- Jamf Nation Community
- Community & Events
- Announcements
- Re: MacBook Air Silicon macOS Update
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MacBook Air Silicon macOS Update
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Good morning,
I'm looking for help on updating or new fleet of Apple Silicon MacBooks. We wrote a script that worked perfectly with our old intel MacBooks, but with the new Silicon MacBooks the scripts get stuck waiting for admin user or an user with secure token to input their credentials. I found that Jamf "Software Update" does not work well for our MacBooks in our environment. I found two scripts that works well with the new Silicon devices, but we still run into the issues with enduser having to type in their information. The scripts I used were S.U.P.E.R and Erase-Install
I'm looking for a workflow like this if anyone has one.
- Prompts the user there is an Update
- Allow the User to defer if time is not right, but forces them after they reach their limit
- Checks to make sure MacBook is connected to charger
- Performs the update without needing users credentials
Thank you guys in advance for any help or suggestions
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago - last edited a month ago
On Apple Silicon devices OS updates require a Secure Token, not a bootstrap token which was the case with Intel Macs. Apple is pretty firm in the stance that they do not want you using scripts to run OS updates, and instead you should be using DDM/MDM commands.
- Prompts the user there is an Update - MacOS checks for updates every 24hrs and notifies the user if any updates are available, this is a default behavior of the OS.
- Allow the User to defer if time is not right, but forces them after they reach their limit. - Using DDM commands you specify a deadline or max deferral limit for updates, and the device forces when that time or number is reached and notifies users along the way.
- Checks to make sure MacBook is connected to charger - This is already a part of the default behavior, if the Mac is over 50% battery OS updates will just run, if the Mac is under 50% battery it will wait until a charger is connected.
- Performs the update without needing users credentials. - If you push updates with a MDM or DDM command, that handles the credentials check if that command initiates the updates. There is no way to pass a secure token (Volume Ownership) for the user if the user initiates the updates, the user must manually do this by entering credentials.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Thank you for information. I tried these steps also but only a handful of our MacBooks actually update to the version we need. With the Erase-Install script we can at least set the macOS version we wan to update too and set it to run from self service.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
My team and I haven't started on it yet, but we caught wind of something called Nudge. GitHub - macadmins/nudge: A tool for encouraging the installation of macOS security updates.
This might help you.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
a month ago
Nudge is good macOS update tool as well. I found that it is good for doing major updates on MacBooks.
