Restricted Software / Blacklisted apps fix

@mojo21221 The .blacklist file should update when the machines check in so I'd suggest taking a look at the JSS History for one of the machines exhibiting the problem and see if the logs show errors that might have prevented the update from downloading (although if your "fix" policy fires that'd indicate policies are working on those machines)

@StoneMagnet Yeah other policy has been working fine, on the machines. I found the issue when I was caching the Sierra installer APP and having it auto-kickoff. We used to block the sierra install prior to security approving it for our environment. The user said they were getting the unapproved app message... It appeared that the only thing that was not updating properly was the .blacklist.xml.

We block OS installers until we place the machines in a list for upgrade--- Keeps users from upgrading OS's until our environment ready...
(and allows us to do sanity checking.. for example, how full is their disk? What apps wont' work?)
When added to a static group, the machine is exempted from the restriction...

What i've found is that the restriction lifting is not predictable.. the only way to be sure it changes seems to be what @mojo21221 described.
I think this has been broken for a while... wonder if anyone has reported this to jamf?

@kstrick It's a known, and supposedly rare, issue but I don't have a PI for it. To force the /Library/Application Support/JAMF/.blacklist.xml file to be regenerated you can do a jamf manage via a Policy Files and Processes payload but if you are on High Sierra that might cause issues with UAMDM.