How To Deploy Mountain Lion In Business And Education The Right Way [Feature]


Deploying Mountain Lion across dozens, hundreds, or even thousands of Mac can be easy and efficient if you do it the right way.
Deploying Mountain Lion across dozens, hundreds, or even thousands of Mac can be easy and efficient if you do it the right way.

Among Mountain Lion’s more than 200 new features are many that have distinct appeal for business users. AirPlay Mirroring, the ability to share items with colleagues, secure and unified messaging across Macs and iOS devices, one-step encryption of hard drives and flash drives, Reminders, Notification Center, VIP prioritization in Mail, and dictation are just handful of the Mountain Lion features that are poised to become great business and education tools.

With so many great features, IT departments big and small are likely to hear requests for Mountain Lion from employees, managers, educators, and even students. While Mountain Lion may be an easy and painless upgrade for consumers, any major OS upgrade poses challenges and concerns for technology professionals and Mountain Lion is no different. In this guide, we’ll show you how to prepare for Mountain Lion, test it for compatibility issues, and plan a successful roll out.

Test and Research

First and foremost, ensure that Mountain Lion will run in your environment without issues. That process begins with verifying that the Macs in your organization can run Mountain Lion. To find out, you can check our list of supported Mac models. Additionally, you’ll need to make sure that those supported Macs have the minimum 2GB of RAM that Mountain Lion requires – 4GB or more is strongly suggested (if you do need to consider deploying to system with just 2GB, do a test install to ensure adequate performance before deployment). Lastly, you’ll need to ensure that each Mac has 8GB of free drive space for Mountain Lion.

Once you know which Macs can run Mountain Lion, you’ll need to ensure that all critical applications used by your organization are compatible with Mountain Lion. You may need to upgrade apps for Mountain Lion compatibility or find alternative applications if some apps aren’t Mountain Lion compatible. If a vendor plans to add compatibility at a later date, your best choices are to not include that app in your Mountain Lion deployment and push the app out when a Mountain Lion version is released or to delay a Mountain Lion deployment until all critical apps are available and tested. You’ll also want to research Mountain Lion compatibility with various peripherals that are commonly used within your organization.

RoaringApps has a great list of third-party Mac apps and their current Lion/Mountain Lion compatibility status to get you started in this process.

The bulk of compatibility checking can be done by research, but you’ll still need to test Mountain Lion even if everything appears to check out fine. In that process, you’ll want to configure test systems with the full load of applications and configuration options in place for your organization. That means running through each app, each in-app feature, and multi-app workflows that commonly utilized by your users (asking some tech-savvy users to help vet apps is a great way to ensure functionality in real-world use). You’ll also need to check network connectivity and access to internal network resources as well as public web/cloud tools.

One thing that is crucial to test is Mountain Lion’s integration with directory services and other enterprise systems. For most businesses, that means integration with Microsoft’s Active Directory using either Apple’s built-in Active Directory client or third-party solutions like those from Centrify and Thursby. Beyond directory services, you’ll want to test Exchange integration (with Apple’s Mail, Contacts, and Calendar apps or Outlook for Mac) and access to any other internal or cloud systems like SharePoint.

Once you’ve vetted Mountain Lion completely, you can then move on to planning a production deployment though you may want to do a series of test deployments to ensure that your chosen deployment mechanisms and workflows function as intended.

Clean Install vs. In-Place Upgrade

Since the release of Snow Leopard three years ago, Apple has been focused on in-place OS upgrades. The process is simpler for most users, generally works with few issues, and fits well with Apple’s decision to make Lion and Mountain Lion available via the Mac App Store. In many workplaces and schools, however, there’s still merit to the idea of doing a clean install of the OS rather than an in-place upgrade.

The first benefit to come to mind for most people is a good spring cleaning that gets rid of outdated preferences, application support files, account settings, unused apps, or other flotsam and jetsam that accumulates over time. Doing so may help you avoid some technical issues down the road and it will likely free up some disk space. It can also ensure that any personal data (Facebook and Twitter credentials, cookies and web history, personal documents, and so on) gets removed in case Macs are shifted around during your Mountain Lion roll out or when new Macs are deployed and older ones are repurposed.

There is a bigger advantage, however. A clean install is generally easier to automate, particularly using network-based mass deployment tools. Beyond simplifying the mass deployment process to the point where it’s almost entirely a no-touch process, a clean install ensures a consistent user experience across all Macs in an organization or, more likely, all Macs within a given department (or grade level or job function).

