Pardon my ignorance, I'm trying to figure out how to install OS updates efficiently. Currently, I'm running the Software Updates Policy which installs the security updates just fine, but does not install the OS updates IE) Big Sur 11.5 on a machine running 11.4. I did come across another method to do this which is to run a second policy with the file and processes payload to run the software update tool, Softwareupdate -i -a, but I am trying to avoid situations where no warning or notification is given and a user restarts there machine and they have to wait 30 minutes for the upgrade to complete.
Is there a way to obtain a dmg or pkg of these minor OS updates which I can send out or is there a better way of doing this? I've tried searching the forums for any more clues but haven't had any luck there or I'm searching for the wrong thing. Any help would be appreciated, i'm still learning.
Solved! Go to Solution.
@alex_guarino Thank you for that article that was very helpful. From the looks of it I don't really have the option of obtaining the minor OS update dmg's and I guess that's just the way it is. Nudge looks nice too, I will give it a shot.
Thank you for the second vote on Nudge. Has the feedback been positive from your users? Reading over the info it looks like it's set to check by default every 30 minutes, so it definitely "nudges" you into compliance it seems.
@Levi_ I got good feedback from some of my users, they were happy with it cuz it wasn't nagging that much.
you can create your own launch agent, for us 30 min "default one" is too much so I built my own agent to nudge my users every 4 hours so you can customize it the way that would fit your deployment and your org.
Join #Nudge channel on MacAdmins Slack ... lots of useful comments.
you can start from here https://www.youtube.com/watch?v=jyrtBXYxY7c
Thank you @MacJunior . I'm going to give this a shot, normally I do not like to have the end-user choose when to install updates and rather install them automatically for them and notify them a restart is required but for macs, things are very different. I wish Apple would provide an easier way to manage minor and major OS updates in the future for administrators.
I considered using this approach but I don't want to reinstall macOS for a minor OS update 11.4>11.5.1 etc. I am starting to test Nudge out and so far it works. For major OS upgrades, I will deploy the OS Upgrades through Self Service.
I did come across this article and it is Apple to blame for no longer making the minor OS updates available as pkg's anylonger - https://eclecticlight.co/2020/12/17/apple-has-stopped-providing-standalone-installers-for-macos-upda...
What I ended up doing is a config profile, then a script that prompts the user to Update Now or Delay.. If they choose to "Update Now", it opens the Sys Preferences>Software Update pane and allows them to hit the Update button.. If they choose to Delay, 5 minutes prior to the delay time limit has reached, a 5 minute countdown dialog box runs and opens Sys Preferences>Software Update pane so they can update..
Simple, yet resolves the headache
Only thing that works for me is this:
You download the InstallerAssistant.pkg file. Upload it to Jamf. Deploy it to any machine with a policy. This package basically reaches out to Apple servers and downloads the Big Sur installer app directly. It will take 30min + for the scoped device to download the Big Sur installer app. Once that is completed and the Big Sur app is in the Applications folder, I scope another policy to that same device with just a script:
'/Applications/Install macOS Big Sur.app/Contents/Resources/startosinstall' --agreetolicense --forcequitapps --nointeraction
*mind the single quotes and keep them^
I deployed this second script as a Self Service button so users can execute install when they are ready. This second policy may say it failed but it actually works every time. About 5-7 mins after clicking this button to execute this policy, the computer will start the Big Sur install automatically. No Admin credentials or interaction required.