Since Jamf hasn't implemented a few of the feature requests out there that would make this better, I have resorted to making a script and using Jamf helper. I stole a lot of it from https://www.jamf.com/jamf-nation/discussions/5404/jamfhelper-software-update-trigger. My goal is to incorporate the new softwareupdate -i -a -R feature as defined by Der Flounder (https://derflounder.wordpress.com/2018/03/29/new-automated-restart-option-added-to-10-13-4s-softwareupdate-command-line-tool/) in a work flow that works well and is less intensive for my users.
The biggest catch I've had so far is recording the success or failure of the reboot process because the reboot is triggered by the script thus the policy never completes and the logs are never submitted to Jamf. Below is what I have written, it will be in a policy that is scoped to a smart group of folks that have updates pending, any suggestions on functionality or workflow is appreciated.
Edit 4/25/2019: A new GitHub has been made for this project. it incorporates tons of bug fixes and feature additions discussed in the below posts. It is, as of now, an active project. Folks here continue to add great suggestions and bug finds to what has been built, so please review the code and use a pinch of salt when deploying in your environments. The git can be found here: https://github.com/taboc741/MacScripts/blob/master/A-Kinder-macOS-Update
I am having an issue with the deferral script. It prompts the user saying that there is a update available. Once you click defer, it properly calculates it (we have it set to 5 deferrals, so it recalculates it to 4). However, the second time it prompts the user and if they click defer again, then it resets the counter (it writes 4 to the plist).
Is there an issue with the defer script from the github?
2019-Jul-30 13:05:43 : Script Started 2019-Jul-30 13:06:05 : Icon path set to /Library/Application Support/[redacted]/AppleSoftwareUpdate.png 2019-Jul-30 13:06:05 : Deferral set to 3 2019-Jul-30 13:06:25 : Updates downloaded 2019-Jul-30 13:16:32 : prompt equaled 2. 0=Start Updates 1=failed to prompt 2=User choose defer 239=exited Null=user force quit jamfHelper 2019-Jul-30 13:16:32 : Script Started 2019-Jul-30 13:16:53 : Icon path set to /Library/Application Support/[redacted]/AppleSoftwareUpdate.png 2019-Jul-30 13:16:53 : Deferral set to 2 2019-Jul-30 13:17:17 : Updates downloaded 2019-Jul-30 13:17:29 : prompt equaled 2. 0=Start Updates 1=failed to prompt 2=User choose defer 239=exited Null=user force quit jamfHelper
So I keep getting the prompt twice in a row. Any ideas as to what I am doing wrong?
I had the script twice in the policy. Carry on...
Just tested this with the first update to come out for macOS Catalina, but the script is not detecting it.
2019-Oct-15 14:44:55 : No updates pending.
But I definitely have any update pending
Anyone else seeing this?
Needing assistance from anyone with XP getting the Deferral script to run properly. Currently, the script will pick up when a user defers out to the mass, but when it hits max and there are no deferrals left, the script will not force the update. Any thoughts here or assistance would be greatly appreciated.
@Jmazzuca182 - I'm seeing the same error as you when attempting to do a shutdown.
I ended up making a new thread on that error before I saw your response (https://www.jamf.com/jamf-nation/discussions/36398/shutdown-command-in-bash-script-can-t-detach-from-console)
Were you ever able to resolve that issue?
Hello all. Has anyone updated this so it works with Catalina and Mojave? Saw that there was a mention concering the different software argument for Catalina. Does that mean it won't work if run on Mojave?
@tjhall I tweaked the middle section of the script (arund line 96, but I may have added comments or something elsewhere)
##Check if there are any pending OS updates. If not quit to run another day. updates=`softwareupdate -l` updatesPending=`echo $updates | grep "Recommended: YES"` if [[ -z $updatesPending ]] ; then updatesPending=`echo $updates | grep Recommended` fi if [[ -z $updatesPending ]] ; then updatesPending=`echo $updates | grep recommended` fi [[ -z $updatesPending ]] && updatesPending="none" sendToLog="Updates equaled $updates "
This is working for me on both 10.15 and 10.14
Found some issues in the script for Big Sur, so it got a little love this week. The defer portion isn't as needed as it used to be now that Jamf has implemented a couple feature requests. Deferrals in the policy can be based on number of days not just a date in the future. Also though there appears to be a PI in Big Sur, Jamf also now supports the correct reboot method in software updates by policy. Not aware of any issues for this current script on any OS from 10.14 - 11.1, if you find one please mark it on the git hub. Do note, this script does not do major version releases. No jumping form 10.14 to 10.15. It only does minor updates and security updates.
Hey, all! Is there a way to get this script working on Big Sur? All of our users that are on Catalina or below work just fine with this script. It appears to work on Big Sur at first, but after restarting, it doesn't actually install the updates, it just prompts immediately to update again after a restart. Is there some kind of special configuration I need to do to get restarts working in Big Sur? The policy I have now just runs the script if they're in a Smart Group that detects if they don't have the most recent updates installed.