For comments and questions please visit the edugeek forum here http://www.edugeek.net/forums/mac/154805-deep-freeze-alternative-mac.html#post1326919
This past year I’ve been looking to step away from using Faronics Deep Freeze and find an alternative that will handle a similar task of cleaning the user profiles after a restart, set time or day of the week. Sure Deep Freeze has a lot of benifits but we wanted to look into a cheaper solution. For the past few months I’ve been running this setup in our busiest area at our campus (our student commons) and it has been working great.
Why do we need it?
In the run of a day or week we can have countless users logging into a mac desktop using Active Directory credentials and over time the user profiles can eat away at the HD space. That said your average user is browsing the net and so their user profile may only be a small percentage but mixed in with users that dump files onto the desktop or other areas this space can build up fast. This is where Deep Freeze came into play. Deep Freeze would clean up the computer after a restart or set schedule to help keep the comptuer HD clear of un wanted files.
What do these scripts do?
With the below scripts in place they essentialy remove any unwanted users. By default the script is set to remove all users except for the “Administrator” & “Shared” user. All other users will be removed. This can be adjusted easily to add other local users. The script included is set to run at 3:30am every Saturday morning. We went with this since most computers are sitting with a 1TB HD and we do not expect computer to fill up that quick. Having it set to a week also gives users a grace period for their files. If they forget to copy/backup files one day they will still be there the next day (unless it’s the next day that the scipt is set to run). The other benifit is that if there is a power bump their files will still be located on the computer once it is turned back on.
How do these scripts work?
There are three files as listed below. #1 is the launchd file that will run on schedule to run to run the primary script that does the work. File #1 is the file you can edit to adjust the time or day you wish to have the script run. ** Keep in mind, if you make changes after the script is deployed you will want to make sure you unload the .plist file and then reload the updated file.
File #2 is the actual script that does thew work to remove the users. There arre two main steps. The first step will remove all uses except for “Administrator” & “Shared”. The second step dumps the files located in /private/var/folders/*. This folder contains cache files from the users that have logged in. We do not want to remove the fodler itself, just the contents.
File #3 is a simple command script that loads file #1. We use deploy studio for deployment so having this as part of the workflow just loads #1 script so we do not need to send out the command over ARD or manually.
Download
To get started you will need to download the needed files which are found here http://twistedmac.com/mactech_cleanusers.zip
How to use these files using Deploy Studio
On your Deploy Studio server go to your “DeployStudio” shares. This folder is normally at the root of your HD as the shares folder for Deploy Studio. (This can also be named something else or located elsewhere but most often this is the name and location. In the “Files” folder you need to copy the first two files “com.mactech.cleanusers.plist” & “delete_non_admins.sh”. Next go to the scripts folder and copy the ”load_cleanusers.command” file to this location.
From here open up the “DeployStudio Admin” application. For deployment you need to add these files into a workflow and run these files during post ghost.
To add the two files “com.mactech.cleanusers.plist” & “delete_non_admins.sh” you need to add “File Copy” into your workflow twice as seen in this image.
Since we already added the need files you just need to choose the “File” dropdown menu and pick the files as you can see in these images. As seen in the images you want to make sure each file is placed into the correct location. “com.mactech.cleanusers.plist” will be copied to “/Library/LaunchDaemons” & “delete_non_admins.sh” will be copied to “Library/Scripts”. Also make sure you “Automate” these tasks.
The next step in the workflow is to add “Generic”. With this step in the workflow select the “Command” dropdown menu and choose “load_cleanusers.command”. Make sure you check off “Postponed execution” & “Automate”.
From here the script will be loaded when the computer finishes post ghost.
The script by default that’s included is set to wipe all users except for the “Administrator” & the “Shared” user. If you have other users that you want keep on the system you can alter the “delete_non_admins.sh” script to reflect users you want to keep on the computer. You wouldn’t normally install this on laptops or individual computers but if you do make sure this script reflects the users that need their profiles keep.
As this script sits it is set to wipe the other users every Saturday Morning at 3:30am. You can easily change this by opening the “com.mactech.cleanusers.plist” file and adjusting the “StartCalendarInterval”.
Hope this helps those out that are looking for a DF alternative.
Carter