Results 1 to 19 of 19

Thread: Question regarding a lab (OSX 10.4.?)

  1. #1
    Join Date
    Feb 2007
    Posts
    18

    Default Question regarding a lab (OSX 10.4.?)

    I am helping our school setup and maintain a mobile lab. First a bit of background.. we made an image of what we want and restored to all via LAN. The laptops boot to a USER1 mode, and the admin is only accessible via password. The USER1 account is limited. The problem now is the laptops continually lose there usefulness - kids remove progs from the menubar (the thing at the bottom of the screen). Also alter the appearance, etc.etc.

    So.. was thinking.... duplicate the USER1 files into a single self-extracting file that executes upon every X reboot, then overwrites the existing corrupted files? Is this doable? Is there a "startup" folder that it could be placed, and some script that acts as a timer?

    Thanks in advance.
    Rick

  2. #2
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    Hi Rick,

    Oh, where to start. We could write an entire book, and it would still leave some things to question. Working on a side project to document some of this, but it won't be out til who knows when. There are all sorts of commercial tools and open source solutions, each with some pros and cons. Alot of ground to cover.

    So, in the mean time: the easiest, fastest method I know of to learn and get rolling......

    Work Group Manager is your friend. A free download, it runs on any Mac. Replaces what you normally control with the Accounts pref pane, and so much more. You might want to check out this video to see what you can do with WGM over the network. Alot to digest, but the kind of stuff you need for a lab.

    If you want to wade in to the shallow end of the pool, you can also run WGM locally on each machine, which is much easier to get your brain around. WGM used locally adds control for locking the dock, locking out applications and preference panes......it will get you about 95% of the way to a kid proof Mac.

    And by the way: yes, your idea is sound. I think it would take quite a bit of scripting to get right. But wait, it already exists. And there are other tools that have similar features too, including the open source tool RadMind, plus others. The best tools out there handle both imaging and managing, as opposed to using different systems for each.

    How diid you push out your local images? Netboot/NetInstall? NetRestore? Something else?
    Last edited by unclemac; 02-22-2007 at 08:09 PM.
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  3. #3
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by unclemac
    Hi Rick,

    How diid you push out your local images? Netboot/NetInstall? NetRestore? Something else?
    Thanks again for all the great advise unclemac, it is very much appreciated. I am not certain, but I select the boot drive from the prefs, then it seeks over the LAN for a boot image, then a drop down menu lets you select an image, then away it goes.

    I'll try the WGM and others. I'll update you on progress.. thx again.
    Rick

  4. #4
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    Cool. Sounds like somebody setup Netboot and NetInstall on a box running OS X Server. I take it that you did not do it?

    That's a great start. So, with Server in place, you set up Open Directory and have folks log in to the server (and push out there desktops), or you can create an updated image (and load on the Server to distribute) that uses WGM to lock the little buggers out of stuff.
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  5. #5
    Join Date
    Feb 2007
    Posts
    18

    Default Question - making a image of a laptop

    Unclemac - do you know of a way to connect a laptop (OSX) to another Imac and make an image of the laptop? I have a crossover cable I can use, but not sure how. Thanks for the help, again! If ever if Phoenix, I owe you a beer!

  6. #6
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    Sure thing, but not with ethernet. First off, whoever made the image that you are netbooting or netinstalling to should have all this down. They made that image you are using, and if you need another to upload to netboot/netinstall, you should go that route.

    To do it yourself, the easiest way with modern Macs is to use Target Disk Mode via FireWire.

    To do this, you need:

    1. Mac #1 with OS you want to make image from (your laptop).
    2. Mac #2 to run cloning/imaging software from (your desktop).
    3. A FireWire cable to connect the two.
    4. Software to make the image with.
    5. Plenty of space (easiest with an empty partition or an attached FW drive) to create and store the image on.


    Some variables to work through depending on how you want to image and deploy. From what we have kicked around so far, I would recommend you go with the wonderful tool NetRestore by Mike Bombich. It's free, easy to learn and use, and he keeps it updated. There are other tools out there, but most are harder to learn open source, or pricey commercial offerings. NetRestore (actually it's included helper app) can make disk images via TDM, and then restore them the same way very easily, or you can use the same images with netinstall, which you already have running, so a good fit all around.

    Check it out and see what you think.

