Forcing MacOS updates

verticalben
New Contributor III

Hi all,

I've had a look through previous posts, but most are dated 2021/2022, so I was just wondering if anyone has any recent solutions?

We would like to enforce MacOS updates on our Silicon Macs, but we don't want to issue Remote Commands that will reboot devices with no user notification.

Is there any viable method for ensuring Macs are on a specific OS and, if they're not, will notify the user and then begin downloading/installing the update after X days?

Thanks in advance

5 REPLIES 5

MichaelMcG
New Contributor III

Your two best options are either Nudge

or  S.U.P.E.R.M.A.N.

and both have pretty good feature sets depending on what you want to do

alanwest_wipro
New Contributor

I second both Nudge and S.U.P.E.R.M.A.N. being fantastic tools.  I favor Super for the simple reason is that you can use it to install the updates with little to no user interaction, which was a factor for one of the clients we implemented it for.

bwoods
Valued Contributor

Apple has essentially killed forcing updates. You have to use Nudge, Super, or Erase & Install. The MDM commands are either unreliable or don't provide the users with enough information before the device restarts. Welcome to the wonderful world of managing macOS. 

MatG
Contributor III

@bwoods second that. They are awful. Not sure what Apple is doing but getting Mac's update is an absolute pain at the moment.

bcrockett
Contributor III

1.  Configure erase - install to trigger the update from self-service using this workflow.    Once that is done email users and let them know they can and should start updating...

2. Next you can use a simple pop-up box that tells the user they must update which has an action button that when pressed will - trigger the self-service policy above. Link to this workflow here.  Once that is in production for two weeks or so it should work for ~50-70% of your users. *make sure to inventory update often for these non-updated users so they are excluded from the smart group of computers that have not been updated. 

This is a fairly simple way to force users to update. 

 

3. For the last ~ 30% configure nudge to prompt the user to update. Make sure, it also triggers the policy step one. This is the link to the workflow.   ( this demo config is ugly however, it is functional)

 

Hope that helps!!