Posted on 02-26-2021 12:33 PM
Today, we launched enhanced versions of many of our existing patch management titles with more granular breakdowns and definitions to make app reporting and patch workflows more flexible. This is especially valuable for customers who aren’t always adopting the very latest version of an app or series.
As was noted in the Jamf Pro 10.27 release notes, some of the existing titles have been marked as deprecated following this first round of upgrades. This deprecation label may cause an alarming round of email alerts for customers subscribing to title changes - don't panic! All deprecated titles will continue to receive full version updates for the foreseeable future in parallel with the newly released titles, so no existing patch workflows should be impacted.
We recommend that any customer adding a new title select the non-deprecated variants to minimize any future migration steps. We will provide guidance alongside a future Jamf Pro release for any necessary migration steps that may occur to help all customers move off of the deprecated versions of these titles prior to any end of support.
Over the coming weeks and months, you can expect to see even more titles added to the Jamf Pro patch feed. You can monitor the new resource page to keep track of the latest titles available from Jamf.
Posted on 02-26-2021 02:38 PM
(Deprecated) also shows up in Patch Management notifications in Self Service notifications. This is confusing end users.
Posted on 02-26-2021 03:51 PM
Thanks for the feedback @joshsw. We're looking into what we can do here to minimize end user confusion.
Posted on 02-27-2021 02:28 AM
Seems to be have a problem on Adobe Creative Cloud Patch.
Last version on Definitions is 126.96.36.1998 but latest version selected is 188.8.131.521.
Posted on 02-27-2021 05:37 AM
I have a ticket in as most of my Patch Management titles are not even updating anymore or even scoping... This update so far is terrible
Posted on 02-27-2021 08:19 AM
For the less literate, including (apparently) the JAMFers among us, this "deprecation" is premature according you your own 10.27.0 release notes:
Patch management software titles—The Jamf patch management software titles will be updated in a future release. Some existing software titles will be marked as deprecated and replaced with updated software titles. Deprecated titles will continue to be updated as new versions become available; no action is required at this time. More information will be made available soon.
But hey, who cares about being honest and accurate?
Posted on 03-01-2021 05:57 AM
@barnesaw This is a fair criticism. The patch feed is maintained and updated separately from the Jamf Pro code base but I totally appreciate how this reads like it'll change as part of a Jamf Pro release. Our goal was to provide advanced notice of this planned change so we decided to publish this in Jamf Pro release notes, which are generally one of the most visible and standard ways to communicate this kind of information to admins.
Posted on 03-01-2021 10:37 AM
Nothing in the Jamf console showed anything about “deprecated” but sure enough I got a notification on my Mac’s Self Service reporting Slack was deprecated.
Need more heads up from Jamf - this and the Self Service bugs go straight to the end user experience
Posted on 03-01-2021 10:52 AM
@davidi4 Thanks for the feedback. Once a title is added to Patch Management, the display name is admin-defined and won't update with a (deprecated) label. Unfortunately, the end user alert is still actually pulling from the raw patch feed. We are working on a solution to ensure this doesn't appear for end users. I'll share more once we have an update on this change.
Posted on 03-01-2021 04:39 PM
Why are Patch and Code Base engineers not working together on something that is truly end-user facing (and not just Admin facing)? This screams that Jamf is becoming nothing but Silos with no upper management that has actual engineering experience.
Posted on 03-02-2021 05:20 AM
Not ideal for some larger scale or particular situations, but I have found it best before Jamf is able to implement a solution for the depreciated title on the user-end to simply recreate the title and assign definitions as new title versions are updated. Re-associating packages to definitions from a certain historical point forward has been a viable workaround to weed out the old and start with the new.
Posted on 03-02-2021 06:04 AM
So to be clear, can we remove the deprecated ones and re-add with non deprecated ones or are we just sitting with "(deprecated)" in the title until JAMF tells us differently?
Posted on 03-02-2021 08:50 AM
Since this change was pushed out without an update to the JSS why not revert the change on your end until it's fixed? Then push it out. Seems a bit shortsighted to allow the negative experience to continue while you troubleshoot your end.
Posted on 03-02-2021 09:56 AM
Thanks to everyone for the feedback about the end user confusion that the deprecated labels are causing. I want to let you know that we are preparing an update to the patch feed that will change the way we denote which titles are deprecated. This will return to the previous end user experience you are familiar with.
