Skip to main content

We have several M1 chip MacBooks that we want to deploy. How can we push and ensure the Rosetta policy to install (softwareupdate --install-rosetta) gets installed before all the other policies (i.e. Office, TeamViewer, etc.) ? If not, the other installs will fail. I can create a separate policy for each application that has a different scope but that becomes a pain.

Hi Jeff,

After our devices are enrolled, I manually, (meaning its not part of the enrollment)  run a policy called  "Admin Base Apps Installs" that includes Adobe, Office, Zoom, Teams etc. and finally configures the firmware settings

In that same policy, I want to install Rosetta first, and put it at the top of the list, as install applications fail without Rosetta.

Question. In that same "Base Apps install" policy, will the Files and Process run first?  

Or do I create a separate policiy and some how link the two?

fyi I haven't removed the Run script yet shown in the pic so you can disregard it as it fails to run first. 

 

I'm 3 months into the apple world and running into some roadblocks.

 

Appreciate the help

 

 



Hi Jeff,

After our devices are enrolled, I manually, (meaning its not part of the enrollment)  run a policy called  "Admin Base Apps Installs" that includes Adobe, Office, Zoom, Teams etc. and finally configures the firmware settings

In that same policy, I want to install Rosetta first, and put it at the top of the list, as install applications fail without Rosetta.

Question. In that same "Base Apps install" policy, will the Files and Process run first?  

Or do I create a separate policiy and some how link the two?

fyi I haven't removed the Run script yet shown in the pic so you can disregard it as it fails to run first. 

 

I'm 3 months into the apple world and running into some roadblocks.

 

Appreciate the help

 

 


@JM14_2 Put the commands to install Rosetta if needed into a script, and then have that script as a payload in your policy set to Run Before


So, I got this working. What I did was create a Smart Group for M1 machines. Then, then only policy that I had that kicked off as Enrollment complete is one that installs Rosetta. If it's not an M1 then it kicks off the rest of the policies. Once Rosetta is install I have an event trigger that fires off the rest of the policies. So far it's worked. This allows me more flexibility to quickly change around policies.



Nice. Similiar workflow. So, you used the Install command as the first policy, then set triggers on the remaining policies? How specifically did you fire off the event trigger for the remaining policies outside of changing the naming conventions to 00, 01, etc....?


Nice. Similiar workflow. So, you used the Install command as the first policy, then set triggers on the remaining policies? How specifically did you fire off the event trigger for the remaining policies outside of changing the naming conventions to 00, 01, etc....?


rcole,

I only have a few policies with 00 at the beginning of the name and a few with Z. As long as Rosetta 2 is installed before any of your applications you should be good to go and so far it has been working good for me.


rcole,

I only have a few policies with 00 at the beginning of the name and a few with Z. As long as Rosetta 2 is installed before any of your applications you should be good to go and so far it has been working good for me.


@rcole I'm using a custom trigger to call policies in a certain order regardless of the names of those policies. No need to name them 00, 01, etc. I'm using this script for my prestage enrollment process. At line 150 of the script that is where you will see the array where you can call out certain policies using a custom trigger. 

Basically, I have a policy setup to run at enrollment complete. It installs Rosetta first (you can do that with a script set to run "before"). Then, it installs DEP Notify. After that I have the DEPNotify script that is set to run "after". That kicks off and installs all my core apps in the order I want.


@rcole I'm using a custom trigger to call policies in a certain order regardless of the names of those policies. No need to name them 00, 01, etc. I'm using this script for my prestage enrollment process. At line 150 of the script that is where you will see the array where you can call out certain policies using a custom trigger. 

Basically, I have a policy setup to run at enrollment complete. It installs Rosetta first (you can do that with a script set to run "before"). Then, it installs DEP Notify. After that I have the DEPNotify script that is set to run "after". That kicks off and installs all my core apps in the order I want.


Thanks for this info. Works like a charm!


@rcole I'm using a custom trigger to call policies in a certain order regardless of the names of those policies. No need to name them 00, 01, etc. I'm using this script for my prestage enrollment process. At line 150 of the script that is where you will see the array where you can call out certain policies using a custom trigger. 

Basically, I have a policy setup to run at enrollment complete. It installs Rosetta first (you can do that with a script set to run "before"). Then, it installs DEP Notify. After that I have the DEPNotify script that is set to run "after". That kicks off and installs all my core apps in the order I want.


Love this idea. Commenting so I can find it again later when I have time to test and implement. Thanks!


Deploying Rosetta with Rich Trouton's script and got a successfully installed message. Packages installed after it still thinks Rosetta is not installed. Anyone running into this?



Had same experience... any ideas?


For those that haven't installed Rosetta early enough (or are not using ADE), you could find yourself in a situation where softwareupdate has run and discovered a macOS update, but not discovered an update for Rosetta.



If you install Rosetta after softwareupdate has run, it won't include updates for Rosetta and you'll lose Rosetta after the macOS update is installed. This botched my machine that had an Endpoint Security system extension installed, which relies on Rosetta.



I would consider adding softwareupdate -l at the end of any Rosetta install scripts to ensure an update is picked up. I'm yet to test that this will prevent Rosetta removals in the above scenario, will report back when I do.



Did this test out for you?


see my post

install-rosetta-2.sh


Reply