Our company recently onboarded Jamf. I'm looking at best practices, or what others in the community, has done with Patch Management.
It seems we must manually search for and download or create .pkgs of applications > upload the package > select Patch Management Application > Definitions > Add > Create Patch Policy or edit existing patch policy.
I currently have applications all from the Jamf internal source. But the list of applications are getting longer as I onboard more Mac users. Having to download/create pkgs every month seems quite cumbersome.
What do you do?
Depending on your org's policies it might not be an option to have packages that are download via AutoPkg automatically uploads to your JSS, and they'll require verification first. If that's the case for you then you'll find the Suspicious Package and Apparency tools useful for that.
@DC_72CA I would recommend you to review Jamf Pro App Installers where Jamf is doing all that work for you and you just scope the same on your managed mac, here is the quick link on what and how of jamf Pro App Installers --> https://learn.jamf.com/bundle/jamf-pro-documentation-current/page/App_Installers.html
Note that @DC_72CA mentions they're already using the Jamf App catalog ("Jamf internal source"), but it's a small subset of available Mac applications. It is a growing subset however, and one can always create a Feature Request for apps that aren't yet available and see if it gets enough upvotes from other Jamf Pro customers to gain a spot in the catalog.
Oh yeah, when I saw I had to select each one in the Mac App store and get licenses from the ABM. It was definitely better to use the Mac M365 installer and it comes with the AutoUpdate as well. Those apps have been updating without a problem. I've realized that some apps weren't automatically patching and found out I had to upload the package since they weren't in the Jamf App Catalog or Mac App Store.
As I am onboarding more Macs into Jamf Pro, I notice some apps are not in the Jamf Internal source so can't make use of the Jamf Patch Management feature.
Do people just create a policy to update apps not in the Jamf Internal source?
Or, do people add an external source, if so, how do you find the hostname, IP etc. I've tried googling and doesn't seem to result in anything useful. Do people just reach out to the respective apps support team to see if they are willing to divulge such information?