Office Patch Policies via Calling the MAU Binary for Delta Updates


Has anyone been successful getting patching policies with Office 2019/365 working via calling the MAU binary? I've been trying a few different ways and haven't been successful.

I created a script that works for updating all available MAU apps via the binary in a policy fine and that is:

#  Downloads and Installs Office Updates via

currentuser=$(/bin/ls -la /dev/console | /usr/bin/cut -d ' ' -f 4)

echo $currentuser logged in. Running mau delta updates as $currentuser

sudo -u $currentuser /Library/Application Support/Microsoft/MAU2.0/Microsoft --install

For some other patch titles such as Chrome/Firefox I have a custom trigger policy setup that uses a script to install/update the app. So I made a payload free pkg with a postinstall script that just calls the trigger, and that works perfectly. However if I try this with the MAU policy the policy fails to run; however if I call the MAU custom trigger directly from terminal or another policy it works fine.

I also tried inputting that script directly into the postinstall script instead of calling another policy it doesn't work.

I modified Paul Bowden's script here: to work for 2019 versions of the app and it worked when ran locally or in a policy. If I try to call that policy via a postinstall script in a payload free package, it fails. If I input the entire script into a postinstall script in a payload free package it also fails.

I'd love to be able to leverage the MAU binary to download and install the delta updates as they're significantly smaller than the full installer, but am struggling to find a working strategy. Has anyone been successful in this endeavor?