Get in Touch
Back to main blog page

If you’re using DeployStudio to manage your Macs in education… it’s time to move on!

27th April 2018 | posted by Henry Capper

What is DeployStudio?

DeployStudio is a robust tool used to deploy Macs which has had particular success in education as although it is not as agile as some other tools, it allows for easy replication of a core Apple image build and easy naming conventions.

DeployStudio relies on booting the target Mac up from a network shared disk via the NetBoot utility and deploying an image file (.dmg file) containing the new OS.

The main benefit of this system is that you can add settings and installers to the OS image file or deployment workflow. By NetBooting and deploying a “workflow”, the target Mac gets an OS, named sequentially and can be joined to AD and have any other apps and settings deployed as required.

In addition, this workflow is automated, meaning that the Mac is ready for use with minimal technical input.

What are the problems with using DeployStudio?

Although the above process sounds simple and efficient, in reality, there are a number of drawbacks of using DeployStudio.

  1. NetBooting onto a macOS 10.13 NetBoot image performs very poorly

    NetBoot used to take circa 5 minutes to boot on a Mac running macOS 10.11. With the introduction of 10.12 this slowed considerably to circa 10 minutes. On 10.13, the NetBoot process has slowed further and it is not uncommon for the process to take up to 15 minutes, which in many cases causes the boot process times out.

  2. Image deployment will not be possible on macOS 10.14 onwards

    The second and more major issue is Apple’s introduction of ‘secure boot’. The ‘secure boot’ feature has been introduced with the release of the iMac Pro. On these machines, you cannot boot from a network drive or deploy an OS image to the hard drive. The only way to get an OS on the Mac is by using Apple’s official installer.

  3. All changes to the core image had to be made to the “gold build” and then all the devices re-deployed or changes had to be made to each device individually.
  4. Critical security & patch updates also had to follow the above process greatly reducing security & stability
  5. DeployStudio itself doesn’t provide inventory information.

This ‘secure boot’ feature is expected to be rolled out to all Mac devices as part of the release of macOS 10.14. The impact of this is that the methods DeployStudio utilises to deploy a Mac will cease to function.Essentially, Apple have inhibited the ability to include any additional applications or settings in an OS build using this imaging method.

With secure boot, the only automated way to deploy settings & applications will be via Apple’s Device Enrolment Programme (DEP) in conjunction with a suitable MDM.

There is a way to avoid DEP using a traditional installer package, but this will require a ‘User approved MDM’ (UAMDM) whereby users must manually authorise any enrolment in an MDM solution. In addition to this, any third-party kernel extensions (generally drivers for external devices), will only load if the user approves them in System Preferences. This is at best impractical at worst impossible in an educational environment.

Further details on this can be found in this Moof IT blog

What would Moof IT propose?

To be able to deliver a centralised deployment & management solution, Moof IT would propose configuring & deploying Jamf Pro to manage Macs

Jamf pro has a wide number of benefits that include:

  • It is capable of delivering Apple device deployment and management that overcomes all the challenges as laid out above
  • Application & OS patching
  • Central application deployment (for new applications)
  • Central policy/security management
  • Detailed inventory
  • One touch deployment of new devices

Why would Moof chose Jamf over other MDM’s?

There are a number of MDM solutions that can achieve basic Mac deployment & can work with DEP, but Jamf is especially strong around third party application deployments (Abode, Office etc), scripting (very important in educational environments) & day zero device compatibility.

Are there any other benefits?

Yes, many, including:

  • The ability to deploy and enforce an IT security policy
  • Ensure the Mac devices are GDPR compliant
  • Manage the device centrally
  • Deploy applications centrally
  • Pull detailed inventories
  • Simplify deployment
  • Manage both macOS & iOS devices
  • Scale this solution to cope with any number of Apple devices

If you are interested in finding out more, please contact Moof IT at or calling us on 0208 660 7750.

One thought on “If you’re using DeployStudio to manage your Macs in education… it’s time to move on!”

  1. Unfortunately, Jamf won’t manage devices not purchased through our school district’s Apple rep, so it’s kind of useless for our current inventory. My only remaining strategy is to let these Macs die and make sure we don’t waste more public money on future Apple purchases.

    BTW…we use JamF for iOS management, and it is one of the most bynantine interfaces I have ever worked with. That said, it’s still sooooo much better than Apple Configurator, which I’ve personally observed make grown librarians cry.

Leave a Reply

Your email address will not be published. Required fields are marked *

Other Articles

Why Moof IT Use Dropbox
1st July 2022

  What Dropbox is.  How Dropbox works.  Why moof IT choose to work with Dropbox. …

Should I Consider Using Apple Lockdown Mode On My Organisation’s Devices?
1st August 2022

  Lockdown Mode is a new security feature to be released in the Autumn updates…

blog image
Meraki, Apple Classroom and ‘Not-shared’ shared iPads
13th June 2018

Hi all, and welcome to yet-another, “I figured out something for a client and thought…

Catalina Install
Moof advice for upgrading to a new macOS
18th November 2019

There seems to be two lines of thought in the Mac IT community about macOS…

Running configuration data updates for Apple’s XProtect and MRT security tools
2nd February 2018

Hi all, and welcome to another “I wrote something handy and thought I should share”…

About moof IT

moof IT are an Apple focused IT company providing a full range of services to over 150 clients including user support, device management, infrastructure and security.

Contact Info

Tel: 0203 983 4444


London: 1st Floor 20 Noel Street London W1F 8GW

Social Media