Help

Weekend App Updates

Bekkah
New Contributor

Posted on ‎06-16-2023 05:28 AM

Hi!

Does a device have to be logged in, in order for jamf to check in and to run policies? I am trying to schedule a wake up and have the device check for policies and run them over the weekend.

Thanks!

0 Kudos
6 REPLIES 6

jamf-42
Valued Contributor II

Posted on ‎06-16-2023 05:43 AM

no. if you have a policy scoped to run.. it will run.. (depending on what it does may require a user to be logged in though) 

0 Kudos

Ismere
Contributor

Posted on ‎06-16-2023 05:44 AM

If you mean it in a way that a user needs to be logged in then no. Our Macpool Systems are somtimes not used for a whole day but updates and policies are still run.
Only Problem with logged in or not logged in Users is if whatever you want to do in a policy requires feedback from a User. But the pure Check-In and run Policies functionality from JAMF is working without any logged in User as long as the System is on and reachable

0 Kudos

Bekkah
New Contributor

Posted on ‎06-16-2023 06:04 AM

Essentially, I have a policy I am testing with using the pmset schedule command to run during the week to wake a computer up over the weekend. 

#schedule device wake up - update time and date
sudo pmset schedule wake "06/16/2023 14:30:00"

Then I have a policy that is set to run the commands below and set the Server-Side Limitations to run at a recurring check-in after the scheduled wakeup to update applications. I am using Installomator and have the blocking set to auto kill the app if needed, since the messaging will be pushed out the all devices will be updated over the weekend.

#store users original womp settings
original_womp=$(pmset -g | awk '/womp/ {print $2}')

#turn on wake on lan
sudo pmset -c womp 1

#turn on caffeinate to make sure the devices stay awake while running patches
sudo caffeinate -dims

#run jamf patch commands
sudo jamf policy xyz
sudo jamf policy abc
sudo jamf policy etc...

#restore users original womp settings
sudo pmset -c womp "$original_womp"

#turn off caffeinate - 30 is the timeout delay in seconds
sudo caffeinate -u -t 30

#turn off device (if a restart is desired change -h or -r)
sudo shutdown -h now

But it hasn't been working....

0 Kudos

jamf-42
Valued Contributor II
In response to Bekkah

Posted on ‎06-16-2023 06:08 AM

first thing is you don't need to 'sudo' commands and scripts run as root. 

what's 'not working' there are a few moving parts here.. 

0 Kudos

Bekkah
New Contributor

Posted on ‎06-16-2023 06:14 AM

So would it be better just to set the server-side times for each of the patch polices to just run in the time frames I want them to with a recurring trigger vs having them run by the custom trigger. And just scrap the pmset and the other altogether?

0 Kudos

jamf-42
Valued Contributor II

Posted on ‎06-16-2023 06:21 AM

if those policies are only needed to run then, that would work and simplifies it..   set the Mac to start up and then use recurring checkin to trigger your server side timed polices.. 

0 Kudos