This repository contains a small set of bash scripts (for macOS) to integrate with Jamf Pro for remote management of Deep Freeze. As always, your mileage may vary. If you have any questions or run into issues, please submit a PR.
BTW. PRO TIP: Because I had to figure this out on my own, this is the secret to getting your Extension Attributes (strings, specifically) to print properly: variations of echo "<result>$string</result>".
If you look at the code, you'll see how this gets used.
Also - "bash -x <script>.sh" is HUGE in troubleshooting. Learned that while working on this project.
Hopefully this tip saves you a bit of trouble when you make your own ;)
All scripts and deployments have been successfully tested using the following:
- 14" MacBook Pro (M1 Pro) | macOS Sequoia 15.2
- 13" MacBook Pro 2TBT3 (Intel, A2289) | macOS Sonoma 14.6.1
- 24" iMac (M3) | macOS Sonoma 14.6.0, 14.6.1
- 27" iMac 5K (2020) | macOS Sonoma 14.5.0
- 21.5" iMac (2017) | macOS Ventura 13.7.1
- Deep Freeze 7.70.220.0230 on Sonoma and newer
- Deep Freeze 7.60.220.0202 on Venutra and older
- Purpose: This script functions as an Extension Attribute in Jamf Pro, allowing you to check the status of Deep Freeze on macOS devices.
- How to Use:
- Add this script as an extension attribute in Jamf Pro.
- Set the "Data Type" for the extension attribute to
String. - Running
sudo jamf reconon a machine will force an update of all extension attributes, if needed, for testing.
- Purpose: This script commands Deep Freeze to freeze the computer, making it unchangeable until thawed.
- How to Use:
- Deploy via a Jamf Pro policy at the desired interval for your organization.
- You may adjust the policy’s scope and trigger as necessary, depending on your maintenance window.
- Use this script to either freeze a machine that is Thawed, or to ensure that no further changes can be applied until after the next thaw operation is fully processed.
- Purpose: This script commands Deep Freeze to thaw the computer, allowing changes to be made. It requires a reboot to fully process the thaw operation.
- How to Use:
- Deploy via Jamf Pro policy, typically when maintenance or updates are complete.
- Important: A reboot is required after running this script in order to complete the thaw operation.
- Purpose: This script reboots the computer after Deep Freeze has been thawed. It provides a heads-up dialog with a 20-second countdown before the reboot happens.
- How to Use:
- This script is meant to be used in conjunction with the
deepfreeze-THAW-macOS.shscript. - It ensures the machine reboots after the thaw operation has been completed.
- This script is meant to be used in conjunction with the
- Maintenance Windows: I recommend scoping the Freeze and Thaw scripts to run during predefined maintenance windows when the machines are not actively in use.
- Reboot Requirement: The Thaw operation requires a reboot to take effect fully. Ensure that
reboot-macOS.shis deployed after confirming the machine has been thawed.
- Smart Groups in Jamf Pro:
- Create smart groups for machines that are frozen and thawed.
- For frozen Macs, use the "is Frozen" criteria.
- For thawed Macs, use the "like Thawed" criteria. The "Thawed" status can either be "Thawed" or "Thaw (requires restart)". Alternatively, you can use two separate "is" conditions.
- This will help better identify which machines are "eligible" to receive either the Freeze or Thaw policies, providing more granular control over policy deployment.
This project is licensed under the MIT License - see the LICENSE file for details.