Temple University

Mac OS X Yosemite 10.10.x Setup/Rebuild Check List with DTLAN Automated OS X & Apps Setup

Apple, other TU-CS Mac Specialists & [email protected] , 6/5/2015

Mac OS X Yosemite Setup/Rebuild Check List (AutoOSXsetup)

In order to properly setup and/or rebuild Mac OS X 10.10.x Yosemite based computers at Temple University with DTLAN automated OS X & apps setup, see the following sequenced procedures (based on similar latest Mac OS X 10.9.x Mavericks setup/rebuild information):

1. Setup all Mac HW. If you have an external drive HW, set this up later in the process (Time Machine .) 2. If you need to reset any local account passwords (can’t login to system with Admin access), during startup either press the command and R keys (command-R) or the “Option” key while selecting Recovery… to access the “OS X Utilities” (OS X Recovery system.) Using pull-down menus, select Utilities… Terminal, and type resetpassword… while selecting user account password to reset. Here one can also change the password for the root user “su” System Administrator account (use our standardized secure password)… see more info on enabling & changing password for root user (only used on temporary basis) in a later step of this documentation. (DO NOT SHARE PASSWORD WITH ANYONE OUTSIDE ClientServices.) 3. If you need to check… erase… and/or re-partition the Mac system disk, again using the OS X Recovery system bootup, select the module. Here one can perform disk First Aid (verify/repair), Erase, Partition, etc. 4. Additionally if the user’s Mac completely crashed (no possible bootup from hard drive) or a failed hard drive was replaced with another drive, then using previously setup and updated Time Machine backups (external large hard drive [see more Time Machine info in a later step of this documentation]), restore the entire system and all user data from the Mac OS X Time Machine app via the OS X Recovery system bootup. From within “OS X Utilities”, select the Restore From Time Machine module… select a backup (most current from Time Machine)… select a destination (Mac internal hard drive)… click-on Restore… message appears (erases all contents of hard drive)… then click-on Continue. Restore should complete in 15-45min, and then also finally update the Mac OS X… antivirus SW… and applications to current date. If Time Machine was unsuccessful, then rebuild the entire system using the OS X Recovery system bootup while selecting Reinstall OS X. Individual user files can be restored later with Time Machine again. 5. Before you start Mac setup, find out if client needs his/her data migrated to the new Mac. If the client needs data migrated during this Mac setup, you need to transfer user data from the previous Mac… the system may prompt you during initial Mac OS X system setup. You may connect your Thunderbolt/Firewire cable from the previous Mac to new computer & continue setup, and this will automatically migrate client’s data to the new Mac (this method also assumes that the previous Mac and the new Mac will have similar software applications, etc.) Later after the system is completely setup, you may also migrate the user’s data using the Migration Assistant app (Mac-to-Mac, Time Machine backups, etc.) within the Mac OS X Applications… Utilities folder. If you can’t copy user data due to secured object permissions settings, then see more info on elevating folder & file permissions in a later step of this documentation. 6. During initial Mac OS X setup with “Create Your Account”, add our standardized TUCS-Client Services’ clientsvcs local administrator account with secure password (same as our Windows’ local Admin account username & password.) If adding this Admin account after initial Mac OS X setup, then go to the ’ Users & Groups to add clientsvcs local administrator account with secure password (DO NOT SHARE PASSWORD WITH ANYONE OUTSIDE ClientServices.) Also here in Users & Groups first select Login Options, and do the following: select Off for “Automatic login”, select Name and Password for “Display login window as:”, and make all checkbox selections except “Use VoiceOver in the login window.” 7. Process the computer’s MAC address via TeleCom’s online site from another computer (keep system disconnected from network until SEP antivirus software installed.) https://telecom.temple.edu/tcbridge/

Page 2 Temple University Computer Services Revised: 6/5/2015 Mac OS X Yosemite Setup/Rebuild Check List (AutoOSXsetup)

