Leveraging Microsoft AutoUpdate 3.18 "msupdate" binary with Jamf Pro 10 Patch Policies

dan-snelson
Valued Contributor II

While we're waiting for Patch Management to support scripts, here's one method to leverage Microsoft AutoUpdate (MAU) version 3.18 msupdate command-line tool to update Office apps via Jamf Pro 10's built-in patch features, inspired by @pbowden.

Also available on GitHub.


Background

After testing @pbowden's MSUpdateHelper4JamfPro.sh script in our environment, my first thought was to use a payload-free package's post-install script to simply call a policy which ran Paul's script:

Microsoft Office 2016 Update 1.0.0.pkg

Post-install Script

#!/bin/sh
## postinstall

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

echo " "
echo "###"
echo "# Microsoft Office 2016 Update"
echo "###"
echo " "

/usr/local/bin/jamf policy -trigger microsoftUpdate -verbose

exit 0

After counseling with @ted.johnsen, he convinced me that a Patch Policy calling a standard policy was too much of a hack.


Payload-free Post-install Script

Using Composer, create a payload-free package which contains the following post-install script. (In Composer, I named the package Microsoft Office 2016 msupdate.)

The post-install script will use the word after "Microsoft" in the pathToPackage variable as the application name to be updated (i.e., "Excel") and the word after "msupdate" in the pathToPackage variable as the target version number (i.e., "16.12.18041000").

In Composer, build the .PKG and in the Finder, manually duplicate and rename it based on the application to update and the desired version.

For example:
• Microsoft Word 2016 msupdate 16.12.18041000.pkg
• Microsoft Excel 2016 msupdate 16.12.18041000.pkg
• Microsoft PowerPoint 2016 msupdate 16.12.18041000.pkg
• Microsoft Outlook 2016 msupdate 16.12.18041000.pkg
• Microsoft OneNote 2016 msupdate 16.12.18041000.pkg

Add the packages to the definitions of the Microsoft Office Patch Management Software Titles.

When the patch policies run, the post-install script will leverage the "msupdate" binary to apply the updates.

Updated patch definitions are available on GitHub.

Script

#!/bin/sh
## postinstall

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

####################################################################################################
#
# ABOUT
#
#   Microsoft Office 2016 msupdate Post-install
#   Inspired by: https://github.com/pbowden-msft/msupdatehelper
#
#   Microsoft AutoUpdate (MAU) version 3.18 and later includes the "msupdate" binary which can be
#   used to start the Office for Mac update process.
#   See: https://docs.microsoft.com/en-us/DeployOffice/mac/update-office-for-mac-using-msupdate
#
#   Jamf Pro 10 Patch Management Software Titles currently require a .PKG to apply updates
#   (as opposed to a scripted solution.)
#
#   This script is intended to be used as a post-install script for a payload-free package.
#
#   Required naming convention: "Microsoft Excel 2016 msupdate 16.12.18041000.pkg"
#   • The word after "Microsoft" in the pathToPackage is the application name to be updated (i.e., "Excel").
#   • The word after "msupdate" in the pathToPackage is the target version number (i.e., "16.12.18041000").
#
####################################################################################################
#
# HISTORY
#
#     Version 1.0.0, 26-Apr-2018, Dan K. Snelson
#     Version 1.0.1, 21-Jun-2018, Dan K. Snelson
#         Updated PerformUpdate function; thanks qharouff
#         Recorded the version of msupdate installed
#
####################################################################################################

echo " "
echo "###"
echo "# Microsoft Office 2016 msupdate Post-install"
echo "###"
echo " "



###
# Variables
###


# IT Admin constants for application path
PATH_WORD="/Applications/Microsoft Word.app"
PATH_EXCEL="/Applications/Microsoft Excel.app"
PATH_POWERPOINT="/Applications/Microsoft PowerPoint.app"
PATH_OUTLOOK="/Applications/Microsoft Outlook.app"
PATH_ONENOTE="/Applications/Microsoft OneNote.app"

# Path to package
echo "• pathToPackage: ${1}"

# Target app (i.e., the word after "Microsoft" in the pathToPackage)
targetApp=$( /bin/echo ${1} | /usr/bin/awk '{for (i=1; i<=NF; i++) if ($i~/Microsoft/) print $(i+1)}' )

# Target version (i.e., the word after "msupdate" in the pathToPackage)
targetVersion=$( /bin/echo ${1} | /usr/bin/awk '{for (i=1; i<=NF; i++) if ($i~/msupdate/) print $(i+1)}' | /usr/bin/sed 's/.pkg//' )

echo " "





