Help

Recon failure on High Sierra machines with updates available

timmy
New Contributor III

Posted on ‎01-30-2018 02:50 PM

All of our High Sierra machines (and it could affect other versions of macOS) fail recon when an update is available for the system that contains empty parenthesis. I found a post on here that I unfortunately could not find again that blamed the way Apple is returning software updates when recon runs "softwareupdate -l":

macOS High Sierra 10.13.3 ( ), 192587K [recommended] [restart]

for example causes recon to fail because of the "( )" found in the update name. It causes recon to try and submit a null value into the database for a field that cannot be null.

We're running JSS 9.101.0. I saw that 9.101.4 is available but the release notes do not mention addressing this bug.

Is there any type of fix for this?

5 REPLIES 5

Dr_Jones
New Contributor III

Posted on ‎01-30-2018 03:40 PM

https://www.jamf.com/jamf-nation/discussions/26658/10-13-2-supplemental-update-workaround

Also

https://www.jamf.com/jamf-nation/discussions/25648/high-sierra-supplemental-update-breaks-recon

0 Kudos

maurits
Contributor

Posted on ‎01-31-2018 07:26 AM

We run Jamf Pro 10.1.1-t1513360285, same issue.
Only workaround to skip collecting available software updates at recon. Boo for Apple that makes these updates with 'non-standard' attributes.

0 Kudos

timmy
New Contributor III

Posted on ‎01-31-2018 10:31 AM

Oh drats. Though we don't distribute software updates currently with Jamf, we are most likely going to in the near future. I'm guessing skipping collecting available software updates at recon will not allow us to deploy updates to managed systems?

0 Kudos

alexjdale
Valued Contributor III

Posted on ‎01-31-2018 11:32 AM

I'm guessing skipping collecting available software updates at recon will not allow us to deploy updates to managed systems?

It means you might need to get creative or change the way you deploy updates. A policy scoped to all systems that installs all available updates would still work, for example. We use scripts that leverage the softwareupdate command, and those are not affected by this except for the fact that we can't scope them based on SWU inventory data.

0 Kudos

Look
Valued Contributor III

Posted on ‎01-31-2018 12:23 PM

Other than making your scoping for machines to attempt updates much wider it doesn't really have much impact at all, it certainly doesn't prevent updates being applied.
The biggest change is that it hampers your ability to monitor compliance, although if your on JAMF 10 you can still get the big OS updates covered in this regard by having patch management turned on for macOS (it doesn't need to do anything else except show you the info if you want).

0 Kudos