Leveraging Both Software Update Deferments and Software Update MDM Update Commands

dstranathan
Valued Contributor II

Hi all - I'm looking for clarification on how the macOS Software update deferments work in relation to the Jamf software update MDM commands.

Jamf states that “macOS can still be updated via an MDM command even if updates are deferred.” See Not clear on what this actually means. (See https://shrtm.nu/GQCu)

Can someone add insight to this simple example scenario:

-Let’s pretend a Mac has a deferment for the new macOS 12.5 minor update (deferred for 30 days in this example).
-The Mac in question is currently running 12.3.
-The Mac can see that 12.4 is available in software update (its been available for more than 30 days) but can’t see 12.5 yet (only been available for a week).

Q: Given this scenario above, If I locate the example Mac in my JSS and issue the ‘download and install software updates’ command via MDM, what OS version will the Mac install? 12.4 (not deferred) or 12.5 (deferred)? Or none?

1 ACCEPTED SOLUTION

Pioneer
New Contributor III

It may be not 100% correct, but from our experience in your scenario MDM command would update it to latest available version - 12.5. Deferring, as I guess, works for automatic updates only. However, if you send remote command via action menu - use can specify the version you want - even for just that one machine. 

Correct me if it's wrong

View solution in original post

2 REPLIES 2

Pioneer
New Contributor III

It may be not 100% correct, but from our experience in your scenario MDM command would update it to latest available version - 12.5. Deferring, as I guess, works for automatic updates only. However, if you send remote command via action menu - use can specify the version you want - even for just that one machine. 

Correct me if it's wrong

dstranathan
Valued Contributor II

Thnaks. After experimenting with the mass action menu "wizard" for updates I do beleive you are correct. Thanks.