Posted on 12-16-2019 12:09 PM
is there a true, automated OS upgrade script or workflow for end users to upgrade their machine? I know if you do direct from Apple, it works after accepting agreements etc..
Is there one known outside of that?
i know of the macosupgrade.sh, along with trying deploying the Catalina.pkg to the machine, and initiating the upgrade with: '/Applications/Install macOS Catalina.app/Contents/Resources/startosinstall' --agreetolicense --forcequitapps
but both of those still have to have some sort of user interaction for it to go through.
Posted on 12-16-2019 12:39 PM
# Start Upgrade for Catalina /Applications/Install macOS Catalina.app/Contents/Resources/startosinstall --agreetolicense --nointeraction --forcequitapps
Posted on 12-16-2019 12:40 PM
As far as I know, this is not possible simply do to the fact that Apple requires a user on the other end of the OS upgrade in order for it to complete. Any other method will always require someone to login to finish the upgrade.
Posted on 12-16-2019 12:47 PM
@Hugonaut , the --NOINTERACTION flag will allow the upgrade to kick off automaticlly but a user will still have to log in once the upgrade gets to a certain point to complete the upgrade. Apple will always require a human to complete it.
Posted on 12-16-2019 12:58 PM
@nelsoni if you wanna get technical for full automation you could always deploy a launchdaemon and an applescript or shell script containing osascript commands, have the launchdaemon call on the deployed script that tells system events to keystroke a username and password once it gets to the login window. Granted gui scripting a possible administrative user name and password is certainly not secure nor best practice it could fully automate the process to allow the last part of the upgrade complete. (could deploy a temporary account with jamf and have jamf remove it post upgrade)
Posted on 12-16-2019 01:04 PM
That is a valid point. Just wanted to point out that by default neither a full os reninstall or an upgrade can achieve full zero-touch automation through supported flags.
Posted on 12-16-2019 01:07 PM
for managed devices they should absolutely include a flag for full automation, my initial thought was that raphy was looking for the no interaction flag, you got me thinking
Posted on 12-16-2019 01:12 PM
Couldn't agree with you more, but given how apple has handled KEXT approvals and then PPPC and now screen recording, it has become incresingly clear that apple wants a living breathing human involved in nearly every facist of Mac management when it comes to their flavor of "Automation"
Posted on 12-16-2019 01:39 PM
I'm not 100% sure but I think Apple definition of "Automation" stops when security is involved.
Posted on 12-16-2019 01:46 PM
I have used macOS Upgrade from one of Jamf's engineers to perform unattended upgrades to fleets of Macs, first from Sierra to High Sierra, then from High Sierra to Mojave. Looks like it finally got a minor update for Catalina compatibility. It's never required an end-user to log in. I mean, the first time a user logs in, post-upgrade, it may display "installing" but that process is only once, for a few seconds. 99% of the actual installation is automated.
I'd also recommend the "Recon after OS update" LaunchDaemon from @bpavlov at this link, to make sure your host gets any OS-specific MDM profiles pushed as soon as possible (i.e. before the default "once a day"). Since one can't pre-deploy MDM profiles (i.e. notifications on 10.15, TCC on 10.14 and 10.15, et. al.)
Posted on 12-16-2019 01:54 PM
I am not denying that this works for some people. I just have yet to see any upgrade method other then doing the apple way where i dont get an additional 13 minute install after login from an upgrade.
Posted on 12-16-2019 02:30 PM
@nelsoni I'm not denying that my users may get a dialog like that, at least once. I've never seen it take 13 minutes, though, or happen more than once. And, the actual OS is updated, so... it's unclear to me what post-upgrade stuff is actually happening. Then again, most of my systems have generally been single-user, rather than multiple user...
Posted on 12-17-2019 08:24 AM
I've only experienced these 3 scenarios:
1- once initiated via Self Service, the computer restarts as expected, does a couple of restarts then hangs on a black screen for awhile. once you hit the spacebar (or any key), the machine wakes up and continues the process.
2 - is that in the middle of an upgrade, it takes the user to the login screen to enter credentials sometimes twice when the Catalina background shows up. once entered, the machine goes back to the update screen (about x minutes remaining... )
3 - Apples official upgrade, but you still have to accept the license and click through the prompts etc..
Posted on 06-22-2021 08:30 AM
How can I do this for Big Sur?