Jump to content

T2 Mac & APFS image restore


8 posts in this topic

Recommended Posts

Obviously that is not the question to ask in Apple or Jamf forums, because they members just follow the Book of Apple (only do what we allow you to do)


Ofcourse Apple no longer support imaging real Mac with T2 chip, but using simple script one can easily restore apfs container image captured from NON-T2 hardware (ie Mac mini 2016):



hdiutil attach /Volumes/Image\ Volume/Catalina-10.15.6.dmg -noverify -nomount

diskutil eraseDisk HFS+ %noformat% gpt /dev/disk0

diskutil apfs createcontainer /dev/disk0s2

asr restore --source /dev/disk26 --target /dev/disk0s2 --erase --noprompt --useInverter

# http://blog.tempel.org/2019/05/cloning-apfs-volumes-containers-apfs.html
/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -s /dev/disk1

diskutil mount /dev/disk1s3
diskutil mount /dev/disk1s4

newuuid=`diskutil apfs list | grep -B0 "Volume disk1s1" | awk '{print $4}'`

mv /Volumes/Preboot/* /Volumes/Preboot/$newuuid
mv /Volumes/Recovery/* /Volumes/Recovery/$newuuid

Works perfectly restored to NON-T2 hardware


But if gets restored to T2 hardware MacBoor Pro 2019, I get encryption error:


+-- Container disk1 AC3AA5BF-580C-488F-B2CA-06EE7AFEAAA4
    APFS Container Reference:     disk1
    Size (Capacity Ceiling):      121018208256 B (121.0 GB)
    Capacity In Use By Volumes:   27882680320 B (27.9 GB) (23.0% used)
    Capacity Not Allocated:       93135527936 B (93.1 GB) (77.0% free)
    +-< Physical Store disk0s2 C0215E72-9265-44D0-8B01-01C6DF4EE5F2
    |   -----------------------------------------------------------
    |   APFS Physical Store Disk:   disk0s2
    |   Size:                       121018208256 B (121.0 GB)
    +-> Volume disk1s1 47CE903C-053E-41AB-8F64-196CFC3D5A05
    |   ---------------------------------------------------
    |   APFS Volume Disk (Role):   disk1s1 (System)
    |   Name:                      Catalina (Case-insensitive)
    |   Mount Point:               Not Mounted
    |   Capacity Consumed:         11373838336 B (11.4 GB)
    |   Encrypted:                 ERROR -69461
    +-> Volume disk1s2 C3EA63AE-7E9D-4709-A334-715B196B089F
    |   ---------------------------------------------------
    |   APFS Volume Disk (Role):   disk1s2 (Data)
    |   Name:                      Catalina - Data (Case-insensitive)
    |   Mount Point:               Not Mounted
    |   Capacity Consumed:         15764234240 B (15.8 GB)
    |   Encrypted:                 ERROR -69461
    +-> Volume disk1s3 2E5A392F-0A5F-4744-BC22-64C16C8B7895
    |   ---------------------------------------------------
    |   APFS Volume Disk (Role):   disk1s3 (Preboot)
    |   Name:                      Preboot (Case-insensitive)
    |   Mount Point:               /Volumes/Preboot
    |   Capacity Consumed:         85487616 B (85.5 MB)
    |   FileVault:                 No
    +-> Volume disk1s4 A3D68D5F-909C-458F-BC81-9E6DB904856E
        APFS Volume Disk (Role):   disk1s4 (Recovery)
        Name:                      Recovery (Case-insensitive)
        Mount Point:               /Volumes/Recovery
        Capacity Consumed:         532713472 B (532.7 MB)
        FileVault:                 No
-bash-3.2# diskutil mount /dev/disk1s1
Volume on disk1s1 failed to mount
This appears to be an APFS Volume; note that locked APFS volumes
will not mount unless unlocked (e.g. "diskutil apfs unlockVolume")

MBP boots ok-ish, login screen presents user icons (even hidden user) instead of username/password field as configured in captured image, (so something gets reset) and NONE of these local users can actually login because password is not accepted.

Reboot to Recovery does not list any users at all (and Catalina & its Data volumes cannot be mounted either)


Anybody has any idea why it behaves that way? (apart from Apple design of course) and how to possibly "fix" it?






Link to comment
Share on other sites

  • 3 weeks later...
  • 2 weeks later...
  • 3 weeks later...
  • 4 months later...
  • 4 weeks later...
  • 3 weeks later...

Not really, the first link was what I already went through.

As mentioned, I have NO issue creating image & restoring it on NON-T2 hardware (using a single USB stick for the whole operation)

As to the other link: https://support.blackbagtech.com

does not seem to even exist any longer (can still pickup text from archive.org), seems to have been swallowed by https://www.cellebrite.com/en/support/

Anyway, it talks about making unencrypted image using MacQuisition (not something that I would be using!)

Aired: December 16th, 2020

Digital Collector 3.1 is the new face of MacQuisition with an expanded reach


But in my case I already HAVE unencrypted image (from NON-T2 hardware)


I am only trying to restore it to T2 hardware!



Edited by sebus
Link to comment
Share on other sites

  • 4 weeks later...

  • Create New...