Jamf Nation Community

@koalatee Thanks - these are the guides I referred to when setting it up. I'm just wondering how people are configuring the settings for each user: config profile, managed pref, login script? I know I can do a config profile but didn't know if people were doing something else? I uploaded my custom payload but was unable to get it to work in the config profile for some reason.

Thanks!

@Chuey, while I haven't personally had to configure a caching server for production, the client side settings should definitely work using configuration profiles. I usually install my MAU settings at the computer level and that seems to work well for me.

Also, I believe that if your clients can't reach your caching server, they'll default back to Microsoft's CDN. Double-check the documentation before taking my word for that.

@talkingmoose The com.microsoft.autoupdate2 plist file is a user level file located in ~/Library/Preferences

Each user can have their own settings for MAU. I converted my plist to xml to upload as a custom payload and enforced at the user level with no success. There was no way for me to define where the file was uploaded on the machine so I'm not sure where it's placing this plist file that I uploaded. . .

I wanted to use a managed preference but was unsuccessful with that too. I can have the file copied to each users Library/Prefs folder upon login - but was wondering if anyone was doing it a different way.

I also know there is a feature in Casper Admin that I can fill user templates and fill existing user templates if I create a custom PKG with my plist file. Have you ever used this ? Just wondering if it works like it theoretically should?

@Chuey, what specific keys and values do you have in the plist file you're uploading to make the configuration profile? Can you post the full plist here?

Do you have a need to support different MAU user settings on the same machine?

While a PKG with a script will work (or a DMG using FUT and FEU), the preferences will eventually move from a user's ~/Library folder to the top level /Library folder. That's probably coming in MAU 4.0.

@talkingmoose I hope they move it from ~/Library to the main /Library .. not sure why it wasn't done like that in the first place!

Some of our staff may use multiple computers so I just wanted the settings for MAU to be consistent for every user regardless of which device they are using. Unless there is a way I can configure something in /Library to check or update in the background silently on a specific day/time then it wouldn't matter on a per user basis.

For my custom setting I created a config profile > set the level to "User level" > added a Custom Setting > for Preference domain I named it the exact name of the original plist file: com.microsoft.autoupdate2.plist and uploaded my plist file that I had to convert to xml using terminal. It is the same plist file that I manually manipulated and added my internal update server and also enabled more logging.

I then set the scope to a specific machine - I confirmed the config profile was indeed applied under Sys Prefs > Profiles but when I checked the users Lib Prefs the original file was there...

If you need to see the actual plist ( com.microsoft.autoupdate2.plist ) let me know and I'll post that.

thanks for you help on this - much appreciated.

@koalatee Right now the MAU settings are user specific located in the ~/Library/Preferences folder, correct?

If I am correct on that - then my custom plist file I have needs placed in every users /Library/Preferences folder aka ~/Library/Preferences ... I can run a script to copy this file into all existing users and future users /Lib/Prefs folder - thats not a problem - I was wondering how others were doing it. I tried using a custom config profile but was not successful getting it placed in the users library/prefs folder even when I have it set to enforce on a user level.

@koalatee OK - I figured it out - I was setting it to a user level config profile and not computer level. I was confused since this is a user preference I thought it had to be set to user level enforcement.

Thanks for the help

Ok I just looked at this a little more... MAU settings seem to be somewhat user specific - but it looks like only the registered apps would be what are user specific. I may have a problem with my plist though :) Here's a profile

When logging into another user on this machine, the actual MAU settings are correct (for me, automatically download and install updates).

You should have a correct plist, upload to jamf and apply to com.microsoft.autoupdate2 and apply it computer-level.

@koalatee Thanks for your help. My issue was I enforced at user level. I was thinking logically that if it's a user preference it needs applied at the user level - as soon as I changed it to computer level - it is working now!

Do you know if users are outside our corporate network if they will default to download from Microsoft since our internal server is not publicly available?

Yeah looks like it will default to Microsoft?

From this pdf

In this scenario, MAU will still use the collateral on the Microsoft CDN to detect updates, but before downloading those update packages over the Internet from the CDN, it will first check the UpdateCache server. If the UpdateCache server has a local copy of the update, a 200 response will be sent to the client and MAU will obtain its update from the local server. If the server returns a 404 (not found) response, MAU will fall-back to downloading the package from the CDN.

But, this looks only be for the pkg itself. If you are specifying the manifest (which version of Office is available) then (near the end of the pdf):

If MAU has been configured to use a custom manifest server, it will use that exact path as the single authority of updates. If your custom manifest server is down or non-functional, MAU will report that the update server could not be reached. It will not fail-through to Microsoft’s servers.

@koalatee Thanks for your help