Mixed results with Software Updates (Beta)

Rich_C
New Contributor

I am testing Software Updates (Beta) in my environment, and I am seeing mixed results. 
So, I started with a Monterey 12.6.6 and sent a request to update it to 12.6.7 which was successful.  Then I send another request to update the same machine to 12.6.8, locked the machine and left it overnight.  The machine did not update.  I researched and checked for anything I could find to see if the machine got the instructions.  I looked at the install.log and nothing stands out.   I ran the update command again, still no update.  Can anyone tell me if there is a certain time frame that it waits or a location or command at the machine can be checked.  Any help or information would be greatful.

4 REPLIES 4

SabariG
New Contributor III

Software Update via MDM command will not work always and we have seen intermittent issues like this. Hopefully as apple moving Software update to DDM in macOS Sonoma we will have some improvements :-)

 

AJPinto
Honored Contributor

MacOS updates and managing them is absolute hot garbage. At this current point in time don't expect a higher success rate then around 70% without user involvement.

 

My suggestion is using a Managed AppleID from Apple Business/School Manager and submitting feedback using the feedback app. Then get the Feedback request number, and forward it to your Apple Account Rep. If you have an ACE Agreement also open a ticket with Apple.

 

Apple is going to tell you to run the Mac Evaluation Tool (located in Apple Seed). If you have any blocked or intercepted traffic showing on the Evaluation Tool, Apple is going to tell you to allow it. Most of Apples traffic does not matter for OS updates. So you will need to do a bit of poking around to see what you actually need, Apple wont spell it out for you unfortunately. JAMF has a similar tool to the Mac Evaluation Tool called Jamf Environment Test. Of course this is assuming you are on prem (or using a VPN), and/or your JAMF instance is hosted by you guys if not you have no control over the network configuration of the network the devices are using.

 

  1. Ensure your devices are correctly supervised and that your MDM has a secure token to authorize the install of OS updates
  2. Make sure nothing on the network side is causing any communication issues between JAMF, Apple and the device.
  3. Identify applications that suppress reboots, as Apples OS update workflow cannot force quit all apps even when you use the force quit flag on the MDM command.
  4. Get your fleet on macOS 13, many enhancements were added to the software update work flow with macOS 13.3
    1. Idealy you always want to be running the most current release of macOS. N-1 only gets security updates, not bug fixes.

 

Some links I found helpful.

https://marketplace.jamf.com/details/jamf-environment-test

https://support.apple.com/guide/deployment/manage-software-updates-depc4c80847a/web

https://docs.jamf.com/technical-papers/jamf-pro/deploying-macos-upgrades/10.34.0/Updating_macOS_by_S...

ScheduleOSUpdateCommand.Command.UpdatesItem | Apple Developer Documentation

mm2270
Legendary Contributor III

Hot garbage is the best description I've seen for the current state of macOS update management. It's amazing how long this has been in such a bad state and still not fixed, or at least more reliable. It never should have been allowed to get to this state by Apple, but here we are.

SMR1
Contributor III

When I was as JNUC last year, a bunch of people were talking about this and it go brought up in a few sessions. Still just as clunky, just added a to option on the left to give it quicker access.