Jamf Nation Community

Captainamerica · ‎01-03-2019

So I deployed the 10.14.2 update to mac´s (cached) as pkg. But just getting stuck in how actually to start the update without any user interaction - or what is the best practise to deploy a OS security patch . We don´t have any update server and of course want to control what updates the users install, so not just enabling auto update on clients

donmontalvo · ‎01-03-2019

Behold! The Jewel in the Lotus:

Github: kc9wwh/macOSUpgrade

--
https://donmontalvo.com

Captainamerica · ‎01-03-2019

Thanks for the input. Machines are already running Mojave, so it is not a full upgrade - as far I can read from the script it is based on self service, something that we would rather not use

donmontalvo · ‎01-03-2019

We use the full macOS installer for both update and upgrade.

Since Apple broke preauthorized reboot and there are mixed reviews on whether this is fixed in Mojave, they recommend the full installer even for patching.

A second reason for using the full installer is firmware updates, which can only be applied through the macOS Installer.

Just a thought, it might take a bit longer (the 10.14.2 Combo Update is also huge at 2.3GB, vs 6GB for the full installer), but the results are worth it for us. At least until Apple fixes their s**t. :)

--
https://donmontalvo.com

Captainamerica · ‎01-03-2019

OK - just tried to search a bit, but where does Apple state the full installer should be used ?.
Think many users will be quite sad that everytime a Security update is comming a whole installer needs to run for est. 45 minutes or so

jkaigler · ‎01-03-2019

I just packaged the combo update for 10.14.2. I extracted the pkg and dropped in JAMF Admin. Added the pkg to a policy and added to self service.

Jamf Nation Community

10.14.2 patch update as PKG - how to install