What are folks doing to update thier Macs? Both of Jamf's methods are flaky at best. Anyone get a straight answer from support on this? We had a ticket that went nowhere for 3 months. Also had the assurance that this would be resolved with Jamf Pro 11 and Sonoma. We see the same flaky business happening.
We manage a few hundred Mac desktops and about the same Mac laptops. Nudge is not an option for Lab environements. Trying to understand how Jamf Pro is helping streamline the process of securing our Macs. We have met all of the requirements for things to work according to the support engineer we worked with.
Would like to hear how other admins are dealing witht this?
Do you have a static local admin account password or some LAPS solution where the password is stored in Jamf for lookup? We've tried Nudge and other methods but finally had to get heavy-handed in forcing software update installs/reboots on users. If you can get a local admin account (that has a securetoken as well) password stored in a variable, you should be able to execute a script like this to force install/reboot of software updates (obviously change the username as needed):
echo $password |sudo -S softwareupdate -aiR --user localAdminUserNameHere --stdinpass
If you search JAMF Community, you will see tons of posts on people complaining about software updates and what we are trying to do to manage them. Where JAMF is not doing much to help situations, the issues are firmly with Apple. The OS update workflow is flat out garbage.
I am using a multi prong approach with user involvement.
It's not elegant or nice, but it works. Ask for user involvement, then push the updates, and finally force compliance.
I've all but given up on trying to automate anything around Apple Software Updates. I've resorted to nagging users repeatedly to manually go into Software Update and install the available updates, until they do it. The people here in InfoSec and on teams that monitor updates for the company don't get just how insanely complicated it is now to get our Macs up to date, and keep pointing out that we have some machines not running the latest version of the OS they are on. Yeah, yeah, I know!
Apple has turned what used to be an elegant and simple process at one time, into something that is a nightmarish hot mess. The only reliable way to get it done now is to prompt for user involvement.
I keep hoping one day Apple will come to their senses about this and bring back a more elegant way to get it done, but I may as well hope for a unicorn.
yup.. we've all seen the demo.. testing DDM / OS updates for devices on 14.0 and using scheduled updates with a due date.. with a cut off of Monday.. I still have a number of these past due date and live today.. not updated.. the JAMF 'beta' implementation of this is a mess of a UI with limited implementation of all the features..
still it will be all good in JAMF 12 and macOS 15 yea? 😎
The half baked Apple pie story is getting old. My higher ups don't really care to hear it. The question usually is why are we using Apple if we have these issues? It's hard to stand by it's more secure when we can't apply security updates in an expedient way. Jamf seems to have made some hints at things working. If I look solely from what Jamf advertises and what is working, there is a disconnect.