I have a test group setup of 6 devices that I am using to test managing software updates. All of the devices in the group are loaded via ADE and Jamf has full control of them.
I pushed out a minor OS update to the devices in this group and even though they are all online and running 14.6.1 which is updatable only one device received a notification about an enforced update.
I guess my first question is going to be is this feature reliable or am I wasting my time? Second any ideas where I should start in regards to troubleshooting as from what I can see there are no pending or failed management commands.
Software Updates in Jamf is not really a feature of Jamf, it is how Jamf is presenting the Software Update MDM commands to us. The GUI is all Jamf, the backend is all Apple. Below is a link to Apple's training documentation on managing Software Updates you can read over.
https://it-training.apple.com/tutorials/deployment/dm215/
In my experience you have around a 75-90% success rate with managing OS updates with MDM commands. There is no other way to deploy updates aside of having users install them manually. Usually when a device fails OS updates it's because of something on the network side, getting a copy of the install.log is the best tool to figure out what is going on.
Let's get some clarity here. Are you using MDM commands for this or the new "software update" [DDMU] feature set from JAMF/Apple?
My experience is you're better off using a more fully flushed out system like Nudge or Super
I've played around a lot with the software update feature over the years. As others have mentioned, it's hit or miss. However here's a hack that has been mostly hit for me lately:
Install Action: Download and schedule to install - Select a very short amount of time, something within an hour or two. When I've scheduled a day or two into the future it almost never works. You can even select a time in the past and it will execute within the hour.
Target version: Specific version - Select the version from the drop-down.
Keep in mind that this will force the update with no option to delay. The users will get a notification but it just says something like, an update has been scheduled and your computer will restart. If you scheduled a time in the future it will let them know they have the hour or two that you set up; if you scheduled a time in the past it will give them almost no time.
Let's get some clarity here. Are you using MDM commands for this or the new "software update" [DDMU] feature set from JAMF/Apple?
Using the new software update system.
I get good results with DDM. Did you try turning off the new Software Update feature, then back on? Are all your devices on macOS 14 already?
Using the new software update system.
Granular software updates work great for macOS in regards to DDMU. Mobile devices, not so much. SUPER hit/miss.
You'll get your best experience by choosing the "latest" update available though.
Granular software updates work great for macOS in regards to DDMU. Mobile devices, not so much. SUPER hit/miss.
You'll get your best experience by choosing the "latest" update available though.
macOS also needs to be on a minimum of macOS 14 too.
I get good results with DDM. Did you try turning off the new Software Update feature, then back on? Are all your devices on macOS 14 already?
As mentioned devices are all running 14.6.1 so OS version isn't the issue.
macOS also needs to be on a minimum of macOS 14 too.
As mentioned in initial post devices are all running 14.6.1 the process works great for one of the four devices I am testing so I have a 75% failure rate.
As mentioned devices are all running 14.6.1 so OS version isn't the issue.
Did you try turning off the new Software Update feature, then back on? This clears up a lot for my macOS and iOS stuff. You can view the status in the device logs. Management tab, Operating System.
If you see a pending update, try turning off the Software Update Feature. Revisit the logs.
When you see "No Updates in Progress," try DDM update again.
Did you try turning off the new Software Update feature, then back on? This clears up a lot for my macOS and iOS stuff. You can view the status in the device logs. Management tab, Operating System.
If you see a pending update, try turning off the Software Update Feature. Revisit the logs.
When you see "No Updates in Progress," try DDM update again.
You can also get more granular logs in the API as to what is happening.
curl -X 'GET' \\
'https://stjude.jamfcloud.com/api/v1/managed-software-updates/update-statuses/computers/<computerIDHere>' \\
-H 'accept: application/json' \\
-H 'Authorization: Bearer <bearerTokenHere>'
Did you try turning off the new Software Update feature, then back on? This clears up a lot for my macOS and iOS stuff. You can view the status in the device logs. Management tab, Operating System.
If you see a pending update, try turning off the Software Update Feature. Revisit the logs.
When you see "No Updates in Progress," try DDM update again.
My Jamf instance is cloud hosted therefore I cannot see any option to turn features off and back on.
My Jamf instance is cloud hosted therefore I cannot see any option to turn features off and back on.
Do you see this option when you select the Software Updates item in the sidebar?
Do you see this option when you select the Software Updates item in the sidebar?
I have just found that, I gave it a try and it has made no difference. I am scheduling a minor updating for tomorrow morning, of the three outstanding devices only one device showed a notification of a pending update. All devices are currently powered on and confirmed checking in.
Device that displayed notification
Device that didn't show notification
