Get in Touch
Back to main blog page
blog img

Is macOS imaging finally dead?

15th January 2018 | posted by David Acland | Tags: ,

It’s hard to get away from the fact that Apple are pushing people away from traditional macOS imaging.  A lot of deployment workflows rely on creating an image file and cloning it to a target computers hard drive.  The image file can contain an operating system, applications and settings, in a consistent, deployable file.

 

macOS imaging file

 

So whats changed with macOS imaging?

The iMac Pro, by default, does not allow booting to external devices, preventing traditional macOS imaging.

In addition to directly attached boot disks, Apple have noted on thier website “iMac Pro computers don’t support starting up from network volumes.” (https://support.apple.com/en-gb/HT202770).

In early testing, it seems NetBooting is failing, even with secure boot switched off: https://twitter.com/tperfitt/status/946943556190658560

macOS imaging involves replacing the operating system on the Macs hard drive, which requires you to boot from another boot disk.  So with no option to boot to an external drive or network volume, imaging is off the table.

 

Will this affect other models of Mac?

Apple haven’t released information regarding Secure Boot and other models of Macs.  Based on the direction they appear to be taking, we would expect this new feature to be rolled out to other models throughout 2018.

 

Can we just switch it off?

Apple have provided a utility that can be accessed from Startup Security Utility (https://support.apple.com/en-gb/HT208330) that can be used to allow booting to external disks.

The downside is that you have to boot to the recovery partition, launching it from the Utilities menu.  Much like SIP (https://support.apple.com/en-gb/HT204899), although it can be switched off, the process is such a faff.  It will be easier to adopt new deployment workflows rather than fight against it.

 

What other workflows are available?

We’ve tested quite a few alternatives, but the ones that we found most “Apple friendly” are:

  • Upgrade to the latest macOS: Starting up holding down Option-Command-R will allow you to install the latest available macOS (if you already have 10.12.4 or later installed).
  • Erase and install the same macOS: Startup holding down Command (⌘)-R, use Disk Utility to erase the disk, and then re-install the same macOS version.

Using DEp with both of these options will help (https://www.apple.com/business/dep/).  Using DEP means that the newly installed Mac will automatically enroll into your MDM server.  Ddepending on it’s capabilities, the MDM server can deploy apps and custom settings.

Other Articles

MacADUK 2019
18th March 2019

Update: Here’s a copy of the slides from my talk on the 26th March: Slide deck…

Security Vulnerability with FaceTime
29th January 2019

9to5mac revealed yesterday (https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/) that FaceTime running on iOS has a major security vulnerability.  Using…

blog image
Summary of the Apple T2 chip
2nd November 2018

This is a summary of the Apple T2 chip shipping in lots of the new…

blog image
Are they holding my passwords securely?
10th July 2018

You will probably have seen in the news recently that a number of well known…

I’m Spartacus
13th June 2018

Apple CodeSigning vulnerability A new vulnerability has been announced in the tech news this week…

About moof IT

moof IT are an Apple focused IT services company providing a full range of services including user support, device management and deployment, infrastructure and cloud solutions.

Contact Info

Tel: 0203 983 4444

Email: hello@moof-it.co.uk

London: 1st Floor 20 Noel Street London W1F 8GW

Manchester: The Sharp Project, Thorp Rd, Manchester M40 5BJ

Surrey: Unit 9B, Southbridge House, Southbridge Place, Croydon CR0 4HA

Social Media