###
# Define functions
###


# Function to check whether MAU 3.18 or later command-line updates are available
function CheckMAUInstall() {
    if [ ! -e "/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/msupdate" ]; then
        echo "*** Error: MAU 3.18 or later is required! ***"
        exit 1
  else
    mauVersion=$( /usr/bin/defaults read "/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/Info.plist" CFBundleVersion )
    echo "• MAU ${mauVersion} installed; proceeding ..."
  fi
}



# Function to check whether Office apps are installed
function CheckAppInstall() {
    if [ ! -e "/Applications/Microsoft ${1}.app" ]; then
        echo "*** Error: Microsoft ${1} is not installed; exiting ***"
        exit 1
    else
            echo "• Microsoft ${1} installed; proceeding ..."
    fi
}



# Function to determine the logged-in state of the Mac
function DetermineLoginState() {
    CONSOLE=$( stat -f%Su /dev/console )
    if [[ "${CONSOLE}" == "root" ]] ; then
    echo "• No user logged in"
        CMD_PREFIX=""
    else
    echo "• User ${CONSOLE} is logged in"
    CMD_PREFIX="sudo -u ${CONSOLE} "
    fi
}



# Function to register an application with MAU
function RegisterApp() {
    echo "• Register App: Params - $1 $2"
    $(${CMD_PREFIX}defaults write com.microsoft.autoupdate2 Applications -dict-add "$1" "{ 'Application ID' = '$2'; LCID = 1033 ; }")
}



# Function to call 'msupdate' and update the target application
function PerformUpdate() {
    echo "• Perform Update: ${CMD_PREFIX}./msupdate --install --apps $1 --version $2 --wait 600 2>/dev/null"
    result=$( ${CMD_PREFIX}/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/msupdate --install --apps $1 $2 --wait 600 2>/dev/null )
    echo "• ${result}"
}



###
# Command
###

CheckMAUInstall
CheckAppInstall ${targetApp}
DetermineLoginState

echo " "
echo "• Updating Microsoft ${targetApp} to version ${targetVersion} ..."

case "${targetApp}" in

 "Word" )

         RegisterApp "${PATH_WORD}" "MSWD15"
         PerformUpdate "MSWD15" "${targetVersion}"
         ;;

 "Excel" )

         RegisterApp "${PATH_EXCEL}" "XCEL15"
         PerformUpdate "XCEL15" "${targetVersion}"
         ;;


  "PowerPoint" )

         RegisterApp "${PATH_POWERPOINT}" "PPT315"
         PerformUpdate "PPT315" "${targetVersion}"
         ;;

  "Outlook" )

         RegisterApp "${PATH_OUTLOOK}" "OPIM15"
         PerformUpdate "OPIM15" "${targetVersion}"
         ;;

   "OneNote" )

         RegisterApp "${PATH_ONENOTE}" "ONMC15"
         PerformUpdate "ONMC15" "${targetVersion}"
         ;;

 *)

         echo "*** Error: Did not recognize the target appliction of ${targetApp}; exiting. ***"
         exit 1

         ;;

esac

echo "• Update inventory ..."
/usr/local/bin/jamf recon

echo " "
echo "Microsoft Office 2016 msupdate Post-install Completed"
echo "#####################################################"
echo " "



exit 0      ## Success
exit 1      ## Failure
55 REPLIES 55

doylema
New Contributor III

I was able to get this to work as a Self Service policy.

Here is my workflow...

  1. Create a package in Composer that holds the script above and the empty named packages. OFFICEUPDATES.pkg
    This package deploys the main script office2016update.sh and packages to the User/Shared folder.

  2. Add this script to JAMF msupdate.sh

    #!/bin/sh
    /Users/Shared/office2016update.sh "/Users/Shared/Microsoft Word 2016 msupdate 16.12.18041000.pkg" "/" "/dev/disk1"
    /Users/Shared/office2016update.sh "/Users/Shared/Microsoft Excel 2016 msupdate 16.12.18041000.pkg" "/" "/dev/disk1"
    /Users/Shared/office2016update.sh "/Users/Shared/Microsoft OneNote 2016 msupdate 16.12.18041000.pkg" "/" "/dev/disk1"
    /Users/Shared/office2016update.sh "/Users/Shared/Microsoft PowerPoint 2016 msupdate 16.12.18041000.pkg" "/" "/dev/disk1"
    /Users/Shared/office2016update.sh "/Users/Shared/Microsoft Outlook 2016 msupdate 16.12.18041000.pkg" "/" "/dev/disk1"
  3. Create a Self Service Policy that deploys OFFICEUPDATES.pkg and runs msupdate.sh

  4. My users can now update to the latest version of Office through Self Service or I can manually push the update.

I'm not sure if I'm implementing this in the correct manor but it seems to work.

