Packaging Bind (join) Active Directory Domain for InstaDMG

[userosx]

I have no problems binding to Active Directory (or even OD). However, I am having one minor, yet very tedious issue.

I’ve decided to use launchd (scripts) to both rename the computers, and bind them to AD. It’s easy to package LaunchDaemons, and it seems to be the preferred method. We have a local script that automatically renames the computer based on the MAC address (first boot). And we have another script to bind them to the domain. So, I can package the “rename” daemon and the “joindomain” daemon and tell them both to run at startup, but the problem is that sometimes it will bind before it is actually renamed. In other words, there doesn’t appear to be a way to tell them in what order to launch (via launchd). Both functions work, I just can’t seem to get it to reliably rename the computer before it tries to join the domain.

I can’t do this as a loginhook, because of course that would require someone to login before the computer was renamed. Also, we do not have OD or AD with schema extensions, so I can’t make any changes at the directory level. Anyway, I was just hoping somebody had a better way. Perhaps there is a way to run our “macrename” script during installation…

So I guess the question is, if you use AD, how are you configuring & packaging the functionality that renames and binds the computers to the domain? My current method should work perfectly if I could just tell launchd to run daemon before the other and wait for he first to complete…

[Greg Neagle]

Any particular reason you can’t just combine both of these actions into a single script?

[userosx]

Both scripts are lengthy and written in a different language. However, I suppose I could have the daemon call a script that calls both scripts in succession… That might work… Why did I not think of that before? Well, hopefully it works…

[Patrick Fergus]

We go as far as having a CustomPKG that installs a StartupItem (deprecated, I know) that installs our first boot pkgs, and a different CustomPKG that drops the pkgs to be installed on first boot and a text file that gives the installation order. Tidy once you wrap your head around it.

We also have a pkg that gets installed first that does nothing but sleep for 60 seconds allow OS X to finish starting up. It helps avoid weirdness with not-fully-started OS services.

– Patrick

[knowmad]

Patrick,
On that last item of starting something to hold things up so everything can boot… someone else (no time to look and my memory is fuzzy) mentioned a neat trick of using launchdaemon to launch a script that looks for the items you need to be loaded before installing…. If it does not see them it exits on 0 which causes launchdaemon to simply relaunch…
lather-rinse-repeat until it sees what it needs, then it launches the installers and exits on 1 which actually lets it die.
The last in your chain of installers removes the script from launch-line-up (so to speak) and your all done.
One time first boot that makes certain not to run until everything is ready.
later I will look up the particulars and post-em.

[Rusty Myers]

I solve this issue by only running the computer naming script, then it loads the launchd item for the ad bind script and reboots. Then after reboot, it binds. You could also do an if statement that would check to see if the computer is named correctly.

Rusty

[userosx]

[QUOTE][u]Quote by: thespider[/u][p]I solve this issue by only running the computer naming script, then it loads the launchd item for the ad bind script and reboots. Then after reboot, it binds. You could also do an if statement that would check to see if the computer is named correctly.

Rusty[/p][/QUOTE]

I like this idea… If my current method doesn’t work, I’ll have to give this a try. Well, I’m going to find out if my current method works in about an hour. 🙄

[knowmad]

[QUOTE][u]Quote by: knowmad[/u][p]…..If it does not see them it exits on 0 which causes launchdaemon to simply relaunch…
lather-rinse-repeat until it sees what it needs, then it launches the installers and exits on 1 which actually lets it die.
[/p][/QUOTE]

um, wow I was in a rush, got that backwards… exit on 1 causes respawn, exit on 0 causes clean end.
sorry…. still don’t have time to find the originator of that post/idea.

[Author]

Posts