Help

Security Update 2018-001 Changing UDID of Computers

ScottVV
Release Candidate Programs Tester

Posted on ‎02-02-2018 08:13 AM

Hey Everyone,

I have a lab of late 2009 iMacs running 10.12.6, and I ran software updates on part of the lab. After running the updates, I noticed that I had duplicate records of some of the iMacs. I compared the old record to the new one and noticed the UDID for the device changed. The serial number, MAC address, and other hardware data was the same.

Today I installed updates on the remaining portion of the lab, about 10-15 computers. A couple of computers just had the security update. The rest had the security update plus an iTunes and Safari update. The two computers that installed just the 2018-001 security update both had their UDIDs changed. Some of the computers that installed the security update along with the other updates had their UDIDs change. Of course, some computers installed the security update along with the other updates just fine.

I looked at the old records for the duplicated computers and noticed the same thing as well. Computers that only installed the 2018-001 security update seemed to restart with new UDIDs. Computers that installed the security update with additional updates sometimes created a new UDID.

The computers run fine after the updates. They don't crash or have any other kind of problem. I'm just trying to figure out why the UDID is sometimes getting changed, and if there is anything I can do to prevent it, so I don't have to play whack-a-mole with duplicate computer records

Labels:
0 Kudos
Reply
10 REPLIES 10

blackholemac
Valued Contributor III

Posted on ‎02-02-2018 08:20 AM

I don't know officially so this is only speculation as to why at best.

The fixes for Meltdown and Spectre though involve changes to the firmware and software that the processors use. It is entirely possible that the Security Update 2018-001 included fixes for those that may have monkeyed with the UDID. Again, I could be wrong, but it might well be the update itself causing it.

Feel free to let me know I'm totally off as I don't want to speculate something that I know nothing about.

0 Kudos
Reply

m_donovan
Contributor III

Posted on ‎02-02-2018 09:31 AM

I am seeing the same thing in our environment. I had not yet connected it to the update but will definitely do some digging now. Thanks for the info.

0 Kudos
Reply

donmontalvo
Esteemed Contributor III

Posted on ‎02-04-2018 08:20 AM

Anyone know if the 10.13.2 Combo Update is doing this? We haven't crossed the bridge yet, figured I'd check before.

--
https://donmontalvo.com
0 Kudos
Reply

dmohs
Contributor

Posted on ‎02-05-2018 12:34 PM

In my experience, Security Update 2017-002 on macOS 10.12.6 changed the UDID of all late 2009 iMacs.

0 Kudos
Reply

ScottVV
Release Candidate Programs Tester

Posted on ‎02-06-2018 07:29 AM

Yeah it looks like it's just late 2009 iMacs that are changing UDID's. I tried the security update on two labs of newer iMacs, mid 2017s and Mid 2011s, and non of the computers duplicated. I also tried on various laptops and didn't see an issue. We're releasing the update district wide today so I'll see what happens.

0 Kudos
Reply

analog_kid
Contributor

Posted on ‎02-06-2018 03:47 PM

Interestingly, I had the security update back in November (I think) cause all my late-2009 iMacs to lose trust with Jamf. Luckily, I don't have many of them.

0 Kudos
Reply

analog_kid
Contributor

Posted on ‎02-06-2018 03:53 PM

I just double-checked and it was the UDID that changed after that update (Security Update 2017-001).

0 Kudos
Reply

claudiogardini
Contributor

Posted on ‎02-07-2018 05:12 AM

@ScottVV How did your machines stay connected to your JSS? Usually with a new UUID they lose Connection. Did you manually re-enroll them?

0 Kudos
Reply

ScottVV
Release Candidate Programs Tester

Posted on ‎02-07-2018 11:59 AM

@claudiogardini We have a script on our computers that tries to connect to the JSS. If it can't the script will re-enroll the device. So the UDID get changed, the device loses JSS connection, and the script automatically re-enrolls the device.

0 Kudos
Reply

claudiogardini
Contributor

Posted on ‎02-08-2018 06:06 AM

I started messing around with a Script which updates the new UUID in the JSS without creating a new Computer Record. Unfortunately i haven't had the time to pursue the idea further. If anybody wants to use the Script please Test in a non production environment first!! 

#!/bin/sh

jssurl="jssurl"
user="jssuser"
pass="jsspass"

#Getting UUID from local Machine
uuid=`system_profiler -detailLevel full SPHardwareDataType | grep "Hardware UUID" | cut -f2 -d : | sed 's/^ *//g'`
#Getting Serial Number
serialno=`system_profiler -detailLevel full SPHardwareDataType | grep "Serial Number (system)" | cut -f2 -d : | sed 's/^ *//g'`
#Getting JSS ID from Serial Number
id=`/usr/bin/curl -k -u $user:$pass "$jssurl/JSSResource/computers/serialnumber/$serialno" -X GET | xpath //computer/general/id | cut -f2 -d ">" | cut -f1 -d "<"`
#Getting UUID from JSS using Serial
jssuuid=`/usr/bin/curl -k -u $user:$pass "$jssurl/JSSResource/computers/serialnumber/$serialno" -X GET | xpath //computer/general/udid | cut -f2 -d ">" | cut -f1 -d "<"`
#Compare UUID and update if necessary
    if [ "${uuid}" != "${jssuuid}" ]; then
        echo "Updating UUID"
        #Update UUID
        curl -ku $user:$pass -H "Content-type: application/xml" -X PUT -d "<computer><general><udid>"$uuid"</udid></general></computer>" $jssurl/JSSResource/computers/id/$id
    else
        echo "Local and JSS-UUID matching. Exiting..."
    fi

exit 0
0 Kudos
Reply