Skip to main content
Question

truly automated script or workflow for OS upgrade?


Forum|alt.badge.img+4

is there a true, automated OS upgrade script or workflow for end users to upgrade their machine? I know if you do direct from Apple, it works after accepting agreements etc..

Is there one known outside of that?
i know of the macosupgrade.sh, along with trying deploying the Catalina.pkg to the machine, and initiating the upgrade with: '/Applications/Install macOS Catalina.app/Contents/Resources/startosinstall' --agreetolicense --forcequitapps

but both of those still have to have some sort of user interaction for it to go through.

13 replies

Hugonaut
Forum|alt.badge.img+15
  • Esteemed Contributor
  • 574 replies
  • December 16, 2019

# Start Upgrade for Catalina
/Applications/Install macOS Catalina.app/Contents/Resources/startosinstall --agreetolicense --nointeraction --forcequitapps

Forum|alt.badge.img+9
  • Contributor
  • 137 replies
  • December 16, 2019

As far as I know, this is not possible simply do to the fact that Apple requires a user on the other end of the OS upgrade in order for it to complete. Any other method will always require someone to login to finish the upgrade.


Forum|alt.badge.img+9
  • Contributor
  • 137 replies
  • December 16, 2019

@Hugonaut , the --NOINTERACTION flag will allow the upgrade to kick off automaticlly but a user will still have to log in once the upgrade gets to a certain point to complete the upgrade. Apple will always require a human to complete it.


Hugonaut
Forum|alt.badge.img+15
  • Esteemed Contributor
  • 574 replies
  • December 16, 2019

@nelsoni if you wanna get technical for full automation you could always deploy a launchdaemon and an applescript or shell script containing osascript commands, have the launchdaemon call on the deployed script that tells system events to keystroke a username and password once it gets to the login window. Granted gui scripting a possible administrative user name and password is certainly not secure nor best practice it could fully automate the process to allow the last part of the upgrade complete. (could deploy a temporary account with jamf and have jamf remove it post upgrade)


Forum|alt.badge.img+9
  • Contributor
  • 137 replies
  • December 16, 2019

That is a valid point. Just wanted to point out that by default neither a full os reninstall or an upgrade can achieve full zero-touch automation through supported flags.


Hugonaut
Forum|alt.badge.img+15
  • Esteemed Contributor
  • 574 replies
  • December 16, 2019

for managed devices they should absolutely include a flag for full automation, my initial thought was that raphy was looking for the no interaction flag, you got me thinking


Forum|alt.badge.img+9
  • Contributor
  • 137 replies
  • December 16, 2019

Couldn't agree with you more, but given how apple has handled KEXT approvals and then PPPC and now screen recording, it has become incresingly clear that apple wants a living breathing human involved in nearly every facist of Mac management when it comes to their flavor of "Automation"


Forum|alt.badge.img+16
  • Honored Contributor
  • 1054 replies
  • December 16, 2019

I'm not 100% sure but I think Apple definition of "Automation" stops when security is involved.

C


RobertHammen
Forum|alt.badge.img+28
  • Esteemed Contributor
  • 1027 replies
  • December 16, 2019

I have used macOS Upgrade from one of Jamf's engineers to perform unattended upgrades to fleets of Macs, first from Sierra to High Sierra, then from High Sierra to Mojave. Looks like it finally got a minor update for Catalina compatibility. It's never required an end-user to log in. I mean, the first time a user logs in, post-upgrade, it may display "installing" but that process is only once, for a few seconds. 99% of the actual installation is automated.

I'd also recommend the "Recon after OS update" LaunchDaemon from @bpavlov at this link, to make sure your host gets any OS-specific MDM profiles pushed as soon as possible (i.e. before the default "once a day"). Since one can't pre-deploy MDM profiles (i.e. notifications on 10.15, TCC on 10.14 and 10.15, et. al.)


Forum|alt.badge.img+9
  • Contributor
  • 137 replies
  • December 16, 2019

I am not denying that this works for some people. I just have yet to see any upgrade method other then doing the apple way where i dont get an additional 13 minute install after login from an upgrade.


RobertHammen
Forum|alt.badge.img+28
  • Esteemed Contributor
  • 1027 replies
  • December 16, 2019

@nelsoni I'm not denying that my users may get a dialog like that, at least once. I've never seen it take 13 minutes, though, or happen more than once. And, the actual OS is updated, so... it's unclear to me what post-upgrade stuff is actually happening. Then again, most of my systems have generally been single-user, rather than multiple user...


Forum|alt.badge.img+4
  • Author
  • Contributor
  • 14 replies
  • December 17, 2019

I've only experienced these 3 scenarios:

1- once initiated via Self Service, the computer restarts as expected, does a couple of restarts then hangs on a black screen for awhile. once you hit the spacebar (or any key), the machine wakes up and continues the process.

2 - is that in the middle of an upgrade, it takes the user to the login screen to enter credentials sometimes twice when the Catalina background shows up. once entered, the machine goes back to the update screen (about x minutes remaining... )

3 - Apples official upgrade, but you still have to accept the license and click through the prompts etc..


Forum|alt.badge.img+4

How can I do this for Big Sur?


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings