Help

Is there a way to sequence policies?

mgarman
New Contributor III

Posted on ‎07-25-2012 10:12 AM

I would like to be able to have two policies - one that depends on successful completion of the other. Is there a way to sequence two policies so that one doesn't run until the other has been completed?

We have one policy that runs all Software Updates and removes and re-installs a bunch of updated packages.

The second policy would run another pass of Software Updates and cleans up a few glitches introduced by the prior packages. We've made a pass on nearly all of our computers at a remote site for the first policy, so I've unleashed the second one.

Problem will be with the computers that didn't get hit for the first go around. Now that the second policy is active, when those few computers come online, they'll get hit by both at the same time.

0 Kudos
7 REPLIES 7

jarednichols
Honored Contributor

Posted on ‎07-25-2012 10:15 AM

Find something unique about the first policy. Make a smart group for it. Then on your second policy, scope it to the newly created smart group.

For example, I have a policy that caches Microsoft Office 12.4.3 update. The second policy (which actually installs it) is scoped to computers that have the update cached.

You could also have a script or run command that does a jamf policy -trigger <custom trigger> and have your second policy set to run via custom trigger.

0 Kudos

talkingmoose
Moderator
Moderator

Posted on ‎07-25-2012 10:27 AM

You can call another policy by name if you set it with a custom trigger name. Under the General tab select Triggered By: other... and give the Manual Trigger a unique name.

Set your first policy to do everything you want it to do. Under the Advanced tab add a command in the Run Command field to then call the second policy:

jamf policy -trigger triggername

Once the first policy is done it will call the second policy.

Likewise, you could give all your policies Manual Trigger names and call them in your preferred order in a script:

#!/bin/sh

jamf policy -trigger triggername1
jamf policy -trigger triggername2
jamf policy -trigger triggername3

exit 0

mgarman
New Contributor III

Posted on ‎07-25-2012 11:24 AM

Since the first one is doing running software updates that require a restart, and it restart, how does the second one get triggered?

0 Kudos

jarednichols
Honored Contributor

Posted on ‎07-25-2012 11:39 AM

You could lay a dummy package down and scope your smart group off that. (Miles Leacy must love that we're on version 8.6 and still suggesting dummy packages)

0 Kudos

mgarman
New Contributor III

Posted on ‎07-25-2012 11:51 AM

I'm using Jared's Smart group approach. That should do OK.

I'm thinking it might be a useful feature to have a policy be able schedule a call to another policy (and that one to another still, etc...). It would be useful for these multiple-pass kind of situations.

0 Kudos

talkingmoose
Moderator
Moderator

Posted on ‎07-25-2012 11:52 AM

Not possible to daisy-chain policies from one to the next or via script when you're interrupting them with a reboot.

You can, however, run inventory after installing but before reboot, set the second policy to run at Startup and scope it to a smart group of machines with that piece of software installed.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎07-25-2012 11:54 AM

Yeah, set the trigger to Startup, and make sure to scope it to Macs that have run the first policy using one of the above suggestions. It should kick in the new policy after the reboot. Be sure the first policy updates inventory at the end before the reboot itself.

0 Kudos