Create Bootable Diagnostic/Install Drives

Any IT department should have emergency boot drives on hand. Those drives typically include a range of diagnostic tools and repair utilities. Apps on these drives can include Apple tools like Disk Utility as well as third-party diagnostic and maintenance solutions like Carbon Copy Cloner, TechTool Pro, DiskWarrior, and Drive Genius, and one or more anti-malware tools like Intego’s VirusBarrier (as of this writing,only Carbon Copy Cloner has declared Mountain Lion compatibility). They can also include a copy of the Mountain Lion installer or a copy of the master disk image(s) used to deploy Mountain Lion (both of which can be created with Carbon Copy Cloner). As such, they can be used to perform a quick recovery option by reimaging a Mac to the state it was in when it was initially deployed. Smaller organizations or companies that have a limited Mac population can even use such drives as a deployment method rather than automated and/or network deployment options.

Backup/Cleanup User Data

Whatever method you use to deploy Mountain Lion, you’ll want to ensure that any user data is backed up before the deployment. Depending on your environment, this may be a minimal issue or a difficult challenge. If you use network accounts and network home folders, the majority of user documents along with user preferences and user-specific account details should be stored in those network home folders and shouldn’t impact deployment in any real way. If you have portable Macs using mobile accounts (where a network user account and home folder are synced to a Mac notebook), you will want to ensure all users have manually synced data or have experienced an automatic sync before deployment.

If you have Macs with local user accounts on them, the process won’t be as simple. Here you have a couple of choices. You can make a network share available and tell users to copy anything they need to it. Another option is to have IT staff manually backup user accounts and files to an external hard drive or network share, which requires touching each device. Neither solution is ideal although both do give you the chance to migrate to network or mobile accounts.

Mass Deployment Options

There are a range of mass deployment tools on the market, including Apple’s NetInstall in Mountain Lion Server and the command line Apple Software Restore (asr) tool that ships on every Mac. Third-party options include the following tools.

Beyond choosing a deployment tool, you’ll want to decide the deployment method. During the lead up to Mountain Lion, Apple seems to be pushing the concept of thin imaging. Thin imaging allows you to deploy a very basic system image that is then customized using installer packages, configuration profiles, and directory services to meet the needs of your users. The approach can be automated using various tools that we covered earlier this year. It allows your initial deployment image to be pretty small (and thus quick to deploy). You can, in fact, use the standard Mountain Lion install as your image and layer in applications and settings into a deployment or post-deployment workflow. You can also do more granular app deployment after the fact to only those Macs/users than need a particular application – an approach that often helps conserve application licenses and thus reduces costs.

The more longstanding technique, known as monolithic imaging, involves loading a Mac with Mountain Lion and applications and setting various system-level configuration options. Once a source Mac is configured you can create a disk image of that Mac’s startup drive and deploy that image to other Macs. That tends to create very large system images and makes every Mac identical – an option that may be preferable for student workstations or notebooks in a school environment.

This decision isn’t a strict one way or the other choice. You can build workflows that rely on a relatively complete system image that gets customized or provisioned with specific tools during the deployment process by install packages, configuration profiles, scripts, and Automator workflows.

Mac Management With Profile Manager Or Third-Party Tools

Apple introduced Profile Manager last summer in Lion Server. As we’ve reported previously, Apple has significantly increased Profile Manager’s capabilities in Mountain Lion Server and is now promoting Profile Manager as a replacement for the Managed Preferences architecture and Workgroup Manager administration app from previous OS X Server releases. Profile Manager has a lot to offer including the ability to manage Macs and iOS devices, a self-servicing portal that let’s users enroll their Macs and devices without IT intervention, and it is a lightweight and simple Mac management and security solution for non-Apple environments.

If you are planning a switch to Mountain Lion Server and Profile Manager, you’ll want to plan that transition before your Mountain Lion roll out. That way you’ll have access to the full range of configuration options in Mountain Lion’s version of Profile Manager. This can, however, broaden the scope of your deployment and require testing of Mountain Lion Server and Profile Manager in addition to Mountain Lion itself.

There are also third-party options on the market for Mac management, several of which interoperate with other enterprise systems like Active Directory and/or mobile management consoles. Some third-party options to consider include the following tools.

Ultimately, a Mountain Lion deployment doesn’t need to be difficult or painful experience. Ensuring that you’ve gotten all the information you need, tested Mountain Lion in your environment, and are comfortable with your deployment tool(s) of choice will go a long way to making the actual deployment run smoothly.





Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.