Creating a new basic Macbook image

With our new student Macbook image, I am starting with our most up to date Macbook. Here is the list of what I have done to prepare our new image. This post will change as I edit the initial image.

1. Installed Leopard with a clean install. I installed all the fonts and printers as well. While this creates a larger image (9.5GB vs. 5.9GB), it makes for less hassle. Even though we use FileWave, I don't want to deal with font or printer headaches like I started with last year.
2. Changed the Software Update services to our local update server using the directions found here and then turned off Software Update in System Preferences.
3. In System Preferences, set Date & Time to set automatically. I just use the default time.apple.com, but you can use your master LDAP server if you wish. Never had a problem with time.apple.com.
   
4. Set the service order in the Network settings so that Airport has the top priority. Since these machines will be used via wireless 99.999% of the time, it will provide the fastest uptime when booting.
5. Installed iWork '08 and iLife '08. We use FileWave to maintain our software packages, but we have a site license for both packages and want to have those programs immediately available after a machine is reimaged. Also installed iMovie HD 6 which can be found here.
1. As an aside, I changed the Pages template titled "Blank." Too many people were typing in the header instead of the body of the document and then becoming confused when their text repeated on page two. So go into Pages, take the Blank template and in the Document Inspector uncheck Header and Footer (I also set the margins all around to one inch). Save this new document as a template with a name indicating this is not the original template.
2. Find the Pages.app file and CTRL click on it. Select "Show Package Contents." Under "Resources" is the Template folder, with another folder under it called "Blank." Rename that folder to "Blank.original." Create a new folder under Template and call it "Blank." Now copy your edited template into that folder and rename it "Blank.template."
3. Propegate the template folder permissions. The owner should be "system" and read/write settings should be 775 (rw-rw-r--). If the owner is stuck on your local username, it should still work.
4. TEST!
6. Install all Apple updates.
7. Turn on Apple Remote Desktop and SSH in System Preferences under Sharing. SSH is necessary should I have to remotely reinstall FileWave. In Leopard, ARD is Remote Management (and you can set what the remote user can do under Computer Settings) and SSH is Remote Login.
8. Turned off Bluetooth however, will not disable this time around.
9. In the Directory Utility (Application > Utilities > Directory Utility) set your client authentication servers and turn on or off any services you might be running (i.e. Active Directory).
10. Install TechTool Deluxe from Apple Protection Plan CD.
11. Install Adobe Shockwave, Reader, Flash and Air. Turn off any automatic update checks. I also ran setup with Adobe Reader and turned off the check updates button and made sure that the initial splash screen did not show up anymore. I then copied the user preference setting (User Home > Library > Preferences > com.adobe.acrobat.80.sh.plist) into the system library (Macintosh HD > Library > Preferences).
12. Go into Safari and change the proxy settings to our content filter's public domain name so the students have to authenticate on the inside and outside of the network. I know this is managed via WorkGroup Manager, but I also want to make sure this is hardwired into the machine for all accounts. Once those changes are made, copy the preference file from the current user account (User Home > Library > Preferences > com.apple.Safari.plist) to the system library (Macintosh HD > Library > Preferences).
13. Enable the root user. You can find instructions to do that in Leopard here.
14. For students, I disable Dashboard because it became a nuisance and students were placing way too many widgets on their boards thus bogging down their system. Instructions to do this may be found here.
15. Set the Quicktime Preferences in System Preferences. Specifically, set the streaming speed to 56K. Then copy the Quicktime Preference (User Home > Library > Preferences > QuickTime Preferences) from your account to the system library (Macintosh HD > Library > Preferences).
16. Install Flip4Mac. It is a Quicktime component that plays Windows Media files. Once installed, go into System Preferences and adjust the Flip4Mac preferences. Specifically, the in the Player tab, check all boxes and click "Reclaim." Also, click the "Update" tab and set it to NEVER. Close System Preferences and copy your preference files (User Home > Library > Preferences > net.telestream.wmv.plist)(User Home > Library > Preferences > net.telestream.wmv.import.plist) into the system library (Macintosh HD > Library > Preferences).
17. Set the DVD Region Code to 1. You will need a region protected DVD to confirm this is done. It looks like our images defaulted to this, but in the past this has not been the case.
18. You can edit the Safari menu with the Interface Builder found in XCode 3 tools. XCode 3 is an apple developer tool and you have to be a member to download this free tool. Signing up was free for me to do this, and I think you can actually find this software on your Leopard installation DVD. The file is a little heafty however (1.1GB) so download will take some time. This link will get you started on where to look and make changes to the menu. I want to remove the option to private browser and the interface to clear the users history. I have yet to find how to delete the clear history option in the menu as it does not show up when editing the "MainMenu.nib" file. When done with the XCode tools, it is probably best to remove it from your image.
19. Install Firefox (I installed ver 3 RC 1).
1. When using Mac, you cannot set the proxy settings across the machine and lock it down like you can via Workgroup Manager for Safari. Using the instructions found here, I translated the instructions to Mac from Windows.
2. The instructions are basically the same except to access the greprefs directory, you need to CTRL click on the Firefox application itself and select "Show Package Contents." Under the "Contents" folder is a folder called "MacOS." In here you will find the Firefox binary file (which is equivalent to the Firefox.exe file found in the Windows walk-through).
3. In following the instructions I found the Automatic Mozilla Configurator here. I did create a .txt file, but had to create the .cfg file and then import the .cfg back to reedit and clear out the extra characters that were created by my TextEditor.app. Here is my config file I made. It locked in the proxies and also does not allow the user to clear their browser history.

