What creative ways are you issuing software update MDM commands?

AJPinto
Honored Contributor II

As the subject said. How are you guys implementing and working around deploying OS updates to Apple Silicon Macs? In my world we are using mass-action and noticing about a 70% success rate which is way too low. Just curious on what everyone else is doing.

 

 

Bonus question: Do you think we will ever see JAMF put the OS update MDM command into a policy? They listed "Ability to issue these commands via policy" as a possible future functionality back in October but nothing on that since from what I have seen.

Managed Software Updates - using deferrals via a m... - Jamf Nation Community - 249821

6 REPLIES 6

Spitzer
New Contributor II

We use a process called Superman developed by our Jamf Professional Services expert.
https://github.com/Macjutsu/super
The other one that might be helpful is Nudge.
https://github.com/macadmins/nudge/

Superman uses the Unified logging which our Apple SE advised us not to use in production environment but only for testing and local troubleshooting. 

Mauricio
Contributor III

Nudge.png

 

Mauricio
Contributor III

We have been asking Jamf Pro for a way to be able to manage/report and control macOS software updates (Appel Silicon) for a few Jamf Pro Betas but no joy. 

One day we will have it, one day, but not yet.

AJPinto
Honored Contributor II

Tell me about it. My quarterly calls with audit and security are fun. I need to start pestering my JAMF team again. I have been working on other things and kinda gave up on anything good coming anytime soon.

 

Q: "how are you tracking macOS update attempts"

A: "HAHAHAH, oh wait you are serious. This is Apple and JAMF, there is no tracking OS updates in any scalable way beyond reading the OS version of a device. So we have no tracking of failed OS update attempts beyond locally on an individual device level. Failure rate in the lab is about 30% with MDM commands between the failure to customize errors, random applications preventing reboots and the such. No we have no plans or ability to remediate or increase patching success rate beyond harassing users to update".

 

Its beyond me why apple is still struggling with the failure to customize error when updating macOS and has no formal fix beyond reinstalling macOS. 

Spitzer
New Contributor II

Apple: Use MDM it should take care of all this stuff for you
Mac Admins: What about updates
Apple: Use an MDM that we acknowledged doesn't have this ability. Anyway... look at how well you can collaborate with the other 4 people that use Keynote.