I have all of my iMacs pointing to my internal SUS on a 10.8 server. I verified that they are talking to the internal SUS, no problems there. If I manually initiate a software update the updates download and install without issue. I have a policy set to run Software Updates between 3-5AM on Tuesday mornings scoped to a smart group. The smart group contains all my iMacs that need software updates. This policy never runs and there aren't any policy logs to look into. Here are my policy setttings:
Execution: ongoing - I also tried once per week - both failed. Active as of 2/6/13 with no expiration date
Do Not Execute: All days checked except for Tuesday
Do not Execute Between: 5AM-3AM - This should run the policy between 3-5AM on Tuesday morning, it doesn't
Minimum Connection: Ethernet - All iMacs are connected to our network via ethernet
Network Segments: I have this set to our internal network segment - all iMacs are on this segment. Override Default Policy Settings: Tried both my internal SUS for Software Update Server as well as Default for Each Computer - neither setting made a difference.
I have the policy scoped to a smart computer group I created, I verified that this group has all iMacs that need software updates.
Self Service = unchecked
Packages Set Server = unchecked Install All software updates = checked
Scripts, Printers, Dock, Accounts
All empty, no reason to add anything here.
Only if SWU or package requires set for logged in or not logged in.
Update Inventory is the only setting checked.
I have no idea why the policy refuses to run, the logs don't even show that the poilicy tried to run and failed.
Are your iMacs going to sleep perhaps? You have it set to run at a very early morning timeframe, so if they are asleep they'll never check in and run the policy.
Barring that, it could be an issue with the Do Not Execute Between times. I rarely use that feature, but I'm wondering if having it set to not run between 5 AM and 3 AM the next day on only a single day of the week may be tripping it up. Maybe its thinking it shouldn't run at all.
If this was a case of sleeping computers I would at least get a policy log error stating that the policy started but ultimately failed. The policy logs are empty. The do not execute between times should work as it is a component of the JSS. Actually, this policy was setup during our jumpstart by the jamf engineer, so it "should" work.
nessts is correct. The JSS never reaches out to a Mac. Its the other way around, so if your Macs are asleep, they won't check in again until they are awake., but at that point, they are no longer in scope of the policy due to the timeframe you have it set to.
If you really need them to run this policy at that time, you may need to send out a pmset command the day before to make sure they either startup or wake up prior to the time the policy needs to run, or just find a way to make sure they don't sleep. That can also be done with pmset commands.
Hope that helps.
@kirkd I run mine using a similar policy, however I run mine at startup. Seems to work fine on my end using 8.63.
Question for anyone that I have is can I turn off Automatically Check for Updates in System Prefs and have this policy still work? But more importantly will it kill that darn software updates notification in 10.8.x?