Software Updates

eaititig
New Contributor III
What's the official statement from JAMF about Software Updates? With 12.2, our Mac mini M1s are refusing to update when performed by:-
+ command line softwareupdate with or without sudo
+ not working with running the full installer with sudo and piping password to stdin (not cool Apple)
+ using JAMF to send Remote Commands to updates fails. When I checked the logs, it says:-

SoftwareUpdate: request for status for unknown product MSU_UPDATE_21D62_patch_12.2.1

SUOSUServiceDaemon: Connection invalidated!

Removing client SUUpdateServiceClient pid=32208, uid=0, installAuth=NO rights=(), transactions=0 (/usr/libexec/mdmclient)

The only successful way to install is to sit at the machine and open System Preferences > Software Updates and put in an admin password when requested.
7 REPLIES 7

sdagley
Honored Contributor III

@eaititig Were your Macs were enrolled in Jamf Pro via Automated Device Enrollment from your ASM/ABM account?

The MDM Update commands won't work if the Mac was manually enrolled.

sujal1208
New Contributor III

What would be the work around this? Create an update policy? 

emilh
New Contributor III

Yes, I'd also very much like to see an official comment from Jamf on this quagmire of a situation. 

We're having the same issues with our entire fleet of Mac on Big Sur or Monterey (enrolled though ADE or not makes no difference).
The only reliable way to update has been to download the latest complete macOS installer and running startosinstall.

 

sdagley
Honored Contributor III

@emilh Try this (It should work if your Macs were enrolled in Jamf Pro via ADE) :


Do a search in Jamf Pro for M1 Macs you want to upgrade to 12.2.1
Click the "Action" button on the search results screen
Select the "Send Remote Commands" Action then click the Next button
Select the "Update OS version and built-in apps (macOS 10.11 or later, Supervised or enrolled via a PreStage enrollment)" item under Remote Commands
Click "Specific version" under Target Version and then select 12.2.1 from the popup
Select "Download and install the update, and restart computers after installation" under Install Action, then click the "Next" button


That will send the MDM command to install macOS 12.2.1 to the Macs selected in Step 1. I _think_ you need to have someone logged in for that to work (I've never tried it without someone logged in). Do not use any of the deferred options under Install Action as that doesn't work reliably (although 12.3 is supposed to fix that)

ardrake
New Contributor III

The current state of managing software updates with Jamf Pro is completely unacceptable for an enterprise environment.  Running an inventory (recon) can't even properly record when there is a software update available, which breaks my smart groups, which breaks my policies.  All of that is a moot point while updates can't be managed with policies anymore, and must be manually pushed with a MDM command that runs at a seemingly random timeframe if ever.

My understanding is that Apple updated MDM commands to allow for a much greater level of control some time ago, and that Jamf has simply not implemented those controls yet.

I think this community is overdue an update on when this is going to be fixed.

ardrake
New Contributor III

Apple also plays a part in fixing this as well, as the restart command sent as part of the update is thwarted by an open app.  A true managed update command will "shutdown -r now" and force the restart.

oklair
New Contributor III

There are no words to describe my frustration with these pitiful macOS update tools. The results are so unpredictable, it's almost a fluke when it works.

And we're not even talking about the miserable user interaction interface... Downloading the packages can take up to 30 minutes; that's enough for the user to forget that he launched it! And BANG! The computer restarts without warning. These are clearly not enterprise-level tools.