##osx-server

evening

evening

I am still trying to put together what the heck the Angels did to the Tigers last night

I fell asleep at 5-1

greetings, all

evening

i've been building a stack of really nice docker images this week. You'd be proud bruienne

everything is <100mb

zalmoxes: awesome

nice

yeah I've been busy reducing image sizes too

but I started bundling a small init system

this mdm-server image is like

s6-overlay

285

prior to removing installed build tools though

once I remove gcc etc

what mdm-server?

oh the imas project one

I dockerized it, but couldn't really say whether it actually works because obtaining the MDM CSR-signed cert is calls Apple Difficult

today I finally got the pieces put together

it works with my iPad, iPhone and a Yosemite test VM I enrolled

s/calls/typical

does anyone know of any 3rd-party Internet Recovery client?

I have a few macs in labs that don't have any outside internet connectivity...

Guest9007: Internet recovery is basically Netboot-by-WAN

so you could just setup an internal Netboot server

and achieve the same

bruienne: a NB server isn't very useful without them system images

Guest9007: right, you have to make one or more

using SIU

i'm sorry i wasn't more specific earlier - is there a way to obtain InstallESDs of the various machine-specific builds?

comes with Server, alongside the NetInstall service

Guest9007: you don't need to, generally speaking

unless you have a mid-2015 MBP they all boot the MAS InstallESD

currently at 14D136

I tried to fake a machine (bord id and serial) using vmware, but Apple server is smart enough to tell

14D2134 is the only forked build known

so at most you'd need two

yes, i have the newest 15" MBP

if you do need to obtain a forked build, like for the MacBookPro15,4 you can use this method: https://derflounder.wordpress.com/2012/06/26/do...

this still works for the current Yosemite era

this is a small private academy, the macs are for students to access moodle on the internal network

no internet access so they can't get distracted ;)

sure, we have testing labs without Internet too

bruienne: the issue with that method is that it requires the machine that runs the forked build in the 1st place

private academy has an ADSL line that isn't even 10Mbit or so

well sure

I would like to download the images at home to deploy there

you need at least one of the models in question

ok

so do it at home

damn you, apple :D

take a machine, an external HD

weekend project

i'll have to go there and retrieve the machine from the office to bring home temporarily

or, leave one downloading over the weekend at work

48+ hours oughta be enough to pull down 6-ish GB

with no one using the line

it would be great to dissect how the installer does its work of requesting images from apple CDN

and make a 3rd party client

heheheh

yes, it would

more specifically - the verification bits required (aka how it can tell vmware apart from a real mac)

others in the community have started, but lack of time intervened

it's mostly SSL-related

Model ID is common knowledge

all of the information exchange is encapsulated so it's a black box

BootROM version and board IDs can be gotten through geekbench results browser

that's not the issue

the issue is how Apple exchanges the info

oh, I have a GREAT IDEA

they use some kind of seed values or salt to randomize the process enough to be obtuse

at least obtuse enough for someone to dig their teeth in

there's an apple store between my home and my workplace

i'll drop in at 10am with an external drive

get the installESD at the apple store... and probably reach work at noon

yeah if they let you camp for that time

hopefully intel Macs don't have hardware AES engines with secret keys like the iOS platforms do

bruienne: apple's going through a lot of trouble to keep them installESDs away from the general public

also, another slightly related question -

is there any way to grab a forked build once it's been unified with the next point update?

like the various 10.10.2's for the early 2015 macs

once it's unified you only need the one

like 10.10.4 will likely be uniting all forks again

so at that point 10.10.4 will boot all Macs that are Yosemite compatible

I know, but 10.10.2 has value

because... iphoto

not from Apple, no

at least not through the MAS

Developer portal has all the builds

you'd have to have saved one at the time

developer portal has machine specific builds too?

no

so the machine specific builds are a pain in the behind

they're available from absolutely nowhere at all - and only Internet Recovery on the machine in question can grab 'em

not a huge deal for most mac admins

when we got the first 11,5 MBP in I had a tech do the external drive thing, ran it through AutoNBI and AutoDMG and 20 minutes later it was done

that scores about a 5 on the scale from 1 to Adobe for me

did you backup the preloaded contents of the SSD while you were at it?

heh heh. "1 to Adobe"