Thanks Dan

jhuls
Contributor III

@dan.snelson

Pardon my ignorance as we just recently upgraded to Jamf Pro 10 and I haven't worked with the Patch Policies much yet but what advantage does all of this have over simply creating a regular policy that can run Paul's script? Throw in a config profile to register the applications and it feels like that would be a whole lot less time and work. Don't get me wrong. Your script looks impressive but needing to name packages each time feels like an awkward step which could simply down to the differences in our environment and/or workflow.

Am I missing something? Part of this might stem from I'm still trying to wrap my head around what the advantages of the Patch Policies are over what I've been doing with policies and smart groups.

dan-snelson
Valued Contributor II

@jhuls Thanks for your feedback.

For me, one of the primary advantages of using Patch Policies is that "Targets added to the scope are automatically limited to eligible computers" which means fewer Licensed Software Records and Smart Groups to (1) determine if a computer has an application (2) and if its the latest version.

Currently, Patch Policies only allow packages as the means to upgrade an endpoint to the target version.

Yes, I'm manually naming packages, but I'm also no longer storing 4+ GB of Office patches on my Distribution Points for each revision of Office and then requiring the clients to download the 4+ GB of Office patches.

Clear as mud?

jhuls
Contributor III

It's all good. It sounds, like I suspected, in that it's a bit about workflow and environment. I've been using smart groups in a way that handled not just patching but installation. I won't claim it's the best solution but it worked pretty well and was simple. I like to see and learn what others are doing though to see if there's a better way whether it's totally switching over and borrowing parts. Probably one of the worst things about my method is that it makes the database grow a bit but I've not heard about how much the patch policies affect the database either to compare to.

Either way I'll certainly test what you've done and evaluate it against things. Thanks for sharing your solution.

kbingham
New Contributor III

@dan.snelson

I am testing this script and I am noticing that when I install it from Self Service it takes a very long time to run. The logs show it is completed then the next time I open Self Service it still shows the update available. I update it again and it finishes very quickly and logs the update as completed with Jamf.

dan-snelson
Valued Contributor II

@kbingham Thanks for the feedback.

For any use other than a payload-free, post-install package script used with Patch Policies, you'll probably have better luck with Paul's original MSUpdateHelper4JamfPro.sh script.

kbingham
New Contributor III

@dan.snelson That is how I am running it within the patch management section. It looks like it runs but has the issues as described above.

dan-snelson
Valued Contributor II

Thanks for the clarification, @kbingham. Does enabling debug on @pbowden's script reveal any smoking guns?

Also, have you tried modifying the wait value?

kbingham
New Contributor III

@dan.snelson I will see what I can find out with debugging on @pbowden's script.

I have not messed with the wait value yet but was curious if that would solve the issues.

kbingham
New Contributor III

I changed the wait to 60 and it has been completing on the first run now.

mpebley
New Contributor III

Nice post @dan.snelson. Since I dont like spaces in my packages... I modified the 2 variables for extracting app name and target version with

awk -F'_'

preceding the for loop. Of course the packagenames will have underscores replacing all spaces.

dan-snelson
Valued Contributor II

Patch definitions which don't require Office apps to quit — so msupdate can perform its background update magic — are now available at @brysontyrrell's Community Patch.

5aec7d2c41db4d76be320057493acefa

5cd891f28748426b82198f5be864f6b9

BrysonTyrrell
Contributor II

@dan.snelson - still beta! Not recommended for use in prod. The version you're displaying is going to be heavily changed in the near future.

dan-snelson
Valued Contributor II

Thanks for the heads-up, @brysontyrrell.

What's your official recommendation about using Patch Server for Jamf Pro 0.8.1 on-prem in production?

BrysonTyrrell
Contributor II

The on-prem project is good to go.

I'm still accepting feedback and adding features to it. In my mind, none of those changes has warranted rolling the version over to a "1.0" yet.

dan-snelson
Valued Contributor II

@brysontyrrell: I knew I liked you.

Thanks for all your hard work.

