Force Apple Updates

al_c
New Contributor III

What's the best way to force MacOS software updates or make the supplemental updates available via Self Service? Is anyone currently doing this?

19 REPLIES 19

maxbehr
Contributor II

Probably the best way to ensure apple updates are to download them and deploy them like any other software. I personally have a task that runs softwareupdate everyday at noon pointed to an internal software update server. This ensure that any new updates get installed daily at noon.

harsha
New Contributor III

Hi maxbehr,

May I know how to forcely update the software update or security updates into users system, if the user is not installing the latest version? Is there any option like that if jamf pro? If yes, Can you tell me how to deploy or configure it in jamf pro?

tlarkin
Honored Contributor

There is a plist file and a configuration profile payload you can force background updates of macOS. If you want to force updates this is your absolute best path. Otherwise you are just nagging the user endlessly to update.

NYBGIT
New Contributor III

Easiest way is a patch schedule and force the update. Similar to patch Tuesday's like Microsoft.

CorpIT_eB
Contributor II

Following!!! As I desperately need some form of policy to push patch updates as well.

raul_ggomez
New Contributor

You can create a policy for this. You can set up the trigger and frequency to be whenever you want or put it on Self Service for the users to start when they want. Mine is set to trigger once a week at startup but not while our teachers are in class with students. To set the schedule like I did, adjust the Client-Side Limitations on the General screen for the policy.
de7c0427e57a45aab6d3a56734a72e71
007551a4d9d741248f28827f170d3074
0e4021de1c444583941d485aaee9408d

If you make it available on Self Service- do not set a trigger and set the frequency to be Once every week, Once every month or Ongoing.
I would also add a description and force the users to read it before they run the policy.
e4b5aac6f06e4b7f8e1a8cf4404cdb11

pmendez
New Contributor III

CorpIT_eB
Contributor II

@pmendez Thanks for that pretty nifty idea.

Now is this ONLY for macOS updates or all the software installed on the mac as well?

mm2270
Legendary Contributor III

@CorpIT_eB If you're referring to the link above, that's only for macOS updates, essentially anything that would show up when running softwareupdate -l
For additional software/3rd party products, you would need to use a different process, such as Jamf's built in Patch Management or something custom.

j_grafton
New Contributor III

Hi,
I have been looking to this and I can't find a way to make sure this only happens outside working hours.
I know I can let users defer a set number of times and for a specific time but can I set the updates to only install after 4;30pm?
Thanks

sdagley
Esteemed Contributor II

@j.grafton When you create the Policy to run updates use the Client-Side Limitations setting in the General payload to control when the policy will run (the settings in that section are based on the local time for your Macs)

forrestbeck
New Contributor III

I use this. https://github.com/beckf/softwareupdatehelper

It gives the users a way to delay the updates for a time period that I specify. After the delay period is over, the update is forced on them. All prompts with the user is with jamfhelper.

5611bf41e153475a858b449aac30b52c

forrestbeck
New Contributor III

Here it is on GitHub: https://github.com/beckf/softwareupdatehelper

JamfMyMac
Contributor

@forrestbeck I like the workflow.. just can't get it to work...

forrestbeck
New Contributor III

@aaelic24 What do you see when you run the command in terminal:
sudo /usr/bin/python /usr/local/bin/softwareupdatehelper.py --icon="/Library/User Pictures/Fun/Medal.png" --delay=16 --runschedule

What returns from the command: defaults read /Library/Application Support/JAMF/org.da.softwareupdatehelper.plist

nikjamf
New Contributor III

/System/Library/Frameworks/Python.framework/Versions/2.7/Resources/Python.app/Contents/MacOS/Python: can't open file '/usr/local/bin/softwareupdatehelper.py': [Errno 2] No such file or directory

forrestbeck
New Contributor III

Is that the path you copied it too? You can either copy the Python script to a bin you want or you can use luggage to build a package (see makefile)

MMorales
New Contributor

Has anyone put this Automated OS update for iPads and iPhones via Jamf?  There does not seem to be same Policy creation for iPads or iPhones.  I have just found a "Defer software update" but nothing that will force it upon enrollment or on a scheduled date.

harsha
New Contributor III

Hey guys,

May I know how to forcely install the software updates? What is the process to be done in jamf pro?