Patch Management in Jamf V.S Apple's Native Software Updates

SweenyTodd
New Contributor

Hey all,

We run a tight environment with various pilot groups that get the latest and greatest updates. We have used Jamf's patch management for a few months now and it seems to work great for app updates but is frustrating for Mac OS updates. When the deadline is achieved the machine will warn users about the update but will not warn about restarting after downloading and installing.

A colleague mentioned that at a former employer, admins would manually approve updates through Apple's software update. Any thoughts on how I could achieve this? Is there a plist file I could edit with a policy to direct what version is currently approved?

This is a half idea right now and am looking for some direction. I personally like Apple's Software Update tool a lot better than Jamf's but need some insight on how I could manage this to follow ITSec's guidelines for patch management.

Thanks in advance!

1 REPLY 1

bentoms
Release Candidate Programs Tester

@SweenyTodd Hosting your own Apple Software Update Server and then approving updates, doesn't work now with Big Sur.

Best you can do if defer updates, with differing deferrals for different groups.

Oh, and good luck getting updates programmatically installed.