BrysonTyrrell
Contributor II

To those tuning in, be sure to join the discussion and participate in shaping of both these projects on the MacAdmins Slack:

CommunityPatch: #communitypatch https://macadmins.slack.com/messages/C9Z5YUN5N

PatchServer: #patchserver https://macadmins.slack.com/messages/C9RQZ7R7H

qharouff
New Contributor II

The PerformUpdate function should include the --version flag before the '$2' variable if you are wanting to target a specific version for installation.

function PerformUpdate() {
    echo "• Perform Update: ${CMD_PREFIX}./msupdate --install --apps $1 --version $2 --wait 600 2>/dev/null"
    result=$( ${CMD_PREFIX}/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/msupdate --install --apps $1 --version $2 --wait 600 2>/dev/null )
    echo "• ${result}"
}

dan-snelson
Valued Contributor II

Excellent catch, @qharouff; I've updated the PerformUpdate function in the original post.

dan-snelson
Valued Contributor II

Updated patch definitions are available on GitHub.

andymcp
New Contributor III

Thanks for this @dan.snelson! One thing I've been trying to figure out is how to get the patch policy to run again if the user decides to "Update Later". Since the patch policy shows as "Completed" but the computer remains in the scope of the policy, I can't seem to get the patch policy to run again via the "jamf patch" command. Maybe there is some kind of timer that needs to run out before it will trigger itself again?

dan-snelson
Valued Contributor II

@andymcp Version 1.0.5 includes a wait variable (line 58) before performing a recon which has helped some.

We update inventory daily and our non-testers are patched automatically, so they should be automagically properly scoped.

At what frequency are you updating inventory?

Is the Distribution Method for your patch policies set to "Automatically" or "Self Service" ?

andymcp
New Contributor III

Thanks @dan.snelson Looks like I still had an older version of your script. 1.0.5 seems to have done the trick! I'm guessing it might be the wait before the recon.

I run a recon daily and I'm trying the "Automatically" option for patch policies. My goal was to have it repeatedly annoy the user until they finally click the "Restart App" button and I think this will do nicely.

Thanks for taking the time to put this together along with the msupdate patch definitions!

dan-snelson
Valued Contributor II

Glad its working, @andymcp.

mcfarlandp
New Contributor III

Is anyone running into an issue with this not running on machines that are not logged in? I run several computer labs and want to leverage this for them. It is not working properly when logged out.

dan-snelson
Valued Contributor II

Updated for Microsoft Office 2019

Includes two new functions, CheckInstalledVersion and ConfirmUpdate, to execute jamf recon only after the update is complete (or the time-out conditions are met). Also available on GitHub.

#!/bin/sh
## postinstall

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

####################################################################################################
#
#   ABOUT
#
#   Microsoft Office 2019 msupdate Post-install
#   Inspired by: https://github.com/pbowden-msft/msupdatehelper
#
#   Microsoft AutoUpdate (MAU) version 3.18 and later includes the "msupdate" binary which can be
#   used to start the Office for Mac update process.
#   See: https://docs.microsoft.com/en-us/DeployOffice/mac/update-office-for-mac-using-msupdate
#
#   Jamf Pro 10 Patch Management Software Titles currently require a .PKG to apply updates
#   (as opposed to a scripted solution.)
#
#   This script is intended to be used as a post-install script for a payload-free package.
#
#   Required naming convention: "Microsoft Excel 2019 msupdate 16.17.18090901.pkg"
#   • The word after "Microsoft" in the pathToPackage is the application name to be updated (i.e., "Excel").
#   • The word after "msupdate" in the pathToPackage is the target version number (i.e., "16.17.18090901").
#
####################################################################################################
#
# HISTORY
#
#   Version 1.0.0, 04-Oct-2018, Dan K. Snelson
#       Based on "Microsoft Office 2016 msupdate 1.0.8"
#
####################################################################################################

###
# Variables
###

msUpdatePause="600"       # Number of seconds for msupdate processes to wait (recommended value: 600)
numberOfChecks="15"           # Number of times to check if the target app has been updated
delayBetweenChecks="30"       # Number of seconds to wait between tests

# IT Admin constants for application path
PATH_WORD="/Applications/Microsoft Word.app"
PATH_EXCEL="/Applications/Microsoft Excel.app"
PATH_POWERPOINT="/Applications/Microsoft PowerPoint.app"
PATH_OUTLOOK="/Applications/Microsoft Outlook.app"
PATH_ONENOTE="/Applications/Microsoft OneNote.app"

