Help

T2 Chip and Apple Updates

Go to solution
walts_9
New Contributor III

Posted on ‎12-18-2018 08:09 AM

I've had a couple of t2 MBP's refuse to run OS and security updates on wired connections. We aren't blocking anything and it seems to run on wireless just fine.

Is this how the t2 firmware functions? My educated guess is that the firmware for ethernet over usbc is not accessible in the preboot environment, but I'm having a hard time (imagine that) finding any Apple documentation to back this up. Or any documentation for that matter.

Reply
1 ACCEPTED SOLUTION

Go to solution
sshort
Valued Contributor

Posted on ‎12-18-2018 08:41 AM

Sadly, I've found the most reliable way to receive an security/firmware update on T2 Macs (using a wired connection) is with a "double-dongle" using the Thunderbolt to Ethernet adapter + the Thunderbolt 3 to Thunderbolt adapter.284e9a3492474a5380255ebfc9c0c9b4

Using a dock or the (usually excellent) Anker usb-c ethernet adapter seems to be very hit-or-miss as to whether a user encounters a failed update where they're booted to Recovery and have to select the Startup Disk to get back to the login screen.

The same goes for reliably connecting to Internet Recovery...

View solution in original post

Reply
5 REPLIES 5

Go to solution
sshort
Valued Contributor

Posted on ‎12-18-2018 08:41 AM

Sadly, I've found the most reliable way to receive an security/firmware update on T2 Macs (using a wired connection) is with a "double-dongle" using the Thunderbolt to Ethernet adapter + the Thunderbolt 3 to Thunderbolt adapter.284e9a3492474a5380255ebfc9c0c9b4

Using a dock or the (usually excellent) Anker usb-c ethernet adapter seems to be very hit-or-miss as to whether a user encounters a failed update where they're booted to Recovery and have to select the Startup Disk to get back to the login screen.

The same goes for reliably connecting to Internet Recovery...

Reply

Go to solution
walts_9
New Contributor III

Posted on ‎12-18-2018 09:06 AM

I wish I could say I was surprised.

Reply

Go to solution
nwagner
Contributor

Posted on ‎03-12-2019 03:14 PM

I have to use the same thing just to enroll machines with ABM (Apple Business Manager), internet recovery, anything that needs to talk to apple.

Sorry to bump an old topic, but that pic hits me in the feels... so so hard.

0 Kudos
Reply

Go to solution
coryhowell2
New Contributor III

Posted on ‎03-13-2019 05:35 AM

I have been able to update our 2018 MacBook Pros on our 802.1x wifi using the "softwareupdate --install -R --all" command. While logged into a user account it downloads the updates and automatically reboots the computer. The -R flag is the only way I have been able to download and install the firmware updates and install without getting stuck in recovery mode. A wired connection has always worked for me as well. We have been using a USB-C to ethernet adapter. If you are having an issue with using a USB-C adapter I would recommend adding its MAC address to the Removable MAC addresses list in your Jamf server settings. https://www.amazon.com/Ethernet-Adapter-uni-Thunderbolt-Compatible/dp/B077KXY71Q.

0 Kudos
Reply

Go to solution
cpresnall
Contributor

Posted on ‎03-13-2019 07:50 AM

The T2 chipset does not allow the ethernet connection to be active until pre-boot has completed. You can see other external connections are available to be added by adjusting startup security (HT208198) but the Ethernet boot connections are not adjustable in this way any longer.
Lots of organizations are having to re-think their update and deployment strategies as they introduce these new chipsets to their environments.

Reply