Today, we launched enhanced versions of many of our existing patch management titles with more granular breakdowns and definitions to make app reporting and patch workflows more flexible. This is especially valuable for customers who aren’t always adopting the very latest version of an app or series.
As was noted in the Jamf Pro 10.27 release notes, some of the existing titles have been marked as deprecated following this first round of upgrades. This deprecation label may cause an alarming round of email alerts for customers subscribing to title changes - don't panic! All deprecated titles will continue to receive full version updates for the foreseeable future in parallel with the newly released titles, so no existing patch workflows should be impacted.
We recommend that any customer adding a new title select the non-deprecated variants to minimize any future migration steps. We will provide guidance alongside a future Jamf Pro release for any necessary migration steps that may occur to help all customers move off of the deprecated versions of these titles prior to any end of support.
Over the coming weeks and months, you can expect to see even more titles added to the Jamf Pro patch feed. You can monitor the new resource page to keep track of the latest titles available from Jamf.
For the less literate, including (apparently) the JAMFers among us, this "deprecation" is premature according you your own 10.27.0 release notes:
Patch management software titles—The Jamf patch management software titles will be updated in a future release. Some existing software titles will be marked as deprecated and replaced with updated software titles. Deprecated titles will continue to be updated as new versions become available; no action is required at this time. More information will be made available soon.
But hey, who cares about being honest and accurate?
@barnesaw This is a fair criticism. The patch feed is maintained and updated separately from the Jamf Pro code base but I totally appreciate how this reads like it'll change as part of a Jamf Pro release. Our goal was to provide advanced notice of this planned change so we decided to publish this in Jamf Pro release notes, which are generally one of the most visible and standard ways to communicate this kind of information to admins.
@davidi4 Thanks for the feedback. Once a title is added to Patch Management, the display name is admin-defined and won't update with a (deprecated) label. Unfortunately, the end user alert is still actually pulling from the raw patch feed. We are working on a solution to ensure this doesn't appear for end users. I'll share more once we have an update on this change.
Not ideal for some larger scale or particular situations, but I have found it best before Jamf is able to implement a solution for the depreciated title on the user-end to simply recreate the title and assign definitions as new title versions are updated. Re-associating packages to definitions from a certain historical point forward has been a viable workaround to weed out the old and start with the new.
Thanks to everyone for the feedback about the end user confusion that the deprecated labels are causing. I want to let you know that we are preparing an update to the patch feed that will change the way we denote which titles are deprecated. This will return to the previous end user experience you are familiar with.
In order to revert the software title names, we will need to trigger a patch title refresh, which will initiate another round of email notifications for admins watching these titles. While this extra email is not ideal, we want to act quickly to resolve the end user confusion that the deprecated label has created. We plan to complete the change this week and I will share more details about the exact timeline once the fix is tested and scheduled for release.
Update: Starting later today, we plan to roll out a change to the way that deprecated titles are displayed in the patch feed:
We will be removing (deprecated) from the software title name. This will ensure that end users are not confused by any new language in Self Service or other notification workflows.
We will be adding a (legacy definition) description to the publisher column to indicate which titles are deprecated. This will allow you to see which titles are deprecated when adding new definitions. We are using the new term so nobody interprets the vendor as being deprecated. Additionally, this (legacy definition) label should flow through to patch titles that have already been added to Jamf Pro so you can tell which items are based upon a deprecated definition.
In order to ensure that we quickly remove the (deprecated) language from user-facing workflows, we will be forcing a refresh of these definitions. Be aware that this will trigger an email notification if you are watching the title. This will be a rolling change over a few hours to ensure we don't spike traffic to the patch infrastructure.
I will post another update once the titles have all been refreshed.
While I agree about communication and the need to be a bit better (really, what organization doesn't suffer from communication issues?), I am very happy with the first look at the updates! There are lots of changes that affected my organization that I am glad to see implemented, so thank you @michael.devins for the work that was put into this.
We are successfully seeing the new "(legacy definition)" listed when we go to add a new title, but Patch titles that we have already created don't have any information "flowing through" that tell us whether the definition is Legacy or new (unless perhaps we are only using the newer definitions). Where should we be looking in existing Patch titles for this info?