# Target app (i.e., the word after "Microsoft" in the pathToPackage)
targetApp=$( /bin/echo ${1} | /usr/bin/awk '{for (i=1; i<=NF; i++) if ($i~/Microsoft/) print $(i+1)}' )

# Target version (i.e., the word after "msupdate" in the pathToPackage)
targetVersion=$( /bin/echo ${1} | /usr/bin/awk '{for (i=1; i<=NF; i++) if ($i~/msupdate/) print $(i+1)}' | /usr/bin/sed 's/.pkg//' )



###
# Define functions
###


# Function to check whether MAU 3.18 or later command-line updates are available
function CheckMAUInstall() {
    if [ ! -e "/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/msupdate" ]; then
        echo "*** Error: MAU 3.18 or later is required! ***"
        exit 1
    else
        mauVersion=$( /usr/bin/defaults read "/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/Info.plist" CFBundleVersion )
        echo "• MAU ${mauVersion} installed; proceeding ..."
    fi
}



# Function to check whether Office apps are installed
function CheckAppInstall() {
    if [ ! -e "/Applications/Microsoft ${1}.app" ]; then
        echo "*** Error: Microsoft ${1} is not installed; exiting ***"
        exit 1
    else
        echo "• Microsoft ${1} installed; proceeding ..."
    fi
}



# Function to determine the logged-in state of the Mac
function DetermineLoginState() {
    CONSOLE=$( stat -f%Su /dev/console )
    if [[ "${CONSOLE}" == "root" ]] ; then
        echo "• No user logged in"
        CMD_PREFIX=""
    else
        echo "• User ${CONSOLE} is logged in"
        CMD_PREFIX="sudo -u ${CONSOLE} "
    fi
}



# Function to register an application with MAU
function RegisterApp() {
    echo "• Register App: $1 $2"
    $(${CMD_PREFIX}defaults write com.microsoft.autoupdate2 Applications -dict-add "$1" "{ 'Application ID' = '$2'; LCID = 1033 ; }")
}



# Function to call 'msupdate' and update the target application
function PerformUpdate() {
    echo "• Perform Update: ${CMD_PREFIX}./msupdate --install --apps $1 --version $2 --wait ${msUpdatePause}"
    result=$( ${CMD_PREFIX}/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/msupdate --install --apps $1 --version $2 --wait ${msUpdatePause} 2>/dev/null )
    echo "• ${result}"
}



# Function to check the currently installed version
function CheckInstalledVersion() {
    installedVersion=$( /usr/bin/defaults read "${1}"/Contents/Info.plist CFBundleVersion )
    echo "• Installed Version: ${installedVersion}"
}



# Function to confirm the update, then perform recon
function ConfirmUpdate() {
    echo "• Target Application: ${1}"
    CheckInstalledVersion "${1}"
    counter=0
    until [[ ${installedVersion} == ${targetVersion} ]] || [[ ${counter} -gt ${numberOfChecks} ]]; do
        ((counter++))
        echo "• Check ${counter}; pausing for ${delayBetweenChecks} seconds ..."
        /bin/sleep ${delayBetweenChecks}
        CheckInstalledVersion "${1}"
    done

    if [[ ${installedVersion} == ${targetVersion} ]]; then
        echo "• Target Version:    ${targetVersion}"
        echo "• Installed Version: ${installedVersion}"
        echo "• Update inventory ..."
        /usr/local/bin/jamf recon
    else
        echo "WARNING: Update not completed within the specified duration; recon NOT performed"
        echo "•       Target Version: ${targetVersion}"
        echo "•    Installed Version: ${installedVersion}"
        echo "• Delay Between Checks: ${delayBetweenChecks}"
        echo "•     Number of Checks: ${numberOfChecks}"
    fi

}



###
# Command
###



echo " "
echo "#############################################################"
echo "# Microsoft Office 2019 msupdate v1.0.0 for ${targetApp}"
echo "#############################################################"
echo " "
echo "• Path to Package: ${1}"
echo "• Target App: ${targetApp}"
echo "• Target Version: ${targetVersion}"
echo " "

CheckMAUInstall
CheckAppInstall ${targetApp}
DetermineLoginState

echo " "
echo "• Updating Microsoft ${targetApp} to version ${targetVersion} ..."

case "${targetApp}" in

    "Word" )

