BootPicker 2.0. With the advent of Boot Camp comes the possibility of deploying multi-boot Macs and permitting your end users to choose whichever platform will work best for whatever they'd like to do at the moment. But how do you manage the presentation of this choice?
There are a couple concerns to keep in mind:+ Setting the boot device is an activity restricted to administrative users.
+ Allowing non-administrative users access to this functionality potentially allows them to set the boot device to some external media that they provide (then they can really tamper with the system).
+ Leaving the machine at the EFI boot picker (hold down the option key at startup), while possible, leaves the previous options open and also leaves the machine in a state in which it cannot be managed or accessed via the network. rEFIt allows you to lock down the boot options at startup, however you're still unable to actually manage the machine in this state.
Before developing BootPicker, I came up with a list of requirements that I would insist upon were I to manage a lab of dual-boot Macs: 1. Must work when a firmware password is applied to the machine
2. The boot picker cannot interfere with remote administration (e.g. via ARD)
3. The boot picker must allow the administrator to specify explicitly which drives are permitted as boot devices
4. The administrator can disable (remotely) the boot picker at any time
5. When the machine is rebooted, it will always boot to Mac OS X by default and present the boot picker
6. Optionally, the boot picker preferences can be managed via directory services (permits management at a large scale)
7. Optionally, the boot picker should allow the administrator to provide some guidance to the end user about why they should choose one OS over another
BootPicker satisfies all of these requirements. BootPicker runs on startup immediately prior to LoginWindow. Based upon your configuration, it presents an option to the end user to choose an operating system. Upon choosing that OS, the machine either continues to Mac OS X or reboots to the specified OS. The next time the computer is rebooted, it automatically returns to Mac OS X and the boot picker. Finally, for environments that require management at a large scale, or management while the machines are turned off or booted to a different OS, BootPicker can be managed via a Mac OS X Server Open Directory Master. Got AD? That's OK, you can leverage that as well. You can even run BootPicker from a logout script to give every new visitor to your lab machines the opportunity to choose their OS without rebooting.
There are a couple concerns to keep in mind:+ Setting the boot device is an activity restricted to administrative users.
+ Allowing non-administrative users access to this functionality potentially allows them to set the boot device to some external media that they provide (then they can really tamper with the system).
+ Leaving the machine at the EFI boot picker (hold down the option key at startup), while possible, leaves the previous options open and also leaves the machine in a state in which it cannot be managed or accessed via the network. rEFIt allows you to lock down the boot options at startup, however you're still unable to actually manage the machine in this state.
Before developing BootPicker, I came up with a list of requirements that I would insist upon were I to manage a lab of dual-boot Macs: 1. Must work when a firmware password is applied to the machine
2. The boot picker cannot interfere with remote administration (e.g. via ARD)
3. The boot picker must allow the administrator to specify explicitly which drives are permitted as boot devices
4. The administrator can disable (remotely) the boot picker at any time
5. When the machine is rebooted, it will always boot to Mac OS X by default and present the boot picker
6. Optionally, the boot picker preferences can be managed via directory services (permits management at a large scale)
7. Optionally, the boot picker should allow the administrator to provide some guidance to the end user about why they should choose one OS over another
BootPicker satisfies all of these requirements. BootPicker runs on startup immediately prior to LoginWindow. Based upon your configuration, it presents an option to the end user to choose an operating system. Upon choosing that OS, the machine either continues to Mac OS X or reboots to the specified OS. The next time the computer is rebooted, it automatically returns to Mac OS X and the boot picker. Finally, for environments that require management at a large scale, or management while the machines are turned off or booted to a different OS, BootPicker can be managed via a Mac OS X Server Open Directory Master. Got AD? That's OK, you can leverage that as well. You can even run BootPicker from a logout script to give every new visitor to your lab machines the opportunity to choose their OS without rebooting.