I'm stuck. I'd like to think I'm reasonably good looking info up, but for the life of me I can't figure out how to deploy mac software in an enterprise, like with Group Policy.) I'm not talking about deploying images, I mean, for example how to make sure every mac has the latest version of flash installed, or whatever. (I'm not expecting to support third-party installers, just .pkg and maybe manual "Put this directory here", which of course I can roll my own .pkg for.)
I've got an OSX server (10.6) setup in "Golden Triangle" (OD talking with AD) so users can log in with their AD accounts, and I can manage Apple updates, or user preferences, but deploying...? Am I missing something obvious? (Or is it Apple?)
P.S. We have Apple Remote Desktop as well, but that's only for one-off's...
We are just starting to use Munki, which works very similar to WPKG for Windows. It looks to the end user very similar to Apple Software Update.
It's great at both deploying and updating software and only requires a Web Server (all static files so any will do) to run.
Puppet and Chef support OS X; these are great configuration management tools that can also automate software deployments as well.
I highly recommend looking at Filewave. We used their software to to deploy Firefox, Adobe CS Suites, printers drivers, and audacity. It mostly works at the file level as the name implies but you can also do package deployments. We replaced and upgrade over 100 macs in a 6 week period while also implementing several other very large projects(50 AP wireless network, phone system, SAN, VMWare ESX). We would never able been able to get it done without Filewave. We installed Adobe CS suite which is about 5-6GB install over a gigabit network in a few minutes to 20 computers.
You install an agent on the computer and configure a server. Put the computers into groups and then drop packages into the groups. You can time the install or remove of software. You are responsible for creating the install packages but the software Filewave provides is great. You do need to be careful when you build the applications because if you don't have a systematic approach it can cause problems down the road. But once the package is build your work is over!
Beside deployments of whole system images, Apple doesn't offer any automatic software install method.
Beside ARD, I use a homegrown solution where I manage lists of client classes (like OS version, office version or Adobe CS version installed). When I want to deploy a piece of software, I let a script hardlink the file into an install directory for each relevant client, which then gets installed by another script on the client during the next reboot. This works in somewhat hackish fashion, but requires pkg files, requiring manual building of pkgs for stuff like Adobe Updates.
At some point in the not-so-far future I will likely replace this with something like the already mentioned filewave or Casper Suite.
CFengine would work great for you.
I second the FileWave recommendation. Its a fantastic tool that I've been using for about 9 years. Its cross-platform (Mac/Win), has diagnostic messages and logs, and a great tech support team. Not 24x7, but very responsive during office hours and they turn things around pretty quickly. The software can even be distributed via Apple Remote Desktop, installed in your base disk image, and added to a Deploy Studio workflow.
Between FileWave and NetRestore/DeployStudio, I can replace an entire lab in a day or two and never touch them (in person) again. Unless the OS needs to be reinstalled or have a major upgrade (like 10.5 to 10.6).
I also use FileWave to drop shell scripts on the Macs and run them as root. Great for subtle things, configuration changes, etc.
Feel free to connect with me if I can help.