Pushing updates for 3rd party apps (Chrome, Firefox, Zoom, etc) in a nice way

rstasel
Valued Contributor

Hi All,

So I'm trying to be nice with updates now that we're all remote. I'm not just pushing via recurring check-in and not caring if something is running.

So I'm looking at via self service, and allow deferral, but I'm confused by something. By checking "Allow Deferral", does that mean it will force the update after the deferral date happens? I've created the policy, scoped to smart group that is, say, "Zoom out of date" based on Patch Reporting. No trigger is set. Recurrence is set to ongoing, and the policy triggers an inventory. I just enabled in Self Service, set to notify, and then set deferral to say, 5/1/2020 at 7pm.

My question is, does that mean if they don't run it themselves, it'll trigger at 7pm on 5/1/2020? It's super unclear... and I can't seem to find the answer via google.

7 REPLIES 7

robertliebsch
Contributor

Self Service will work as you'd expect. When you click the app to update in self service, it will update immediately. The deferral allowed means at X date the update will happen forcefully. The alternate I have been looking at is Creating a Smart Group then scoping a Policy that allows for deferral of 1, 2, 4hours, 1 day or deadline. This I find is a nice yet firm nudge to update. When you fall into that smart group and the policy starts, you'll get a pop up that asks for permission to start, or select a deferral. If your recurrence is ongoing, it will always be in self service. I have found also that it will try to run more than once. So I set execution to weekly in Options:General
!optional image ALT text](![
6001fe041fb04c37b93dd7db5b1edb4c
)

rstasel
Valued Contributor

I have it running an inventory after that should update the group membership and it should fall off. Have you not seen that (that is to say, it trying to run more than once even after an inventory)?

robertliebsch
Contributor

I haven't noticed that as of yet, but I know there is discrepancy between the patch policy numbers and the smart group numbers. So, I'm a touch concerned.

mack525
Contributor II

@robertliebsch

This looks good. Mind sharing the script you’re using?

shaquir
Contributor III

Jamf is enhancing the policy deferral experience in 19.21.0. One way to better the user experience would be to cache the install packages to their machines and then set a "enhanced policy deferral", similar to @robertliebsch or @haircut 's better policy deferral, to install the packages.

rstasel
Valued Contributor

Right, that's what got me going down this road... I haven't had a chance to update to 10.21 yet... will def take a look at "better policy deferral".

robertliebsch
Contributor

@mack525 There is no script. it is built into the Policy: User Interaction under deferral type