Skip to main content
Solved

Patch management not updating


Did this topic help you find an answer to your question?
Show first post

40 replies

Forum|alt.badge.img+5
  • Contributor
  • 54 replies
  • November 10, 2020

For everyone posting in this thread, do you have an open case with Jamf support?

I do, and they are actively working on it, but have said that there appears to be more than one cause, so I highly recommend opening a ticket if you haven't already.


Forum|alt.badge.img+2
  • New Contributor
  • 10 replies
  • November 10, 2020

Yes, always open a ticket 1st.


Forum|alt.badge.img+7
  • Contributor
  • 21 replies
  • December 2, 2020

Opened a case on this also :)


Jason33
Forum|alt.badge.img+13
  • Honored Contributor
  • 223 replies
  • December 2, 2020

Opened a ticket yesterday afternoon, resolved overnight. Software versions are updating, and my email notifications are working again.


Forum|alt.badge.img+12
  • Valued Contributor
  • 350 replies
  • December 2, 2020

They have a workaround that can be done overnight. I've had the issue 3 or 4 times over the last six months.


Forum|alt.badge.img+7
  • Contributor
  • 21 replies
  • December 3, 2020

Didn't fix for me :)


Forum|alt.badge.img+6
  • Author
  • Contributor
  • 22 replies
  • December 29, 2020

For those having this problem with Chrome and Firefox, There are plenty of scripts that check for versions and update automatically. These browsers are some of the easiest to keep up to date with scripts as apposed to a pain in the ass like Zoom. I suggest you search either the 3rd party software page or discussions for scripts to update these two rather than patch management.


Forum|alt.badge.img+6
  • Contributor
  • 29 replies
  • January 20, 2021

Hi, is patch management still working?
Skype for Business 16.29.41 is out for about 2 weeks,
Symantec Endpoint Protection 14.3.3384.1000 is out for over a month... But Patch Management still shows the old versions.

Edge is still not integrated even many want it to (and most of Microsoft apps are already working fine).
Vote up for Edge to get integrated in patch management: https://www.jamf.com/jamf-nation/feature-requests/9140/microsoft-edge-patch-management-policy


Forum|alt.badge.img+7
  • Contributor
  • 21 replies
  • January 20, 2021

It broke for me again, was working for a while raise a support case once more. @Tjernigan our security team is using patch management for reporting as it displays information in very user friendly way, but then it lies I'm starting to get a lot of questions why devices are out of date then they aren't really :)


Forum|alt.badge.img+1
  • New Contributor
  • 1 reply
  • February 12, 2021

@thomas.moser

I'm having the exact same issue and have opened a case. Please open a case if you haven't already.

Restarting Tomcat will quickly update the patch catalog but then it just stops updating again.


JKingsnorth
Forum|alt.badge.img+7
  • Valued Contributor
  • 51 replies
  • March 15, 2021

We've been having this same issue on and off for months now. Started again today. Everything is showing fully updated on the Policy tab but on the Report tab its a 0% for multiple Apps. Chrome doesn't even show the latest patch to pick from in the definition tab.

This is getting really old having to open a ticket every couple weeks just to get it working again for Cloud accounts.


Forum|alt.badge.img+12
  • Valued Contributor
  • 350 replies
  • March 15, 2021

Yeah, at the moment I'm seeing that the Chrome version has not updated in my Patch reporting. Not sure yet if I should reopen my never-ending ticket about Patch Management not updating or if someone is just having a Monday and forgot to update it.

Edit: Looks like it was someone just forgetting to update the Chrome definition as it now appears correctly.


Forum|alt.badge.img+4
  • New Contributor
  • 3 replies
  • March 18, 2021

I have been trying to use the Firefox patch management and it's not working. The extension attribute script looks different from the original one. I noticed the new script doesn't actually return any value in Jamf Pro. When I run the script in Terminal it prints out pipes around the version which I've noticed my working scripts do not have.

#!/bin/sh
#######################################################
# A script to collect the Version of Mozilla Firefox. #
#######################################################

PATH_EXPR=/Applications/*/Contents/*/application.ini
RELEASE="mozilla-release"
BUNDLE_ID="org.mozilla.firefox"
KEY="CFBundleShortVersionString"

RESULTS=()
IFS=$'
'
for APP_INI in $(/usr/bin/grep -l "${RELEASE}" ${PATH_EXPR} 2>/dev/null); do
    PLIST="$(/usr/bin/dirname "${APP_INI}")/../Info.plist"
    if [ "$(/usr/bin/defaults read "${PLIST}" CFBundleIdentifier 2>/dev/null)" == "${BUNDLE_ID}" ]; then
        RESULTS+=($(/usr/bin/defaults read "${PLIST}" "${KEY}" 2>/dev/null))
    fi
done
unset IFS

if [ ${#RESULTS[@]} -eq 0 ]; then
    /bin/echo "<result></result>"
else
    IFS="|"
    /bin/echo "<result>|${RESULTS[*]}|</result>"
    unset IFS
fi

exit 0

The original script

#!/usr/bin/env bash

##############################################################################
#Script is designed to return the 'version number' of Mozilla Firefox.       #
#Locates the the installed firefox application verifies 'release'            #
#before returning 'version number' or 'not installed'                        #
##############################################################################
RESULT="Not Installed"

for i in /Applications/Firefox*.app; do
  /usr/bin/grep mozilla-release "$i"/Contents/Resources/application.ini
  if [[ $? -eq 0 ]]; then
    RESULT=$(/usr/bin/defaults read "$i"/Contents/Info.plist CFBundleShortVersionString)
  fi
done
/bin/echo "<result>$RESULT</result>"


Attached screen shot of result in terminal. Could this be part of the issue? I'm not familiar with Inline Field Separators.


Forum|alt.badge.img+6
  • Author
  • Contributor
  • 22 replies
  • March 18, 2021

@tomt Here try using this script. It is much easier than just trying to go through patch managment all the time with how many updates google sends out.

!/bin/sh

dmgfile="googlechrome.dmg"
volname="Google Chrome"
logfile="/Library/Logs/GoogleChromeInstallScript.log"

url='https://dl.google.com/chrome/mac/stable/GGRO/googlechrome.dmg'

/bin/echo "--" >> ${logfile}
/bin/echo "date: Downloading latest version." >> ${logfile}
/usr/bin/curl -s -o /tmp/${dmgfile} ${url}
/bin/echo "date: Mounting installer disk image." >> ${logfile}
/usr/bin/hdiutil attach /tmp/${dmgfile} -nobrowse -quiet
/bin/echo "date: Installing..." >> ${logfile}
ditto -rsrc "/Volumes/${volname}/Google Chrome.app" "/Applications/Google Chrome.app"
/bin/sleep 10
/bin/echo "date: Unmounting installer disk image." >> ${logfile}
/usr/bin/hdiutil detach $(/bin/df | /usr/bin/grep "${volname}" | awk '{print $1}') -quiet
/bin/sleep 10
/bin/echo "date: Deleting disk image." >> ${logfile}
/bin/rm /tmp/"${dmgfile}"

exit 0


Forum|alt.badge.img+12
  • Valued Contributor
  • 350 replies
  • March 18, 2021

@Tjernigan Thanks, I only use Patch for quick reporting on Chrome and to alert me of new versions in case I miss the email from Google. We will hopefully be allowed to move to autoupdates soon. Then I can pretty much forget about it except for stragglers.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings