Posted on 07-25-2018 06:51 AM
Hey,
So i setup some "patch management" policies for some software that Jamf have in their internal source, however i want to include some other applications like dropbox etc.
Would it be better to have an external source added and if so, any suggestions?
Or would Homebrew or something similar be better and work with scripts rather than packages?
Thanks
Posted on 07-25-2018 07:24 AM
Hi,
Have a look at http://kinobi.io/ which installs onto your existing NetSUSLP server. It seems to be a good solution, I must confess that I am having an issue setting up the connection between Jamf Cloud and our internal server but the guys who wrote the software are super helpful.
Another open source product is http://patchserver.readthedocs.io. I am setting this up to test now and again it's a little tricky to setup but once you get it going its very good. The support is also very good via slack and there is a public server already setup which you can use.
Steve
Posted on 10-18-2018 12:54 AM
Hi @Stevie,
Sorry for the delayed response.
I ended up setting the patchserver.io and did the following.
- installed software via homebrew on a stand alone box.
- then used crontab to check for updates for homebrew and update patch server definitions every day at 9am.
- connected it to JSS and set notifications for new updates available.
Check out pkgbuild and quickpkg, they simplified things and it saves us time that composer would take.
We also only download official packages from developers, for security.
I was thinking about limiting patching updates to every 30 days, unless security updates are needed.
Is that a good idea in your opinion?
If I were to check out kinobi, how do you manage definitions from a non Mac environment.
With patchserver it gets the version from the .APP and then uploads a json.
Any advice or recommendations are appreciated.
Cheers
Dan