    .....As for the beer, the tab is already running in my head.
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  7. #7
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by unclemac
    To do this, you need:

    1. Mac #1 with OS you want to make image from (your laptop).
    2. Mac #2 to run cloning/imaging software from (your desktop).
    3. A FireWire cable to connect the two.
    4. Software to make the image with.
    5. Plenty of space (easiest with an empty partition or an attached FW drive) to create and store the image on.
    Ok... I got #1,2,just ordered a 6 pin cable, and I dl the software and played with it for a sec. But re: #5....
    Can't I just put the image on the same partition as the drive that has the netrestore? Or can I stick the netrestore on a flashdrive, run netrestore off the flash, then save to main harddrive? Also, last question, then I owe you at least a 6'er - lol
    When I start Netrestore, will it automatically detect any drive (thats started up) thats connected via firewire?

  8. #8
    Join Date
    Feb 2007
    Posts
    18

    Rolleyes

    Quote Originally Posted by RickB
    Ok... I got #1,2,just ordered a 6 pin cable, and I dl the software and played with it for a sec. But re: #5....
    Can't I just put the image on the same partition as the drive that has the netrestore? Or can I stick the netrestore on a flashdrive, run netrestore off the flash, then save to main harddrive? Also, last question, then I owe you at least a 6'er - lol
    When I start Netrestore, will it automatically detect any drive (thats started up) thats connected via firewire?
    Err, nevermind... just found the link on TGM. I got it now..

  9. #9
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    Howdy,

    Yeah, you can put the image pretty much anywhere. Just keep in mind that it needs lots of room. Say the target machine that you want to make am image of is 5 - 10 Gigs fully configured with all apps installed....everything. To make the image, you need working space for the OS, you need the size of the image being made, plus you need room to store the compressed image, which might end up be 1/2 to 3/4 the size of the original OS that you are cloning.

    So to be safe, if your target machine is 10 Gigs, you would want at least 25 Gigs free, and more is better. Plus you need a spot to keep images after you make them, keeping in mind that they could be as much as 5+ Gigs each. Stacks up fast.

    Yes, NetRestore (and all other cloning/imaging/backup software I have tried) sees firewire drives.
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  10. #10
    Join Date
    Feb 2007
    Posts
    18

    Default Continued.....

    Quote Originally Posted by unclemac
    Howdy,
    So to be safe, if your target machine is 10 Gigs, you would want at least 25 Gigs free, and more is better. Plus you need a spot to keep images after you make them, keeping in mind that they could be as much as 5+ Gigs each. Stacks up fast.
    oK, I made my first image, I saved it as compressed... do you think restoring would be faster if it was uncompressed? It is about 7 gig compressed, the harddrive I imaged it from was around 11 gig. thanks again

  11. #11
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    You would think, but the opposite it usually true.

    Most good image/restore tools can do what is called a block level copy of a compressed image, which is many times faster than a file level copy (which is what you get from a decompressed image).

    Give it a go with NetRestore, and just point it at your compressed (did you do a .dmg?), and let it rip.

    On the latest MacBooks, we can push a block level copy of the entire OS (about 6 Gigs) over ethernet in about 12 minutes. Fun stuff!
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  12. #12
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by unclemac
    You would think, but the opposite it usually true.

    Most good image/restore tools can do what is called a block level copy of a compressed image, which is many times faster than a file level copy (which is what you get from a decompressed image).

    Give it a go with NetRestore, and just point it at your compressed (did you do a .dmg?), and let it rip.

    On the latest MacBooks, we can push a block level copy of the entire OS (about 6 Gigs) over ethernet in about 12 minutes. Fun stuff!
    I got her going today, sweetness! In TDM via firewire, moved the 6.2 gig image (approx 11.5 g data) in 20 mins. Took me all of 1-2 mins per machine, lol. Our school owes you a big thanks, and about a case by now! Have a great weekend.

  13. #13
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default Success!!

    Good work! Have you messed with securing the machines much? Managed accounts for the students, stuff like that?

    If you have your Netboot/Netinstall server up and running, you can do it next time without going from machine to machine with your FW drive. Something to look forward to.

    .....watch out, pretty soon folks will be asking you to fix their Macs, and one day you might find yourself helping strangers in a some tech forum.

    Let's just keep the tab open for a while, OK?
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  14. #14
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by unclemac
    Good work! Have you messed with securing the machines much? Managed accounts for the students, stuff like that?