        RegisterApp "${PATH_WORD}" "MSWD2019"
        PerformUpdate "MSWD2019" "${targetVersion}"
        ConfirmUpdate "${PATH_WORD}"
        ;;

    "Excel" )

        RegisterApp "${PATH_EXCEL}" "XCEL2019"
        PerformUpdate "XCEL2019" "${targetVersion}"
        ConfirmUpdate "${PATH_EXCEL}"
        ;;

    "PowerPoint" )

        RegisterApp "${PATH_POWERPOINT}" "PPT32019"
        PerformUpdate "PPT32019" "${targetVersion}"
        ConfirmUpdate "${PATH_POWERPOINT}"
        ;;

    "Outlook" )

        RegisterApp "${PATH_OUTLOOK}" "OPIM2019"
        PerformUpdate "OPIM2019" "${targetVersion}"
        ConfirmUpdate "${PATH_OUTLOOK}"
        ;;

    "OneNote" )

        RegisterApp "${PATH_ONENOTE}" "ONMC2019"
        PerformUpdate "ONMC2019" "${targetVersion}"
        ConfirmUpdate "${PATH_ONENOTE}"
        ;;

    *)

        echo "*** Error: Did not recognize the target application of ${targetApp}; exiting. ***"
        exit 1
        ;;

esac



echo " "
echo "Microsoft Office 2019 msupdate completed for ${targetApp}"
echo "# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #"
echo " "



exit 0      ## Success
exit 1      ## Failure

mcfarlandp
New Contributor III

@dan.snelson do you happen to have anything that will work if no one is logged in? I am trying to update computer labs.

dan-snelson
Valued Contributor II

@mcfarlandp Sorry, no. (I presume from your question that @pbowden's msupdatehelper is requiring a user to be logged in.)

mcfarlandp
New Contributor III

@dan.snelson yes it is. I am trying to use the script instead of just installing over the top with individual packages. I have been talking with others about this and they were having the same issues.

MatG
Contributor III

What happens if the apps are open and in use? JAMFs patch management seems to kill the application and I've had users loose work.

dan-snelson
Valued Contributor II

@MatG First, please pardon the delayed response; just now seeing this.

Which patch definition are you using?

Please see how the killApps node of MicrosoftExcel2019-msupdate.json will only quit Microsoft Dummy.app.

dan-snelson
Valued Contributor II

Thanks to @hdsreid for pointing out the need for a Privacy Preferences Policy Control payload.

You may want to start with @pbowden's Privacy Preferences Policy Control payload; plus a couple of differences in the one we're using.

Add the following Identifiers for the Receiver Identifier of com.microsoft.autoupdate2:

/usr/local/jamf/bin/jamfAgent

… and …

com.jamf.management.Jamf

sfurois
New Contributor II

Dan,
I've run into an issue with this month's attempt at patch management on my Office 2019. I've got it working for last month's version using the method above (package is Microsoft Excel msupdate 16.30.19101301.pkg) but when I create a package for this month's using Microsoft Excel msupdate 16.31.19111002 the msupdate binary seems to fail out.

The binary also fails out when trying to use --version 16.31.19111002 as a flag. Checking on macadmin's website about the MAU, it doesn't show this version number as supported through the --version flag. Is that why this is failing for me?

sfurois
New Contributor II

Just in case anyone was curious - last night (11/20) the MAU site was updated to include the new version as a flag. I'll go ahead and test this through on a few of my machines just to make sure things are working. I didn't know the update times of the MAU.

hdsreid
Contributor III

@dan-snelson the 2019 script will work fine for 365 installs, correct?

dan-snelson
Valued Contributor II

@hdsreid Yes, it should (that's what we're using).

@sfurois Thanks for the posts. (@pbowden is frequently monitoring MacAdmins Slack #microsoft-office channel.)

dan-snelson
Valued Contributor II

My latest definitions are available on @brysontyrrell's Community Patch.

hdsreid
Contributor III

@dan-snelson thanks, trying to get this working on a few lab units. i'm curious, do each of your machines individually download the updates from microsoft directly? one of the current advantages of deploying the packages through jamf is the ability to cache them on local shares for remote sites.

dan-snelson
Valued Contributor II

@hdsreid Yes, each client puts the burden on Microsoft’s CDNs instead of ours, which works well for our current, worldwide use-case.

From @pbowden’s JNUC 2019 presentation, the cumulative size of all the Office updates is significantly smaller than when I originally wrote this script (although I still like leveraging the msupdate binary to allow behind-the-scenes updates).