Jamf Nation Community

BlakeR-NZ · ‎10-31-2024

I have a test group setup of 6 devices that I am using to test managing software updates. All of the devices in the group are loaded via ADE and Jamf has full control of them.

I pushed out a minor OS update to the devices in this group and even though they are all online and running 14.6.1 which is updatable only one device received a notification about an enforced update.

I guess my first question is going to be is this feature reliable or am I wasting my time? Second any ideas where I should start in regards to troubleshooting as from what I can see there are no pending or failed management commands.

AJPinto · ‎11-01-2024

Software Updates in Jamf is not really a feature of Jamf, it is how Jamf is presenting the Software Update MDM commands to us. The GUI is all Jamf, the backend is all Apple. Below is a link to Apple's training documentation on managing Software Updates you can read over.

https://it-training.apple.com/tutorials/deployment/dm215/

In my experience you have around a 75-90% success rate with managing OS updates with MDM commands. There is no other way to deploy updates aside of having users install them manually. Usually when a device fails OS updates it's because of something on the network side, getting a copy of the install.log is the best tool to figure out what is going on.

Chubs · ‎11-01-2024

Let's get some clarity here. Are you using MDM commands for this or the new "software update" [DDMU] feature set from JAMF/Apple?

I find your lack of faith disturbing

BlakeR-NZ · a month ago

Using the new software update system.

Chubs · a month ago

Granular software updates work great for macOS in regards to DDMU. Mobile devices, not so much. SUPER hit/miss.

You'll get your best experience by choosing the "latest" update available though.

I find your lack of faith disturbing

Chubs · a month ago

macOS also needs to be on a minimum of macOS 14 too.

I find your lack of faith disturbing

BlakeR-NZ · a month ago

As mentioned in initial post devices are all running 14.6.1 the process works great for one of the four devices I am testing so I have a 75% failure rate.

mattjerome · ‎11-01-2024

My experience is you're better off using a more fully flushed out system like Nudge or Super

JDaher · ‎11-01-2024

I've played around a lot with the software update feature over the years. As others have mentioned, it's hit or miss. However here's a hack that has been mostly hit for me lately:

Install Action: Download and schedule to install - Select a very short amount of time, something within an hour or two. When I've scheduled a day or two into the future it almost never works. You can even select a time in the past and it will execute within the hour.

Target version: Specific version - Select the version from the drop-down.

Keep in mind that this will force the update with no option to delay. The users will get a notification but it just says something like, an update has been scheduled and your computer will restart. If you scheduled a time in the future it will let them know they have the hour or two that you set up; if you scheduled a time in the past it will give them almost no time.

obi-k · a month ago

I get good results with DDM. Did you try turning off the new Software Update feature, then back on? Are all your devices on macOS 14 already?

BlakeR-NZ · a month ago

As mentioned devices are all running 14.6.1 so OS version isn't the issue.

obi-k · a month ago

Did you try turning off the new Software Update feature, then back on? This clears up a lot for my macOS and iOS stuff. You can view the status in the device logs. Management tab, Operating System.

If you see a pending update, try turning off the Software Update Feature. Revisit the logs.

When you see "No Updates in Progress," try DDM update again.

Chubs · a month ago

You can also get more granular logs in the API as to what is happening.

curl -X 'GET' \
  'https://stjude.jamfcloud.com/api/v1/managed-software-updates/update-statuses/computers/<computerIDHere>' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer <bearerTokenHere>'

I find your lack of faith disturbing

BlakeR-NZ · a month ago

My Jamf instance is cloud hosted therefore I cannot see any option to turn features off and back on.

obi-k · a month ago

Do you see this option when you select the Software Updates item in the sidebar?

BlakeR-NZ · a month ago

I have just found that, I gave it a try and it has made no difference. I am scheduling a minor updating for tomorrow morning, of the three outstanding devices only one device showed a notification of a pending update. All devices are currently powered on and confirmed checking in.

Device that displayed notification

Device that didn't show notification

Jamf Nation Community

Managing software updates failing