    If you have your Netboot/Netinstall server up and running, you can do it next time without going from machine to machine with your FW drive. Something to look forward to.
    Thx, yup, enabled the PARENTAL CONTROLS for the student account. Limited their ability to trash the menubar, and cant look up cuss words in dictionary... still trying to find out how to stop them from deleting files.

    The IT guys have the LAN ethernet netboot thing going, said they'll drop in my image into the system. But the last one took 45 mins, so thinking it'll be easier just doing it directly hooked up to my mac. We just got some newer DVD model emac I think... flat panel. Larger HD, like 120 gig? Dual core chip, so netrestoring and TDM at 20 mins is better than 45 mins using their LAN.

    Also trying to figure out a script. One that does all the maintenance, like in terminal: "sudo periodic daily weekly monthly" & "sudo update_prebinding -root / -force" and maybe a Repairing Disk Permissions (dont know the terminal command). Then could just click on the script, let her run, voila.

  15. #15
    Join Date
    Feb 2001
    Location
    on the landline, Mr. Smith
    Posts
    7,784

    Default

    Quote Originally Posted by RickB View Post
    still trying to find out how to stop them from deleting files.
    Which files? Like OS stuff, or user stuff that you or another student or teacher created?

    Nothin' wrong with FW and TDM, so you can always stick with that route. Just remember that you could spend some time and setup NetBoot and NetRestore, and hold down the N key and go. Do them all at once. Might take 4 hours.....but what do you care, you'll be down at the pub buying rounds at happy hour while it happens.

    Writing scripts can be fun....or sometimes not.......but how about a shareware tool that can do all you need and more, and already has scheduled maintenance included?

    Check out Cocktail.
    "Imagine if every Thursday your shoes exploded if you tied them the usual way. This happens to us all the time with computers, and nobody thinks of complaining." -- Jef Raskin

  16. #16
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by unclemac View Post
    Which files? Like OS stuff, or user stuff that you or another student or teacher created?

    Check out Cocktail.
    Yes the kids delete both user and program files. We have a folder on the desktop where they are supposed to store work. But the entire folder can be deleted by anyone. So a secure way for kids to save work is needed.

    I'll check out the Cocktail program. Have a good one.
    Rick

  17. #17
    Join Date
    Jan 2001
    Location
    Mobius Strip
    Posts
    13,045

    Lightbulb

    How do the kids get administrative access to /Applications where they can delete it?

    Why not a home directory which would own the desktop area.

    Set it up as an OS X multi-user system.

    I would look at a book, not sure Cocktail does anything (use to own it but years since used it) for just cleaning up stuff.

  18. #18
    Join Date
    Feb 2007
    Posts
    18

    Default

    Quote Originally Posted by TZ View Post
    How do the kids get administrative access to /Applications where they can delete it?

    Why not a home directory which would own the desktop area.

    Set it up as an OS X multi-user system.

    I would look at a book, not sure Cocktail does anything (use to own it but years since used it) for just cleaning up stuff.
    I am starting to think the kids could delete progs because of a lack of regular maintenance. I ran the script below.... then they couldn't delte things - check it out, will put this into Automator:
    with timeout of 1000000 seconds
    activate me
    display dialog "Sorry for the delay...must do some maintenance... no worries..takes about 5 mins... thx for being patient. IT dept" --so you'll know the script is through running
    try
    do shell script
    "sudo diskutil repairPermissions /
    periodic daily weekly monthly
    update_prebinding -root / -force" user name "admin" password "ADMINPASSWORDHERE" with administrator privileges

    on error errormsg
    display dialog errormsg --in case anything goes wrong
    end try
    end timeout

    activate me
    display dialog "Finished!" --so you'll know the script is through running
    end run

  19. #19
    Join Date
    Jan 2001
    Location
    Mobius Strip
    Posts
    13,045

    Lightbulb

    If permissions were wrong for /Applications and ownership issues, I can see repairing -- once.

    By having the system on one drive or partition, and /Users on another drive, you have more control, makes the system easy to backup and restore, and all the personal accounts under /Users aren't going to do something that would cripple the system.

    They should not be given accounts where they can do anything but Read-Only on the system and /applications.

    Cocktail has always had a bug or two. Take a look at Tiger Cache Cleaner.

    And seems like it is now time to backup and upgrade to 10.4.9 which feels and acts smoother, windows and launching are faster, and a lot of bug fixes (they spent over 5 months on this one).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •