example deploystudio finisher script with certs.

gistfile1.txt

#!/bin/sh

echo "ds_finish.sh - v0.1 ("`date`")"

# Set the munki server URL
defaults write /Library/Preferences/ManagedInstalls SoftwareRepoURL "https://munki.production.example.com/"

# Set the Munki ClientIdentifier to be the hostname of this computer
defaults write /Library/Preferences/ManagedInstalls ClientIdentifier "${DS_HOSTNAME}"

# Have Munki install Apple Software Updates
defaults write /Library/Preferences/ManagedInstalls InstallAppleSoftwareUpdates -bool True

# Set the server to use for Apple Software Updates to the Reposado Server
defaults write /Library/Preferences/ManagedInstalls SoftwareUpdateServerURL "http://reposado.production.example.com/content/catalogs/others/index-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog"

# Run munki on first startup, per https://groups.google.com/d/msg/munki-dev/e_bu7xGtL0M/_OFfC0lGEEsJ
touch /Users/Shared/.com.googlecode.munki.checkandinstallatstartup

# stop the iCloud dialog from appearing - from: http://managingosx.wordpress.com/2012/07/26/mountain-lion-suppress-apple-id-icloud-prompt/
defaults write "/Library/Preferences/com.apple.SetupAssistant" DidSeeCloudSetup -bool true
defaults write "/Library/Preferences/com.apple.SetupAssistant" LastSeenCloudProductVersion -string "10.8.2"

# create the security certificate file via heredoc
cat > /tmp/example.com.pem <<EOF
-----BEGIN CERTIFICATE-----
CERT GOES HERE
-----END CERTIFICATE-----
EOF

# add the certificate to the system keychain, per: http://derflounder.wordpress.com/2011/03/13/adding-new-trusted-root-certificates-to-system-keychain/
/usr/bin/security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" /tmp/example.com.pem

# enable ARD for ladmin
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users ladmin -privs -all -restart -agent -menu

echo "ds_finish.sh - end"

exit 0