09 Feb Blessing an El Capitan Device for NetBooting
In OS X 10.11 El Capitan, Apple has introduced their new System Integrity Protection feature which affects how you are able to NetBoot devices. If you think you’ll have the need to NetBoot a device anytime in the future, after it leaves your hands, you’re going to need to “bless” it with your sanctioned NetBoot servers prior to it going out the door.
Blessing a device with a NetBoot server is easy and only takes a couple of minutes per device, however, it is very hands on and will be extremely time consuming if you have a ton of devices – especially if they’re already in the field so plan accordingly prior to upgrading to El Capitan.
Watch the how-to video:
- Turn on or restart the device to be “blessed”
- Press and hold the keys Command (⌘)-R immediately after you turn on your Mac and hear the startup sound. Keep holding until you see the progress bar.
- When the device boots into the Recovery Mode, you should see a Mac OS X Utilities toolbar. If you end up back to your typical login screen, reboot and try hitting the Command (⌘)-R keys again.
- Navigate to the Utilities menu bar item and select Terminal
- Type the following command in Terminal to add a trusted server. Change
addressto the IP address of your NetBoot server (PXE representatives, preferred servers, core servers)
csrutil netboot add address
- Repeat step 5 for any additional NetBoot servers (PXE representatives, preferred servers, core servers)
- To verify your NetBoot servers have been added, type the following command in Terminal in either the Recovery Mode session or after having booted back into the OS
csrutil netboot list