Jamf Nation Community

Yeah I've been thinking the same, with a good measure of hope mixed in as well. It would sure be a drag for this to be a consistently new and frequent behavior.

This one addresses Meltdown so hopefully Apple was just feeling pressure to get it out.

In this latest round of updates that i don't want people to accept (right now) i did a bunch of things...

One of the things i did was mess with the notifier.
Software update uses th OSXNotification.bundle to produce those notifications and a different one for all the other notifications.

I did this in a Policy. add a 'Files and Processes' Execute command:

cd /Library/Bundles; mv OSXNotification.bundle Disabled-OSXNotification.bundle

I figure if a user doesn't see it they are not likely to go look for it.

Hey @PeterG,

I like your solution as it's nice and tidy, but does that actually permanently disable the bundle? I'm seeing several blogs that say to move the file out of the folder altogether – and to put it back when you're in the mood to have the notifications reenabled. Using this line of thinking, would it be more acceptable to move it someplace like /var/root for the time being? Or does your command suffice? I have quite a few users here that keep getting pestered by this and have asked how to disable it. If I can give users an option to disable or enable the notifications in Self-Service, that would be a wonderful thing.

Isnt it posible that a future update/patch will put it back or install a new bundle? Moving or renaming system resources always seems like a less-than-optimal "hack" in my opinion. I agree that OS updates (and especially the "Hey kids! Get our new awesome buggy OS! Now featuring Siri!" upgrades) can get annoying to the typical end user (and frustrate IT staff).

Also - I dont see a "OSXNotification.bundle" on my 10.12 and 10.13 based Macs.

As of 10.13.4 using MDM to delay software updates will also suppress the nag.

MDM Documentation on Software Update

As of 10.13.4 using MDM to delay software updates will also suppress the nag.

Probably too early to tell, but is this something that has been added a config profile option in Casper/JAMF Pro? I haven't upgraded to 10 yet, so unable to check.

I can always do a custom config profile if not.

As of 10.13.4 using MDM to delay software updates will also suppress the nag.

Anyone know if this is an option For JAMF configuration profiles yet? I am running 10.7.1-t1536934276 and don't see any way to stop update notifications from a config profile.

@McGinn I can't recall which version this appeared in, but as of 10.9 and up at least there is this in the Restrictions payload, at the very bottom of the Functionality tab.

I would check there to see if it's in your version. If not, well, then you'll need to upgrade to a newer release, or create a custom profile with that setting.

@mm2270 Thanks for the reply. I can confirm that Jamf Pro 10.7.1 has this option avaiable for config profiles.

This allows for deferral but will it stop the notification center popups for OS updates?

Im going to do some testing on my own to figure this out. Im just trying to stop the push notifications for Mac OS updates via a config profile.

@McGinn

Do you have this option under your configuration profiles?
It works for the most part but I think the meltdown update notification went through for us as well.

In fact, this is the update notification we have seen bypass our configuration consistently, but it also seems to show randomly.
Security Update 2019-001 High Sierra