Provisioning Script for New Macs

Among other things, I’m also the IT guy in the office. When we get a new hire, it’s my job to get the machine up and ready. I’ve made a pretty simple bash script that does most of the tedious things for me. I throw that on a flash drive and put applications that I want installed in the apps folder. The way I have it set up, I have an admin account that I set up after first boot/reinstall then I create an admin account for the new computer user. Below are two segments of code: the first is the script that does all the magic, the second is a plist for the dock.

#!/bin/bash

if [ `whoami` != root ]; then
    echo Please run this script as root or using sudo
    exit
fi

echo "Copying from apps/ to /Applications/ "
sudo cp -R apps/*.app /Applications/;
#defaults write com.apple.dock persistent-apps -array-add '<dict><key>tile-data</key><dict><key>file-data</key><dict><key>_CFURLString</key><string>/Applications/Google Chrome.app</string><key>_CFURLStringType</key><integer>0</integer></dict></dict></dict>'
sudo cp dock_default.plist /System/Library/CoreServices/Dock.app/Contents/Resources/English.lproj/default.plist
rm ~/Library/Preferences/com.apple.dock.plist
killall -HUP Dock
echo "Done.\n"

echo "Setting defaults. "
#turn on screensaver and make sure they ask for a password
defaults -currentHost write com.apple.screensaver idleTime 300	#in seconds
defaults write com.apple.screensaver askForPassword -int 1
defaults write com.apple.screensaver askForPasswordDelay -int 0

#hide admin user from the login window
sudo defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array-add ADMIN_USER # swap out ADMIN_USER with whatever the name of your admin user is

# Replace logo on login page with company logo
sudo mv /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/appleLinen.png /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/appleLinen_orig.png
sudo cp CompanyLogo_squreGrey.png /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/appleLinen.png
sudo mv /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/[email protected] /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/[email protected]_orig.png
sudo cp CompanyLogo_squreGrey_x2.png /System/Library/PrivateFrameworks/LoginUIKit.framework/Versions/A/Frameworks/LoginUICore.framework/Versions/A/Resources/[email protected]

#Set Lock screen message
sudo defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "Property of COMPANY NAME\n Please return to 00 Nowhere St, Boulder, CO 80301"

#Set Computer Name to user name
user=$(logname)
ComputerName="$user"
sudo scutil --set ComputerName $ComputerName
sudo scutil --set HostName $ComputerName
sudo scutil --set LocalHostName $ComputerName
sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName -string "$USER-Macbook"

# Menu bar: hide the useless Time Machine and Volume icons
defaults write com.apple.systemuiserver menuExtras -array "/System/Library/CoreServices/Menu Extras/Bluetooth.menu" "/System/Library/CoreServices/Menu Extras/AirPort.menu" "/System/Library/CoreServices/Menu Extras/Battery.menu" "/System/Library/CoreServices/Menu Extras/Clock.menu"

# Always show scrollbars
defaults write NSGlobalDomain AppleShowScrollBars -string "Always"

# Expand save panel by default
defaults write NSGlobalDomain NSNavPanelExpandedStateForSaveMode -bool true

# Expand print panel by default
defaults write NSGlobalDomain PMPrintingExpandedStateForPrint -bool true

# Save to disk (not to iCloud) by default
defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false

# Automatically quit printer app once the print jobs complete
defaults write com.apple.print.PrintingPrefs "Quit When Finished" -bool true

# Reveal IP address, hostname, OS version, etc. when clicking the clock in the login window
sudo defaults write /Library/Preferences/com.apple.loginwindow AdminHostInfo HostName

# Trackpad: enable tap to click for this user and for the login screen
defaults write com.apple.driver.AppleBluetoothMultitouch.trackpad Clicking -bool true
defaults -currentHost write NSGlobalDomain com.apple.mouse.tapBehavior -int 1
defaults write NSGlobalDomain com.apple.mouse.tapBehavior -int 1

