Jamf Nation Community

ChickenDenders · ‎11-06-2020

Hey Friends -

We're got about 15 Trashcan Macs in an offline environment that have been sitting on Sierra 10.12.4 for the last few years.

Due to some incompatibility with our software licensing/operating system, it's looking like we are being forced to upgrade. Catalina is the target, just because it's the newest thing - unless an earlier OS version would be better?

We were planning to purchase the new Mac Pros before our licensing ran out, which would conveniently mean we could avoid having to rebuild all our current machines, sort of a natural upgrade path to the new OS, but that didn't pan out this year. So, now we'll be upgrading our existing machines and then doing it all again in a few months. Yippee :^)!

I've just finished upgrading our JSS server from 9.97 all the way to 10.25 (VERY FUN!). I am ready to start building out the OS upgrade package, and then start working on our software (mostly Adobe Suite and a few dozen plugins.

So - My current plan is to do a quick and dirty upgrade in place. We'll be replacing these machines soon enough, and the deadline for our upgrade is a week from now, so I'm just going to go for it and see what sticks rather than configuring a fresh OS install. We can save that for the new computers. Not going to do anything Self Service - well be scheduling a weekend for downtime.

From my manual testing, it seems like I can just upgrade straight to Catalina, and then apply the Combo Update up to 10.15.7, no incremental upgrading required. Most things seems to work, except for a few complaints about legacy software like our Wacom drivers. I think I have a good idea of all the packages necessary for that stuff.

I've just went through and renewed all my Push/SSL certs on the JSS Server. I had some trouble renewing the VPP cert, but I don't really remember what that does. We don't have any App Store stuff we managed, so do I even need that? Hoping it isn't necessary for the OS install.

We did have some strange slowdown issues due to our disconnected network, but some firewall changes to allow communication to Apple's servers for whatever Catalina requires seemed to fix that.

NOW, that all being said... Are there any caveats to watch out for? Recommended practices that have fundamentally shifted how things were done four years ago? Or are we all still dropping PKG files into Casper Admin and using Composer to nest installers, then trigger by scripts?

Hoping I'm not in over my head here. Looking to push this out in a week.

Thanks --

mojo21221 · ‎11-09-2020

Just throw the macos installer.pkg into jamf admin and send it down to the macs then use the github below.

https://github.com/kc9wwh/macOSUpgrade

We also have this run before the upgrade to kill any open apps that will cause the upgrade to hang.

#!/bin/sh

#Force quit all non-essential applications


declare -a killPIDs
killPIDs=$(ps axww -o pid,command | grep -v bash | grep [A]pplications/ | grep -v /bin/sh | grep -v [C]asper | grep -v [J]amf | grep -v [S]elf Service | grep -v grep | awk '{print $1}')
#Kill said processes.


for i in ${killPIDs[@]}
do
    echo "Killing PID $i"
    kill -9 $i
done

exit 0

AJPinto · ‎11-09-2020

For macOS upgrades we package Catalina with Composer and push the install macOS Catalina.app with a policy. Then later down the road call install macOS Catalina.app with a script to upgrade very similar to the one Mojo referenced in the GitHub link. The work flow is very simple, get "install macOS Catalina.app" on the Mac and then run the script however you are comfortable with triggering it. We did not run in to any major snags going from Sierra to Catalina 2 months ago on several devices.

The main advantage VPP would have here is you could push install macOS Catalina.app from the appstore, but we don't even do that and we have VPP setup.

ChickenDenders · ‎11-09-2020

That's awesome. Sounds simple enough. Thanks guys!

Jamf Nation Community

In-Place Upgrade from Sierra to Catalina