In order to revert the software title names, we will need to trigger a patch title refresh, which will initiate another round of email notifications for admins watching these titles. While this extra email is not ideal, we want to act quickly to resolve the end user confusion that the deprecated label has created. We plan to complete the change this week and I will share more details about the exact timeline once the fix is tested and scheduled for release.
Posted on 03-02-2021 02:41 PM
Good question, @llitz123. You can definitely remove any deprecated titles and adopt the new version of that title today.
Posted on 03-02-2021 05:05 PM
The new OneDrive patch title requires yet another Extension Attribute (the deprecated one did not). We really hope more titles don’t add on to our growing list of Extension Attributes.
Posted on 03-02-2021 06:25 PM
Are all these changes to get ready for Kinobi 2.0 (Or, what ever the new name is going to be) of Patch Management?
And will the new Patch Management/Kinobi still be free or will become a pay service?
Posted on 03-03-2021 08:00 AM
Update: Starting later today, we plan to roll out a change to the way that deprecated titles are displayed in the patch feed:
We will be removing (deprecated) from the software title name. This will ensure that end users are not confused by any new language in Self Service or other notification workflows.
We will be adding a (legacy definition) description to the publisher column to indicate which titles are deprecated. This will allow you to see which titles are deprecated when adding new definitions. We are using the new term so nobody interprets the vendor as being deprecated. Additionally, this (legacy definition) label should flow through to patch titles that have already been added to Jamf Pro so you can tell which items are based upon a deprecated definition.
In order to ensure that we quickly remove the (deprecated) language from user-facing workflows, we will be forcing a refresh of these definitions. Be aware that this will trigger an email notification if you are watching the title. This will be a rolling change over a few hours to ensure we don't spike traffic to the patch infrastructure.
I will post another update once the titles have all been refreshed.
Posted on 03-03-2021 08:41 AM
While I agree about communication and the need to be a bit better (really, what organization doesn't suffer from communication issues?), I am very happy with the first look at the updates! There are lots of changes that affected my organization that I am glad to see implemented, so thank you @michael.devins for the work that was put into this.
Posted on 03-03-2021 12:11 PM
The one for OneDrive also shows an error in the extension attribute.
Posted on 03-03-2021 12:26 PM
We are successfully seeing the new "(legacy definition)" listed when we go to add a new title, but Patch titles that we have already created don't have any information "flowing through" that tell us whether the definition is Legacy or new (unless perhaps we are only using the newer definitions). Where should we be looking in existing Patch titles for this info?
Posted on 03-03-2021 01:19 PM
I'm seeing it in the Publisher column (the second column) but so far of the titles I'm using, only for Chrome. Imagine it'll be a bit until they're all updated. What I'm antsy for is the method to migrate from the deprecated titles to the new ones rather than having to rebuild them all by hand.
Posted on 03-26-2022 06:42 PM
Posted on 03-28-2022 08:29 AM
Nope. I ended up rebuilding them manually.
Posted on 03-03-2021 02:07 PM
@lbr, The version information gathered by default Jamf inventory data is not quite granular enough to detect all releases of OneDrive, this is why the EA has been added to the new definition. There will be additional EAs for some new products being added, as this is required for accurate and up-to-date version information.
Posted on 03-03-2021 02:11 PM
Hi @rcorbin, if a patch definition contains an Extension Attribute, its default behaviour on import is to show an error, until the terms are accepted by an administrator.
Posted on 03-03-2021 05:53 PM
Is there a timetable for the transition? How much longer should we expect to get notified of patch title versions we’ve already deployed?
Posted on 03-03-2021 06:15 PM
@duncan.mccracken "if a patch definition contains an Extension Attribute, its default behaviour on import is to show an error, until the terms are accepted by an administrator."
Where is this acceptance possible?
Posted on 03-03-2021 06:17 PM
Update: the naming refresh of deprecated patch definitions should now be complete. As a recap:
Deprecated titles will now show a (legacy definition) label in the publisher column. This will also appear in any existing software title you’ve previously added in Jamf Pro to easily identify which objects are based upon a deprecated title.
End users should no longer see a (deprecated) label in Self Service or other notifications.
