Please feel free to add any comments if you have any questions (or comments) - that's how we all learn! Note: this is an ever-evolving script that I'm constantly refining. Some of it's "original work" other parts are cobbled together from older scripts, etc. Tested and working on 10.7.1, 10.7.2, and 10.7.3.

 

__________________________________________

 

#!/bin/bash

 

#setup information

# enter your FQDN below

domain="domain.dom"

 

# enter a username with domain admin privs

diradmin="adbind"

 

# domain admin password

password="password"

 

# container

ou="ou=comp,DC=domain,DC=dom,"

#end of setup information

#################################

 

#rename computer with current DNS name

ip=`ifconfig en0 | grep "inet "|awk '{print $2}'`

asset=`host $ip |awk '{print $5 $6}' |awk -F. '{print $1}'`

echo Updating various computer names.

scutil --set HostName $asset

scutil --set ComputerName $asset

scutil --set LocalHostName $asset

 

# make sure AD is active

defaults write /Library/Preferences/DirectoryService/DirectoryService "Active Directory" "Active"

plutil -convert xml1 /Library/Preferences/DirectoryService/DirectoryService.plist

 

# bind machine to AD

dsconfigad -force -add $domain -computer $asset  -username "$diradmin" -password "$password" -ou "$ou"

 

# add AD to search path

searchpath="/Active Directory/$domain"

dscl /Search -append / CSPSearchPath "$searchpath"

dscl /Search -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

dscl /Search/Contacts -append / CSPSearchPath "$searchpath"

dscl /Search/Contacts -create / SearchPolicy dsAttrTypeStandard:CSPSearchPath

 

#disable automatic login

defaults delete /Library/Preferences/com.apple.loginwindow autoLoginUser

srm /etc/kcpassword

 

#bind to ntp server, sync time, set timezone

systemsetup -settimezone America/Los_Angeles -setusingnetworktime on -setnetworktimeserver time.nist.gov

 

#adjust sleep cycle

pmset -a displaysleep 30 disksleep 10 sleep 0

 

#disable graphical login; otherwise you can't log into AD accounts

defaults write /Library/Preferences/com.apple.loginwindow HideLocalUsers -bool false

 

#this allows you to point client machines at your desired local OSX update server. We use reposado (ubuntu based OSX software update server)

defaults write com.apple.SoftwareUpdate CatalogURL 'http://yourcatalogs'

 

#disable automatic login

defaults delete /Library/Preferences/com.apple.loginwindow autoLoginUser

srm /etc/kcpassword

 

# Enable the 2D Dock

defaults write com.apple.dock no-glass -bool true

 

# Disable window animations and Get Info animations in Finder

defaults write com.apple.finder DisableAllAnimations -bool true

 

# Automatically open a new Finder window when a volume is mounted - handy for students with external drives

defaults write com.apple.frameworks.diskimages auto-open-ro-root -bool true

defaults write com.apple.frameworks.diskimages auto-open-rw-root -bool true

defaults write com.apple.finder OpenWindowForNewRemovableDisk -bool true

 

# stop reopening windows after a reboot

defaults write com.apple.loginwindow TALLogoutSavesState -bool false

defaults write com.apple.loginwindow LoginwindowLaunchesRelaunchApps -bool false

 

# Empty Trash securely by default

defaults write com.apple.finder EmptyTrashSecurely -bool true

 

# Avoid creating .DS_Store files on network volumes - Windows servers, mac clients - keep those .ds_store files off the servers!!!

defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool true

 

# Disable menu bar transparency

defaults write NSGlobalDomain AppleEnableMenuBarTransparency -bool false

 

#set power on/power off cycle

pmset repeat shutdown MTWRFSU 1:00:00 wakeorpoweron MTWRFSU 08:00:00

 

#reboot machine

reboot