudio now does some post-imaging tasks on the first reboot after installing an image. If Munki was set to run on the first reboot as well, the DeployStudio scripts could reboot the machine in the middle of a Munki run. The solution in this case is to make the creation of the /Users/Shared/.com.googlecode.munki.checkandinstallatstartup file one of the tasks DeployStudio performs after the first reboot. When DeployStudio reboots the machine again, Munki will run on the second reboot….
Your company spends thousands (or more) every year on IT assets and software. Keeping track of who has them, their deployable state, which licenses have been given to which users, and what support contracts are expiring gets tricky, and it doesn’t get easier as your business continues to grow.
“Our company has never conducted any secret campaign to trick competitors into generating false positives to damage their market standing,” a Kaspersky rep told Reuters. “Such actions are unethical, dishonest and their legality is at least questionable.” However, the company’s actions back in 2010 would suggest that Kaspersky isn’t completely above such acts. In 2010, to protest what it saw as rival companies lifting its valuable virus databases wholesale from third party aggregators like Google’s VirusTotal, Kaspersky flagged 10 innocuous files as malicious. Within 10 days, more than a dozen rival security programs were quarantining those same files, sight unseen.
munki-enroll – Scripts to automatically enroll clients in Munki, allowing for very flexible manifest structures.