I have a Task Sequence that successfully adds a Mac to an Active Directory domain in the correct OU, and adds the correct groups as local administrators. However, when I log in as a domain user, I'm prompted if I want to create a mobile account, even though I check the box in the Task Sequence to enable mobile accounts. I see in the "User Experience" of Directory Utility Services that the "Require confirmation before creating a mobile account" is checked. Anyone know of a programmatic (e.g. script) way to remove this during the Task Sequence?
Hello Matthew, Create Software Package without content and set Program to "dsconfigad -mobileconfirm disable". Then add step "Install Software" after "Join Domain".
Thanks Evgeny, I ran that manually and it does the trick, so fingers crossed if I can get NetBoot working reliably I'll push it out via the Task Sequence. Any chance you might also know a command to set "Allow allows downloaded from" to "Anywhere"?
To allow apps from "Anywhere": spctl --master-disable To allow apps from "Mac App Store and Identified developers": spctl --master-enable spctl --enable --label "Mac App Store" spctl --enable --label "Developer ID" To allow apps from "Mac App Store" only: spctl --master-enable spctl --enable --label "Mac App Store" spctl --disable --label "Developer ID" Don't forget to use "sudo" when run them manually. And don't use "sudo" in task sequences, because executed already with root privileges.