We will continue to maintain version updates for both new and legacy software titles for the foreseeable future until we have more details on migrating off of the deprecated titles.
Thanks for everyone’s feedback and understanding as we worked to make this right for you and your end users. We’re excited to bring more new titles to you in the near future so stay tuned for more updates.
Posted on 03-03-2021 06:23 PM
Thanks @michael.devins for the update. So that I can calibrate my expectations. . .if I'm currently using what are now considered "legacy definitions" will they be converted/migrated/transitioned on the JSS end? Or will the JSS admin be expected to delete their "legacy definitions" and recreate them with the new/current definitions?
Posted on 03-03-2021 06:26 PM
@robertliebsch, it is somewhat counter-intuitive, but the process (once the initial import is done) is as follows:
- Click the "Extension Attributes" tab, which has "1 Error".
- Review the script contents.
- Click the "Edit" icon / button in the bottom-right corner of the window.
- Click the "Accept" button which appears below the descriptive text about Inventory data.
- Check the "I have reviewed the script and accept use of this extension attribute." checkbox in the "Accept this Extension Attribute" modal.
- Click the "OK" button in the "Accept this Extension Attribute" modal.
- Click the "Save" icon / button in the bottom-right corner of the window.
The error should disappear, and the Extension Attribute will begin gathering inventory data as machines update their inventory.
Posted on 03-03-2021 06:32 PM
@duncan.mccracken That sounds quite a lot like how Jamf's definition for Firefox has been handled for quite some time.
Posted on 03-04-2021 10:44 AM
I see that the simple "macOS" option is marked as legacy/deprecated, replaced by individual components for each major version.
I for one find the macOS option very useful as a way to quickly see the status of the whole fleet on one screen. Any chance you'd consider keeping it? I can't imagine anyone's using the Patch Management feature to actually install macOS updates, especially considering that it looks like Apple's no longer providing update package files.
Posted on 03-04-2021 02:11 PM
Why has this update been released randomly instead of with a JSS update?
Posted on 03-04-2021 09:37 PM
Probably due to a bug in Jamf Pro - Don't go adding both new and deprecated patch titles for the same software (eg. Firefox) and expect to use them both in Smart Group scoping. Smart Groups can see and add both patch reporting titles as individual criteria items, even browse the different version numbers in each patch reporting title, but when saving the Smart Group, it will only be able to query one.
If you use patch reporting title definitions in your smart group criteria, think about migrating away from the deprecated title first.
Posted on 03-05-2021 05:44 AM
I'm curious what this change is leading up to down the road. Since the acquisition of Kinobi, our team has been very worried what will be happening with the patch management solution. As it turns out, this current change did not really affect my team as almost all of our definitions are being imported from our Kinobi server instead of using Jamf's built in ones (we found those to be lacking at the time of decision making), but it does have me wonder what the next steps are.
Is there any kind of roadmap or anything that can be shared with the general community that can let us admins know what we can expect to happen with patch management, or maybe just the goals of Jamf as to what they want patch management as a feature set to be down the line?
Posted on 03-07-2021 01:15 PM
Yes - I agree with @UESCDurandal - there should be a "macOS" that encompasses all versions of macOS so we have that option. The same goes for the Adobe Creative Cloud apps and Microsoft Office apps. Being able to track them both in the current release for patches and over historical timelines are important. I've gotten pretty creative with the legacy patch management policies with pushing out updates of new versions - especially since patch management policies have some special, magical, powers that standard policies do not without going through a lot of extra effort and customization.
Posted on 03-10-2021 11:42 AM
As it turns out, this current change did not really affect my team as almost all of our definitions are being imported from our Kinobi server instead of using Jamf's built in ones (we found those to be lacking at the time of decision making), but it does have me wonder what the next steps are.
Posted on 03-24-2021 04:40 PM
I also agree with @UESCDurandal & @taugust_ric in regards to having an all-encompassing macOS item in patch management. The decision to make this a legacy definition doesn't make much sense. I want to be able to see my entire fleet's OS versions in one place, not have to jump between individual OS components to see everything.
Posted on 04-29-2021 08:51 PM
@UESCDurandal @taugust_ric @nateee , we have taken on the feedback and have made the decision to keep maintaining the combined macOS patch definition alongside our newer separated, version specific macOS definitions. That way customers can choose which option best suits their requirements.