8. Next proceed with the DTLAN “OSXsetup” app for automated OS X configurations & apps installs with required network access (follow the on-screen prompts with required data entry.) If there is an issue with the OSXsetup.app, then the DTLAN consultant should contact Julien via phone directly. Moreover reference these important latest OSXsetup.app v1.2 requirements: can only be run via a verified local account (clientsvcs, SU- HelpDesk, CPH-Admin), must be copied to run from the desktop, must be OSX Yosemite 10.10.0 or later, and must have an active network connection! 9. Move Mac TU ADS computer object into the appropriate OU in Active Directory. 10. Next proceed with the DTLAN “Map Drives” app for automated networked server/share departmental connections (follow the on-screen prompts with required data entry.) 11. If not done earlier (also after user’s network [domain] account login profile created), manually copy data from previous Mac to new Mac, and move user data to proper locations (Desktop, Documents, etc.) Again the Migration Assistant app (in Mac OS X… Utilities folder) could also be used to move data from (Mac-to-Mac, Time Machine backups, etc.) If you can’t copy user data due to secured object permissions settings, then we need to elevate folder & file permissions (see following example of a “Users” folder & files.) Start at the Mac OS X Desktop by selecting the HD… navigate down into the “Users” folder… select your desired user folder with one-click… then using the Mac menus again select File… then select Get Info (to display that folder object’s detailed info.) Look for “Sharing & Permissions” towards the bottom of this folder info pane… click-on the “lock” icon (bottom-right) to authenticate with Admin credentials… click-on “+” symbol icon… select the group “Administrators” from listing while then clicking Select within “Select a new user or group:” pane. Next select the “Administrators” group from new listing… then select “Read & Write” Privilege, and then click- on “gear-wheel” icon (Perform tasks with the select item) while next selecting “Apply to enclosed items…” last click-on OK in order to recursively elevate permissions for that folder and all included folders & files. After all folder & file permissions elevated, then just click-on the “lock” icon (folder info locked again.) Finally to copy the user’s modified permissions folder contents, just simply “drag the folder” to another location (Desktop, etc.) BE SURE TO DELETE USER DATA THAT IS COPIED TO ANY CS RESOURCE POST SETUP! 12. User’s data may also be synced to Apple’s iCloud… goto System Preferences… select iCloud (have user Sign In with their AppleID credentials while selecting items to sync [ an optional iCloud item in OS X 10.10]). 13. Also if you need root user “su” system access, then one must enable root user account and change the root user password. Go back into the … using the Directory Utility menus select Edit… next select Enable Root User, and then finally select Change Root Password (use our standardized secure password.) When root user access is no longer needed (only temporary basis), select to Disable Root User (DO NOT SHARE PASSWORD WITH ANYONE OUTSIDE ClientServices.) 14. Additionally in the future, the user’s Mac OS X “login keychain” may have to be reset (match to new TUsecure [ADS] account password that will change every 90 or 180 days by users.) The Keychain Access app is found in the Macintosh HD… Applications folder… then Utilities folder. Within the Keychain Access app, select (highlight) login (user’s login keychain in “Keychains” list within upper-left window pane)… next goto File… select Delete Keychain “login” and Delete References & Files… then have user reboot & re-logon to Mac (Mac OS X system will create a newly synced login keychain for the user’s login profile after successful login.) Moreover to utilize the optional “iCloud Keychain” first select Keychain within iCloud preferences, and then check preferences (AutoFill–all, etc.) Use the DTLAN “Keychain Reset” app for ease-of-use! 15. Install & test local and network printers.

Page 3 Temple University Computer Services Revised: 6/5/2015 Mac OS X Yosemite Setup/Rebuild Check List (AutoOSXsetup)

16. Connect external hard drive for Time Machine continued system & user data backups (please recommend to users to purchase & use external drives like LaCie professional hard drives [external drives should always be larger than the internal hard drive, and connect @Thunderbolt 10Gbps speed connection.]) *Example = LaCie d2 USB 3.0 Thunderbolt Series external 3-4TB hard drive with Thunderbolt, USB 3.0 interface. 17. Last work together with user to ensure that the Mac OS X, applications, and networking are all functioning properly according to the client’s specifications.

*NOTE: Previous versions of Mac OS X (10.9.x Mavericks and below) will have similar software user interfaces.

Page 4 Temple University Computer Services Revised: 6/5/2015