- Jamf Nation Community
- Products
- Jamf Pro
- Apple Software Update Timed Installs
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 10:20 AM
Hey all:
In our institution we use Microsoft System Center Configuration Manager (SCCM) to install Windows updates on desktop computers. With our Staff systems, we make updates available at a specific time and the staff can defer the updates for up to 48 hours (or they can update right away) and then SCCM automatically downloads and installs the updates and warns the user about a reboot.
Is there a way to mirror this kind of functionality with Software Updates policy? I see that I can make updates available at a specific time but to force a deadline didn't come very apparent to me and I haven't seen this in Jamf Nation anywhere. Any advice would be appreciated
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 10:31 AM
In version 9 of Casper Suite they added the ability to have user interaction for policies, either before or after, including deferment by the user until a specified date, after which the installs will just happen. If you're using Casper Suite 9.x you could look into that.
If you want a little more flexibility, or, you're using version 8.x of Casper Suite, you'll have to look at custom scripted solutions.
Here's an older but good thread with lots of solutions that may fit the bill-
https://jamfnation.jamfsoftware.com/discussion.html?id=5404
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 10:31 AM
In version 9 of Casper Suite they added the ability to have user interaction for policies, either before or after, including deferment by the user until a specified date, after which the installs will just happen. If you're using Casper Suite 9.x you could look into that.
If you want a little more flexibility, or, you're using version 8.x of Casper Suite, you'll have to look at custom scripted solutions.
Here's an older but good thread with lots of solutions that may fit the bill-
https://jamfnation.jamfsoftware.com/discussion.html?id=5404
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 12:06 PM
My solution to this is in the thread that @mm2270][/url][/url linked; it's basically three parts:
A primary policy scoped to all managed computers that runs a script; it runs for the entire patch "cycle", which is basically patch Tuesday +1 through the end of the month.
The script, which checks if updates have already run (package receipt), and then handles our deferment process (I think it was 5 days when I posted it), and calls our patching policies by invoking a specific trigger that we use just for patching. If it does go through patches (see number 3), it makes a package receipt so that they won't run again that month.
The policies with that trigger are ongoing, scoped to smart groups to determine whether the computer needs the update. These don't each take inventory; there are two more policies that always run: Apple SWU's and Recon.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 12:13 PM
Didn't see User interaction, thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-30-2014 12:25 PM
Yeah, but just keep in mind that the current user interaction implementation doesn't allow for a "show X number of times before forcing the install" Instead it uses a "Show until this date, then force the install" The possible issue you can run into with that is a user who's away from the office may come back in and connect up after the drop dead date and then have zero deferments left, thus getting the installations forced on them.
I don't particularly think that's so user friendly and I'd like to see that be changed to also include an X times before enforcement model.
If you want it to work that way, currently you'd have to use a custom solution. There's a feature request to have it include the other ability here. You may want to vote this up:
https://jamfnation.jamfsoftware.com/featureRequest.html?id=1418
