I wrote an article awhile back, looking at profiles from iPhone Configuration Utility. In Lion, the Profile Manager service can be used to create profiles that can be pushed to OS X or iOS clients. Clients can install profiles by going to a web page or they can be deployed using scripts. Once installed, mdmclient, a binary located in /usr/libexec will process changes such as wiping a system that has been FileVaulted (note you need to FileVault if you want to wipe an OS X Lion client computer). /System/Library/LaunchDaemons and /System/Library/LaunchAgents has a mdmclient daemon and agent respectively that start it up automatically.
To script profile deployment, administrators can add and remove configuration profiles using the new /usr/bin/profiles command. To see all profiles, aggregated, use the profiles command with just the -P option:
/usr/bin/profiles -P
As with managed preferences (and piggy backing on managed preferences for that matter), configuration profiles can be assigned to users or computers. To see just user profiles, use the -L option:
/usr/bin/profiles -L
You can remove all profiles using -D:
/usr/bin/profiles -D
The -I option installs profiles and the -R removes profiles. Use -p to indicate the profile is from a server or -F to indicate it’s source is a file. To remove a profile:
/usr/bin/profiles -R -F /tmp/HawkeyesTrickshot.mobileconfig
To remove one from a server:
/usr/bin/profiles -R -p com.WestCoastAvengers.HawkeyesTrickshot
The following installs HawkeyesTrickshot.mobileconfig from /tmp:
/usr/bin/profiles -I -F /tmp/HawkeyesTrickshot.mobileconfig
If created in Profile Manager:
/usr/bin/profiles -I -p com.WestCoastAvengers.HawkeyesTrickshot
Create profiles in iPhone Configuration Utility or in Profile Manager.