@Sebastian-Roth said in Boot pxe from partition instead of USB:

https://wiki.fogproject.org/wiki/index.php?title=FOG_on_a_MAC#Using_bless

I understand the bless comand but will this not change the boot partition permanently? I dont have a problem to boot from the right partion.

Hi,

no I have the time to deal with this problem again.

Again further details how I have done it:

made a fat 32 partition in my intel iMac copied all the files from my working USB-Boot-Stick to the partition Started the mac by holding the option key No I could choice the boot partition (my new Fat 32 boot partition with all files from the working usb-boot-stick) got the eror:
app.efi: LocateProtocoll(AppleLogging) succeeded
error: no such partition

could it be that there have to be done other work that the fat32 boot partition will find the exact file to boot.
I have made the USB-boot sticks with Rufus. I dont kow if there were made changes by rufus.

thank you very much.
Mathew

@Sebastian-Roth Yes. Thanks

@pjv While the fog-client has an implementation for AD join and rename (see code) I am not sure this is working. The C# code actually calls a bash script (osxbind.sh) which I have no idea about.

@sebastian-roth thanks, let me do my research and try out. thanks for your advices.

@thedark5776 said in Realizando imagen de MAC:

So in order for the Mac to connect to the FOG server, does Fog have to handle DCHP itself?

No. You can try to make your existing DHCP server to properly answer the Mac bootp protocol or use other methods like “bless” (see mentioned wiki article) or USB boot (George’s answer). I don’t have a Mac myself for testing so this is all just from information gathered over the years.

@george1421 Cool. Is the T2 Kernel known to address this specific issue?

@sebastian-roth That is on the list of things to do next.

@george1421 Awesome - this worked. It booted from the stick fine and I was able to perform a quick registration. I started to capture the drive and it worked up until it came to the APFS portion. I ran into the apfsclone.c: bitmap error, like with the hackintosh.

@george1421
I saw that the boot stick has a masterboot record and the drive in the imac is GPT.
Could you imagine that this is the Problem why the FOS linux didnt boot?

@Matthew-Wyneken I have never tried the fog-client on Mac OS X myself I have to say. It’s been other developers working on this part. Though I am wondering if the instructions given in the wiki are not up to date anymore and if we should update documentation?

Would you be so kind and let us know what steps you took and what is missing in the documentation?

@joe-gill

https://isimagingdead.com

The real answer for Mac is DEP & MDM. There are free MDMs like https://manager.mosyle.com this is missing a few key features that could be rounded out with open source tools like https://github.com/munki/munki

The key to all of this is that you have an Apple Business manager or Apple School Manager account and the devices enrolled there so they get enrollment packages at first startup.

If you have more questions reddit.com/r/macsysadmin is an OK resource, as well as https://www.macadmins.org slack channel. Then there is always JAMF Nation which is another apple MDM but the forum has broad apple questions and answers that apply not only to JAMF

@Smoblikat Well that sounds not too bad. Got an address from the DHCP?! Wow! Did you see that communication in Wireshark?

With FOG you’d run: chain tftp://x.x.x.x/default.ipxe (put in the FOG server IP instead of x.x.x.x…)

@smoooo I replied to your pm with the script I use to expand OSX partitions.

Also, the prohibitory symbol (crossed out circle) could also mean an incompatible OS for the hardware, I do a little bit with snow leopard to make it work on unsupported hardware, and it usually involves a kernel swap at a minimum to get old OS’s booting on new hardware.

Not sure if youre still having issues with corestorage or not, but “diskutil cs list” will show you your corestorage groups, which would typically need to be deleted before cloning or modifying partitions (you would get the prohibitory symbol from this too).

Also, just as a random tidbit, you can install OSX on an HFS+ disk all the way up to 10.13 (never tested 10.14+, might still work) if you run the installer from the commandline and use the

–converttoapfs NO

switch for the installer. This might give you a LITTLE bit more flexibility as far as being able to read partitions/volumes from linux utilities (APFS support is much harder to come by).

@Smoblikat If you have 2017 (guess) or newer Apple started including the T2 chip, which is the security controller for the apple devices. All communications go through this T2 chip. You need a special FOS Linux kernel to get these systems to image correctly.

I would say lets create a new thread and we can discuss in detail there.

@george1421 thanks for your reply, i will retest as per your instructions

@george1421 It looks like the apple T2 chips encrypt the drives at rest, but only 2 or 3 of the 5 partitions for the apfs volume. not sure if anyone knew of a way to bypass this from happening. I am able to boot the mac after transferring but looks like it loses all user information and can not login.

@saftkartoffel @kudlab While I can’t test USB booting here in my VM setup quickly I would ask you guys to try out using the last menu point from your USB key GRUB menu 8. FOG iPXE Jumpstart EFI after you’ve scheduled a multicast task.

I don’t think this is a FOG problem. FOG is moving the files from the source computer to the target computer and the target computer boots OK. The problem you see is inside OSX itself. FOG doesn’t step inside the target OS. The only way it can do this is with the FOG Client and that is only to change the workstation name or deploy applications.

Understand the next thing I say is a guess because I don’t know. Its possible that Microsoft has connected user management or maybe password management to the T2 chip. Its possible with a different T2 chip it also protects/encrypts the password file. It may also be possible that changing the computer name does something unexpected with the user accounts. I don’t use Apple computers so I don’t have any experience with them.

From a debugging standpoint, we know that FOS Linux can access the hard drive of the Apple computer (because it can send a computer image). You may be able to use debug mode to access files on the target computer. I don’t know what you can do to reset the password externally but if you need to do things on a file level you can do this with FOS Linux. If you find a solution in debug mode then possibly you can write a FOG Post Install Script to apply those same settings during image deployment.