Installing Certificates, Scripts, MDS + More

MDS
1

After using Deploy Studio for a few years and it effectively being made redundant I have come across MDS.

I have a few questions.

  1. I created a Volume with all the items in like your video guide but the workflow doesn’t start when in the recovery I had to manually mount the USB drive in Terminal and execute the run script, should it execute automatically?

  2. from the above I now created a bootable volume but can I copy all the resources to the bootable volume rather than launching from the recovery partition?

  3. I have 2 certificates that need to be installed (Proxy Certificates) now I have the code I can run in a script which I can already confirm runs as part if the MDS but I have no idea where or how to copy the certificates as part of the OSX installation so I can point the script to them and install, hope this makes sense. Below is the line of code I used to run in deploy studio.

echo “Installing ZscalerRootCertificate-2048.crt”
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /Volumes/Macintosh\ HD/etc/deploystudio/ds_files/ZscalerRootCertificate-2048.crt

Any help would be much appreciated as I try out this tool and see whether it suits our environment.

2
  1. That is correct. To automatically run, you need the MDS Automaton.
  2. Sure. However, if it is a new T2 based Mac, external booting requires enabling it via recovery in the Startup Security Utility. This adds time and enables a feature (external booting).
  3. To add in the certificates via your script, create a folder called “Scripts” and add in a folder called “Resources” inside it. Add your certificates to the resources folder and your script to the top level Scripts folder. Then in the workflow under resources, select the Script folder in the script section. MDS will package this up and run your script after the packages have been installed (and macOS is booted from the newly install macOS). Your path to the certificates in the Resources folder should be referenced relative to the script folder (the Resources is inside Scripts). For an example, see the example scripts in the disk image that MDS comes on, or on our downloads on bitbucket:

https://bitbucket.org/twocanoes/macdeploystick/downloads/

Tim