Can you trigger the update OS MDM command via Jamf api?

ooshnoo
Valued Contributor

Hey folks.. just as title suggests, I was wondering if it's possible to trigger the install/schedule OS update MDM via the Jamf API. 

That way we can use a policy and start it a specific time in an effort to have all our Big Sur macs install updates and be compliant.  Otherwise I'm at the mercy of the "Nudge" app, which I really don't like.

I thought it may be possible as in the past I've used the API to send MDM unenroll commands when migrating computers from one JamfPro server to another.

5 REPLIES 5

cbrewer
Valued Contributor II

It can be done. Keep in mind the risk with running API scripts on client computers that contain credentials. You might  be better off building a process/script that runs from some kind of script server on a schedule.

ooshnoo
Valued Contributor

@cbrewer Thank you.  Do you know the command line / script that will accomplish it?  We're not concerned about credentials.

cbrewer
Valued Contributor II

Classic API (JSSResource) > computercommands/command/ScheduleOSUpdate

 

You're probably going to have to build something. There are many examples out there of scripting the Jamf classic API.

ooshnoo
Valued Contributor

Ok, so I tried the following and it doesn't alleviate the need for user authentication with Big Sur and Monterey.  Ugh... I was actually hoping this would be a way around it since sending the ScheduleOSUpdate command does work for us.  Why Apple does crap like this, I have no idea...  

 

uname="$4"
pwd="$5"

if [ "$6" != "" ];then
server="$6"
else
## get current Jamf server
server=$(defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url)
fi

## ensure the server URL ends with a /
strLen=$((${#server}-1))
lastChar="${server:$strLen:1}"
if [ ! "$lastChar" = "/" ];then
server="${server}/"
fi

## send unmanage command to machine
curl -X POST -sku ${uname}:${pwd} ${server}JSSResource/computercommands/command/ScheduleOSUpdate

 

 

imy
New Contributor III

I am trying to get a variation on this going - https://github.com/kdrwygvh/Sunstein_macOSUpdates

note: I'm pretty sure Jamf 10.33 breaks this process. I have a ticket open now to investigate. The result is that once the Mac gets to 11.6.1, it will keep reinstalling that same version and not install any other updates, like Safari.