Run Updates via self service

mconners
Valued Contributor

Hello Everyone,

I am not sure HOW to frame this question so I hope this makes sense.

We are trying to allow our faculty/staff Macs to be updated when the employee clicks on the "Update My Computer" self service policy I created. This policy will update the OS, Adobe Apps and any cached installers. The trouble is, we don't want our users logged in since they might be using apps that are attempting to be updated.

If we run this purely at logout only, then the user cannot click in self service nor can they plan on a time that is suitable for them to have these things run or installed. The user that is trying to pack up to head to another campus is why I don't want to force the issue. This is only for our laptop users as the desktops are left in sleep mode overnight and can easily be updated when not in use. I know there are some die hard people about updates and when to apply them, but our users are relatively good about staying current.

My goal is to ensure the updates are run monthly and at the choosing of our users when it is most convenient for them.

Is there a way for me to type in a command in the self service policy that forces the computer to log out all users when the user clicks on the policy, Update My Computer?

Thanks for your input and again, I realize this might be a little fuzzy in what I am asking.

Mick

2 REPLIES 2

Taylor_Armstron
Valued Contributor

Never tried this, but I'd think you could do it with two separate policies. Put one policy into self service for them to click on, which basically simply runs a script to log them out, and call a custom trigger, something like:

!/bin/bash

osascript -e 'tell app "System Events" to log out'
jamf policy -event Trigger2ndPolicy

Then set the 2nd policy, which actually runs all of your updates, to run with a Custom Event trigger

May be a better way, and I've certainly not tested it, but something along those lines should do it.

Snickasaurus
Contributor

You could take a look at this post started by @yr_joelbruner to see if any of it could put you on the right path.

My thoughts on your workflow:

1) User/customer launches Self Service and chooses the "update" option you created.
2) Your version of Joel's script runs and closes all open apps then kicks off the install (perhaps logging the current user out..or not...).
4) Call a custom jamfHelper screen to let them know the update is in process so they don't try to log in.
5) Scripts/packages finish and machine reboots
6) User/customer logs into an updated machine, you take the rest of the day off and walk around town full of confidence and knowledge like the bright peacock you are.