Skip to main content
Question

Recon failure on High Sierra machines with updates available

  • January 30, 2018
  • 5 replies
  • 40 views
T
Forum|alt.badge.img+4

All of our High Sierra machines (and it could affect other versions of macOS) fail recon when an update is available for the system that contains empty parenthesis. I found a post on here that I unfortunately could not find again that blamed the way Apple is returning software updates when recon runs "softwareupdate -l":

macOS High Sierra 10.13.3 ( ), 192587K [recommended] [restart]

for example causes recon to fail because of the "( )" found in the update name. It causes recon to try and submit a null value into the database for a field that cannot be null.

We're running JSS 9.101.0. I saw that 9.101.4 is available but the release notes do not mention addressing this bug.

Is there any type of fix for this?

      5 replies

      D
      Forum|alt.badge.img+11
      • Dr_Jones
      • Contributor
      • January 30, 2018

      https://www.jamf.com/jamf-nation/discussions/26658/10-13-2-supplemental-update-workaround

      Also

      https://www.jamf.com/jamf-nation/discussions/25648/high-sierra-supplemental-update-breaks-recon

      M
      Forum|alt.badge.img+8
      • maurits
      • Contributor
      • January 31, 2018

      We run Jamf Pro 10.1.1-t1513360285, same issue.
      Only workaround to skip collecting available software updates at recon. Boo for Apple that makes these updates with 'non-standard' attributes.

      T
      Forum|alt.badge.img+4
      • timoteo
      • Author
      • Contributor
      • January 31, 2018

      Oh drats. Though we don't distribute software updates currently with Jamf, we are most likely going to in the near future. I'm guessing skipping collecting available software updates at recon will not allow us to deploy updates to managed systems?

      A
      Forum|alt.badge.img+18
      • alexjdale
      • Contributor
      • January 31, 2018
      I'm guessing skipping collecting available software updates at recon will not allow us to deploy updates to managed systems?

      It means you might need to get creative or change the way you deploy updates. A policy scoped to all systems that installs all available updates would still work, for example. We use scripts that leverage the softwareupdate command, and those are not affected by this except for the fact that we can't scope them based on SWU inventory data.

      L
      Forum|alt.badge.img+16
      • Look
      • Valued Contributor
      • January 31, 2018

      Other than making your scoping for machines to attempt updates much wider it doesn't really have much impact at all, it certainly doesn't prevent updates being applied.
      The biggest change is that it hampers your ability to monitor compliance, although if your on JAMF 10 you can still get the big OS updates covered in this regard by having patch management turned on for macOS (it doesn't need to do anything else except show you the info if you want).

      Terms & ConditionsCookie settingsAccessibility statement