Skip to main content

I have a policy for iMacs and Mac Minis that does Software Update @ re-curring checkin NOT between the hours of 7am - 9:30pm.
I have 2 questions;



1 - Should this install updates on a computer whether a person is logged in or not ?



I also have the policy set for both when no one is logged in and if a user is logged in to 'reboot the computer if the package or software update require reboot'



2 - How do i know if a computer was rebooted ?



all i see is after the policy runs, it does its recon, but i do not see anything telling me that computer rebooted.

1 - Generally speaking it's best to install updates when a client machine is not logged into. But like most organizations this is difficult due to mobile computers.



2 - In terminal type last reboot

If your looking at the computer in the JSS you can find the restart information (and logins etc...) in Computer Usage under the Histpry tab.

I only have this policy setup for iMacs/Mac Minis. I have Laptops set to install any OS updates on logout.



Looks like iMacs/Mac Minis will install the updates if the computer is on and NOT logged into.

@tcandela Do you ever have a problem with users having the lid to their MacBook closed and firmware updates not applying after a reboot?

@Snickasaurus yep, I've had this with firmware for when laptop is connected to an apple TB display, based on the software updates listed in the JSS I can see if it's a apple TB display firmware update and I notify the user to make sure they have the lid open when they logout. Not sure what else to do. Just been like a handful of times I had to deal with this.
Does this happen for you for all kinds of firmware updates?

@tcandela Yes, dealing with any firmware update will require the lid of the MacBook to be open and at times can be frustrating for both IT and our customer/user.



Are you using an extension attribute similar to this little guy..



echo "<result>$(ioreg -r -k AppleClamshellState | grep AppleClamshellState | awk '{print $4}')</result>"


..to report the MacBook is either open or closed? It works a peach in a smart group/extension attribute smashup. At times I like to run all updates during the day (perhaps when people are on lunch break) except those that require a reboot then another policy that installs updates that DO require a reboot when the customer/user is logging off.



Edit:
(1) Corrected horrible spelling
(2) Apologies to @tcaldana for putting your name first and possibly causing you to get a "You've been mentioned" email as I'm tired and probably shouldn't be communicating with other humans

@Snickasaurus no, not using EA.



based on the software updates listed in the JSS for a particular enrollem mac, I can see if it's a apple TB display firmware update and I notify the user to make sure they have the lid open when they logout. Not sure what else to do. Just been like a handful of times I had to deal with this.

Terms & ConditionsCookie settings