Skip to content

boot – Best way to clone M1 Macs

Spread the love


Advertisement

We have 10 M1 Macs here and counting. (6 Studios, 4 Minis.) I've got several of those new Studio's to provision.

Advertisements

With our fleet of 2013 Trashcans, having a master image worked great. It'd be extremely tedious and impractical to configure each system. We also have rental customers, so wiping and re-imaging after a rental wraps is safe and effective.

Our procedure used to be:

  1. Boot from the master image's SSD
  2. Wipe and clone it into the boot drive (we liked SuperDuper)

With few tweaks, this has worked great. But with the M1 and T2 security models, imaging has become so unreliable it's impractical. A few of the problems:

  • First boot from the SSD takes a long time, the Mac is running some kind of mystery update for 7 minutes. (Maybe 12.5 causes LLB to update system-paired firmware?)
  • Then (sometimes) the Mac has to “phone home” for a few more minutes to reactivate.
  • Most crucially though, the clone (usually) breaks the administrator account. So when we go to RecoveryOS to update the Security Policy (our main SAN needs kexts to load), we get a “No administrator was found” error. (Both the clone source and target have admin accounts, Secure Token is enabled for them, and they're the same account name and password. updatePreboot didn't help either.)

So then we're off to SC2/DFU, internet recovery, rm .AppleSetupDone to make a 2nd admin account w/ Setup Assistant, etc… and by then the whole process is not worth the effort.

TL;DR I know that ultimately, the proper solution will be to enroll in Apple Business Manager and deploy MDM in our company. It's in the works.
But until then, what's the best solution to all this? I'm open to tackling the specific technical hurdles I brought up, or other methods to sidestep them.

Leave a Reply

Your email address will not be published. Required fields are marked *