macos patch

mordeeb
New Contributor

Maybe I am seeing this wrong but in Jamf Pro under patch management you see the latest mac patch that came out yesterday 9/14/21 but you have to manually add the package for this patch? Is this how others are patching for mac os updates? 

3 REPLIES 3

Hugonaut
Valued Contributor II

There is no full installer for 11.6, imo it should be 11.5.3 but thats for another discussion.

@mordeeb Check out - https://github.com/bp88/JSS-Scripts/blob/master/AppleSoftwareUpdate.sh

 

Super easy to use & push the end user to the software updates in a pinch. Can't wait for Monterey!

 

I patch macos a little differently, the moment the os is released I download a full installer, package the installer with megapkgr, deploy the full installer, once jamf sees the full installer was deployed to the end user machines, it kicks off a prompt allowing the end user to defer for a certain period of time (OR NOT! Depending on Security) then when times up or if its a forced update, a script is triggered and runs from jamf to install the macos silently.

 

 

 

 

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

@Hugonaut - why Monterey? Is there going to be another way to deploy patches? I'd love to know as I'm working on this very issue now. The script you supplied was amazing by the way. Thanks for that!

Hugonaut
Valued Contributor II

@thefishyfew- New MDM Features for Updating/Deferring, etc Software Updates.

https://support.apple.com/en-us/HT212586

macOS Monterey 12.0.1

macOS Monterey includes new features like Erase All Contents and Settings, MDM software update enhancements, and other device management improvements.

Device Management

  • MDM can perform Erase All Content and Settings on Mac computers with Apple silicon or the Apple T2 Security Chip.
  • MDM software update commands support new features like user deferrals for InstallLater and a countdown notification for InstallASAP.
  • System extensions can be removed by MDM.
  • MDM can allow users who aren't administrators to approve kernel extensions.
  • User Enrollment supports iCloud Drive and Managed Apps.
  • iCloud Private Relay can be prevented on supervised devices. Learn how to prepare your network for iCloud Private Relay.
  • MDM can configure and enable firewall logging.
________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month