I'm seeing it in the Publisher column (the second column) but so far of the titles I'm using, only for Chrome. Imagine it'll be a bit until they're all updated. What I'm antsy for is the method to migrate from the deprecated titles to the new ones rather than having to rebuild them all by hand.
@lbr, The version information gathered by default Jamf inventory data is not quite granular enough to detect all releases of OneDrive, this is why the EA has been added to the new definition. There will be additional EAs for some new products being added, as this is required for accurate and up-to-date version information.
Update: the naming refresh of deprecated patch definitions should now be complete. As a recap:
Deprecated titles will now show a (legacy definition) label in the publisher column. This will also appear in any existing software title you’ve previously added in Jamf Pro to easily identify which objects are based upon a deprecated title.
End users should no longer see a (deprecated) label in Self Service or other notifications.
We will continue to maintain version updates for both new and legacy software titles for the foreseeable future until we have more details on migrating off of the deprecated titles.
Thanks for everyone’s feedback and understanding as we worked to make this right for you and your end users. We’re excited to bring more new titles to you in the near future so stay tuned for more updates.
Thanks @michael.devins for the update. So that I can calibrate my expectations. . .if I'm currently using what are now considered "legacy definitions" will they be converted/migrated/transitioned on the JSS end? Or will the JSS admin be expected to delete their "legacy definitions" and recreate them with the new/current definitions?
@robertliebsch, it is somewhat counter-intuitive, but the process (once the initial import is done) is as follows:
- Click the "Extension Attributes" tab, which has "1 Error".
- Review the script contents.
- Click the "Edit" icon / button in the bottom-right corner of the window.
- Click the "Accept" button which appears below the descriptive text about Inventory data.
- Check the "I have reviewed the script and accept use of this extension attribute." checkbox in the "Accept this Extension Attribute" modal.
- Click the "OK" button in the "Accept this Extension Attribute" modal.
- Click the "Save" icon / button in the bottom-right corner of the window.
The error should disappear, and the Extension Attribute will begin gathering inventory data as machines update their inventory.
I see that the simple "macOS" option is marked as legacy/deprecated, replaced by individual components for each major version.
I for one find the macOS option very useful as a way to quickly see the status of the whole fleet on one screen. Any chance you'd consider keeping it? I can't imagine anyone's using the Patch Management feature to actually install macOS updates, especially considering that it looks like Apple's no longer providing update package files.
Probably due to a bug in Jamf Pro - Don't go adding both new and deprecated patch titles for the same software (eg. Firefox) and expect to use them both in Smart Group scoping. Smart Groups can see and add both patch reporting titles as individual criteria items, even browse the different version numbers in each patch reporting title, but when saving the Smart Group, it will only be able to query one.
If you use patch reporting title definitions in your smart group criteria, think about migrating away from the deprecated title first.
I'm curious what this change is leading up to down the road. Since the acquisition of Kinobi, our team has been very worried what will be happening with the patch management solution. As it turns out, this current change did not really affect my team as almost all of our definitions are being imported from our Kinobi server instead of using Jamf's built in ones (we found those to be lacking at the time of decision making), but it does have me wonder what the next steps are.
Is there any kind of roadmap or anything that can be shared with the general community that can let us admins know what we can expect to happen with patch management, or maybe just the goals of Jamf as to what they want patch management as a feature set to be down the line?
Yes - I agree with @UESCDurandal - there should be a "macOS" that encompasses all versions of macOS so we have that option. The same goes for the Adobe Creative Cloud apps and Microsoft Office apps. Being able to track them both in the current release for patches and over historical timelines are important. I've gotten pretty creative with the legacy patch management policies with pushing out updates of new versions - especially since patch management policies have some special, magical, powers that standard policies do not without going through a lot of extra effort and customization.
As it turns out, this current change did not really affect my team as almost all of our definitions are being imported from our Kinobi server instead of using Jamf's built in ones (we found those to be lacking at the time of decision making), but it does have me wonder what the next steps are.
I also agree with @UESCDurandal & @taugust_ric in regards to having an all-encompassing macOS item in patch management. The decision to make this a legacy definition doesn't make much sense. I want to be able to see my entire fleet's OS versions in one place, not have to jump between individual OS components to see everything.