   //
   lockPref("network.proxy.ftp", "independence.d128.k12.il.us"); lockPref("network.proxy.ftp_port", 8080);
   lockPref("network.proxy.gopher", "independence.d128.k12.il.us"); lockPref("network.proxy.gopher_port", 8080);
   lockPref("network.proxy.http", "independence.d128.k12.il.us"); lockPref("network.proxy.http_port", 8080);
   lockPref("network.proxy.ssl", "independence.d128.k12.il.us"); lockPref("network.proxy.ssl_port", 8080);
   lockPref("network.proxy.socks", "independence.d128.k12.il.us"); lockPref("network.proxy.socks_port", 8080); lockPref("privacy.sanitize.sanitizeOnShutdown", false); lockPref("privacy.item.cache",false); lockPref("privacy.item.downloads",false); lockPref("privacy.item.formdata",false); lockPref("privacy.item.history",false); lockPref("privacy.item.sessions",false); lockPref("privacy.item.cookies",false); lockPref("privacy.item.offlineApps",false); lockPref("browser.history_expire_days_min",300); lockPref("browser.history_expire_days.mirror",180);
   lockPref("browser.history_expire_days",180);
   lockPref("app.update.enabled",false);
   lockPref("app.update.auto",false);
   lockPref("network.proxy.type",1);
   lockPref("network.proxy.no_proxies_on","localhost, 127.0.0.1");

20. Install FileWave 3.5 client software.
21. Upload the FileWave booster selection script. This will ensure that should the user take their machine to another building, they pull any updates from their local booster and not drag across the network. I worked with FileWave to develop the bootscript and why it is not a staple in a mobile environment and standard in the FileWave program makes no sense. To set the script to run during boot, see this page on how to set a login hook in macosx.
22. Clear the FileWave settings so the machine name is blank. Instructions can be found here. This has to be done before running disk repairs and such.

LAST STEP: From the Leopard install disk, run Disk Utilty and repair the disk and permissions.
BEFORE TESTING WITH USER ACCOUNTS: Make sure to create an image of this "clean" image. You don't want to taint your clean image with a user account that is not working perfectly. It is a bit more time consuming, but really makes a huge difference down the road.
TIP: When you create the master image, disable disk suspension/sleep mode, especially if pushing the image across a network.