Patch Management - macOS system updates

mickl089
Contributor III

Hello,

Jamf patch management is a great and powerful tool that we have now also implemented for many apps.

Unfortunately, however, I have seen that you have to provide macOS yourself so that an update policy can be initialised.

is there no way that this can be handled on the Jamf side so that the updates can be loaded from a Jamf resource itself, in order to make the process of packaging unnecessary?

If this is not desired or technically not feasible:
How can I make this process easier? Is it right that you always have to download the fullinstaller and package it? If so, in what format is it uploaded again via Jamf Admin and where must the target folder be located?

thank you!

8 REPLIES 8

gabester
Contributor III

Good luck getting Apple to provide the OS update pkg in a timely fashion for non-current but still supported OS, they seem to like to put one out at least several days if not a couple weeks after the updates become available in Software Update. 

 

Could Jamf, for OS and Safari alone, look to install from "software update server" instead of needing a package supplied for the patch policy?

junjishimazaki
Valued Contributor

I think it would depend on what kind of OS update you are all trying to deploy. If all you are doing is the minor updates then you can deploy it through a policy (look in Software Update)  and scope it to a smart group using the patch management as a criteria with whatever OS version you are trying to update from. Otherwise, for major OS upgrades you will need to upload the package and use patch management. 

Once again i´ve found a solution for this problem - this tool allows you to download a PKG of the newest macOS versions.... https://scriptingosx.com/2021/06/download-full-installer/

There you can work again with jamf patch management 🙂

junjishimazaki
Valued Contributor

You still need to download the full installer. You can go this route or use the terminal command softwareupdate --fetch-full-installer to do the same thing. 

mickl089
Contributor III

Yes, thats right. But with this tool we have at least the option to download a PKG ready for deploy...

junjishimazaki
Valued Contributor

That is true. Thanks for providing that link. 

mickl089
Contributor III

You´re welcome!

I´m uploading at the moment and give feedback, if the PKG will works for us.

mickl089
Contributor III

The PKG only drops the Install macOS Big Sur.app into the Application Folder. You have to create a new PK, i would prefer Packages for this. Take the Install.app and a post-install script for this, create the new PKG and deploy.