Skip to main content
Solved

Software Update failing "You need to be the owner to install"

  • March 24, 2022
  • 6 replies
  • 168 views
A
Forum|alt.badge.img+8

Hello All

We are runnning into an issue with laptops trying to update OS and being met with an error that states "you need to be an owner to install". Some machines the workaround of "sudo softwareupdate -i -a -R", will install the update but this isnt ideal. All machines are M1 machines, DEP enrolled and going through the same prestage. It seems like its related to SecureToken missing (which might also be causing some FV2 issues) for the user, at least thats what my google fu leads me to. 

 

I kind of remember there being a script out there that could be used to assign a securetoken, we used it at my last place but I cant seem to find it. Any help is appreciated!!!!

Best answer by jcarr

Can you confirm the error text you quoted?  Might is read "volume owner" rather than just "owner?"  If so, you are likely running into a secure token or bootstrap token issue.

 

https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web

 

Did you by any chance deploy these devices with recovery lock enabled?

    6 replies

    J
    Forum|alt.badge.img+21
    • jcarr
    • Valued Contributor
    • Answer
    • March 24, 2022

    Can you confirm the error text you quoted?  Might is read "volume owner" rather than just "owner?"  If so, you are likely running into a secure token or bootstrap token issue.

     

    https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web

     

    Did you by any chance deploy these devices with recovery lock enabled?

    A
    A
    Forum|alt.badge.img+8
    • ajamfadmin1810
    • Author
    • Contributor
    • March 24, 2022

    Can you confirm the error text you quoted?  Might is read "volume owner" rather than just "owner?"  If so, you are likely running into a secure token or bootstrap token issue.

     

    https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web

     

    Did you by any chance deploy these devices with recovery lock enabled?


    So it’s related to not that you said. I checked our system logs and a bunch of missing bootstrap tokens. I have a script that assigns secure token, once I did that the user could update no issue. Checking with Jamf why this is happening to 10% of our machines

    J
    J
    Forum|alt.badge.img+1
    • jtommerup
    • New Contributor
    • June 16, 2022

    So it’s related to not that you said. I checked our system logs and a bunch of missing bootstrap tokens. I have a script that assigns secure token, once I did that the user could update no issue. Checking with Jamf why this is happening to 10% of our machines


    Did you find anything from Jamf?

    F
    Forum|alt.badge.img+1
    • fenlon
    • New Contributor
    • September 16, 2022

    So it’s related to not that you said. I checked our system logs and a bunch of missing bootstrap tokens. I have a script that assigns secure token, once I did that the user could update no issue. Checking with Jamf why this is happening to 10% of our machines


    Can you specify what script you are using to resolve this?

    kwoodard
    Forum|alt.badge.img+12
    • kwoodard
    • Valued Contributor
    • September 23, 2022

    Yes, can you please share your script? I have a bunch of M1/M2 that are showing this message. 

    D
    Forum|alt.badge.img+1
    • declure
    • New Contributor
    • December 12, 2023

    Yes, can you please share your script? I have a bunch of M1/M2 that are showing this message. 


    I haven't had a lot of practice on this issue but I ran into it today and tried:

    sysadminctl interactive -secureTokenOn receivingUsername -password 'receivinguserpassword' and in my single case, it seemed to solve it.  I'd be curious if that helps anyone else.

    kwoodard
    Terms & ConditionsCookie settingsAccessibility statement