Help

Once per computer question (new package)

PE
Contributor

Posted on ‎05-30-2024 05:31 AM

Hi all, i have a small package (.pkg)that installs FortNAC persistent Agent, the trigger is "Once per computer" this works perfect.

 

Now there is an update for this package (.pkg) what is the best way to update this package?

So remove the old package and add the new package to the Policy but how do I reset that this policy run again?

or turn off this policy (and later remove) an make a complete new policy with the new package?

 

thanks

0 Kudos
Reply
10 REPLIES 10

jamf-42
Valued Contributor II

Posted on ‎05-30-2024 05:38 AM

flush policy on a few test devices.. then flush all.

0 Kudos
Reply

PE
Contributor
In response to jamf-42

Posted on ‎05-30-2024 06:04 AM

Thanks @jamf-42 for reply - flush policy on a few test devices I can find this but is there an option for only flushing this action or do I need to flush all information?

0 Kudos
Reply

jamf-42
Valued Contributor II
In response to PE

Posted on ‎05-30-2024 07:03 AM

you can flush a device in the device policy history or in the policy log and also flush all there.

If your not 100% sure.. as @obi-k said.. clone / update pkg / scope..  there are 1001 ways to do stuff in JAMF 😎

 

0 Kudos
Reply

obi-k
Valued Contributor III

Posted on ‎05-30-2024 06:50 AM

I would clone a new policy. 

Call your old policy - FortNAC persistent Agent 1.0. Turn this policy off. Save. Clone it.

Call your new cloned policy - FortNAC persistent Agent 2.0. Push to all or your specific Smart Groups.

This would help with logs and backtracking, if you needed to.

0 Kudos
Reply

scottb
Honored Contributor
In response to obi-k

Posted on ‎05-30-2024 09:02 AM

I agree.  One reason being maybe the new rev has issues, and if you need to go back, you can quickly enable the old rev and disable the new one.
All you need to do with the original question is to flush all in the logs.

It will run again...

0 Kudos
Reply

PE
Contributor

Posted on ‎05-30-2024 06:57 AM

@obi-k thanks for reply I was also thinking about that solution.

0 Kudos
Reply

obi-k
Valued Contributor III
In response to PE

Posted on ‎05-30-2024 06:59 AM

Forgot: Don't forget to change the package to the new one on your cloned policy.

0 Kudos
Reply

PE
Contributor

Posted on ‎05-30-2024 07:03 AM

Yes I will do that - uploaded the new package to Jamf  and also added the version number to the name.

0 Kudos
Reply

sdagley
Esteemed Contributor II

Posted on ‎05-30-2024 12:37 PM

@PE My personal approach when dealing with any Security related tool that is supposed to be on all Macs is to have a Smart Group that contains all Macs that have the version currently being deployed or newer (for some tools this requires creating an Extension Attribute). You don't want to use a check for only the specific version being deployed as some tools will automatically update themselves. My deployment policy for the tool is scoped to all managed Macs that have completed enrollment, excluding Macs in the Smart Group for current version or newer is installed, triggered by recurring check-in, and execution frequency of ongoing. This way if the tool is somehow uninstalled it will automatically re-install after the next inventory that doesn't list it.

0 Kudos
Reply

PE
Contributor

Posted on ‎06-03-2024 04:47 AM

Thanks all 

0 Kudos
Reply