# Disable “natural” (Lion-style) scrolling
defaults write NSGlobalDomain com.apple.swipescrolldirection -bool false

# Automatically illuminate built-in MacBook keyboard in low light
defaults write com.apple.BezelServices kDim -bool true

# Turn off keyboard illumination when computer is not used for 5 minutes
defaults write com.apple.BezelServices kDimTime -int 300

#Default screenshot to JPG
defaults write com.apple.screencapture type jpg

#Defualt screenshot save location
defaults write com.apple.screencapture location ~/Downloads

# Finder: show status bar
defaults write com.apple.finder ShowStatusBar -bool true

# Finder: allow text selection in Quick Look
defaults write com.apple.finder QLEnableTextSelection -bool true

# When performing a search, search the current folder by default
defaults write com.apple.finder FXDefaultSearchScope -string "SCcf"

# Disable disk image verification
defaults write com.apple.frameworks.diskimages skip-verify -bool true
defaults write com.apple.frameworks.diskimages skip-verify-locked -bool true
defaults write com.apple.frameworks.diskimages skip-verify-remote -bool true

# Automatically open a new Finder window when a volume is mounted
defaults write com.apple.frameworks.diskimages auto-open-ro-root -bool true
defaults write com.apple.frameworks.diskimages auto-open-rw-root -bool true
defaults write com.apple.finder OpenWindowForNewRemovableDisk -bool true

# Use list view in all Finder windows by default
# Four-letter codes for the other view modes: `icnv`, `clmv`, `Flwv`
defaults write com.apple.finder FXPreferredViewStyle -string "Nlsv"

# Remove useless icons from Safari’s bookmarks bar
defaults write com.apple.Safari ProxiesInBookmarksBar "()"

# Prevent Time Machine from prompting to use new hard drives as backup volume
defaults write com.apple.TimeMachine DoNotOfferNewDisksForBackup -bool true

# Disable TimeMachine
/usr/bin/defaults write com.apple.TimeMachine 'AutoBackup' -bool false

# Show path bar in Finder
/usr/bin/defaults write com.apple.finder 'ShowPathbar' -bool true

#BASH profile tweaks
echo "Making BASH prettier"
cd; curl -#L https://github.com/mathiasbynens/dotfiles/tarball/master | tar -xzv --strip-components 1 --exclude={README.md,bootstrap.sh}

killall SystemUIServer
killall -HUP Dock

#Set password policy and make user change password on next login
user=$(logname)
UserName="$user"
sudo pwpolicy -u $UserName -setpolicy "newPasswordRequired=1 minChars=8 requiresAlpha=1 requiresNumeric=1"

echo "Done. Note that some of these changes require a logout/restart to take effect."

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>persistent-apps</key>
	<array>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Launchpad.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
				<key>file-type</key>
				<integer>169</integer>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Mission Control.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
				<key>file-type</key>
				<integer>169</integer>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Google Chrome.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Adium.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Reminders.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/Notes.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
			</dict>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>file-data</key>
				<dict>
					<key>_CFURLString</key>
					<string>/Applications/System Preferences.app</string>
					<key>_CFURLStringType</key>
					<integer>0</integer>
				</dict>
			</dict>
		</dict>
	</array>
	<key>persistent-others</key>
	<array>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>arrangement</key>
				<integer>2</integer>
				<key>home directory relative</key>
				<string>/Applications</string>
				<key>showas</key>
				<integer>1</integer>
			</dict>
			<key>tile-type</key>
			<string>directory-tile</string>
		</dict>
		<dict>
			<key>tile-data</key>
			<dict>
				<key>arrangement</key>
				<integer>2</integer>
				<key>home directory relative</key>
				<string>~/Downloads</string>
				<key>showas</key>
				<integer>1</integer>
			</dict>
			<key>tile-type</key>
			<string>directory-tile</string>
		</dict>
	</array>
	<key>version</key>
	<integer>1</integer>
</dict>
</plist>

For more options that may apply to you, but not to me, check out github.com/mathiasbynens/dotfiles. Mathias also has a bunch of links to other resources.

Things I've Figured Out

Provisioning Script for New Macs

Leave a Reply Cancel reply