Help

What creative ways are you issuing software update MDM commands?

AJPinto
Honored Contributor III

Posted on ‎06-06-2022 07:48 AM

As the subject said. How are you guys implementing and working around deploying OS updates to Apple Silicon Macs? In my world we are using mass-action and noticing about a 70% success rate which is way too low. Just curious on what everyone else is doing.

 

 

Bonus question: Do you think we will ever see JAMF put the OS update MDM command into a policy? They listed "Ability to issue these commands via policy" as a possible future functionality back in October but nothing on that since from what I have seen.

Managed Software Updates - using deferrals via a m... - Jamf Nation Community - 249821

0 Kudos
Reply
6 REPLIES 6

Spitzer
New Contributor II

Posted on ‎06-06-2022 09:10 AM

We use a process called Superman developed by our Jamf Professional Services expert.
https://github.com/Macjutsu/super
The other one that might be helpful is Nudge.
https://github.com/macadmins/nudge/

Reply

Mauricio
Contributor III
In response to Spitzer

Posted on ‎06-07-2022 02:56 AM

Superman uses the Unified logging which our Apple SE advised us not to use in production environment but only for testing and local troubleshooting. 

Reply

Mauricio
Contributor III

Posted on ‎06-07-2022 02:50 AM

Nudge.png

 

Reply

Mauricio
Contributor III

Posted on ‎06-07-2022 02:53 AM

We have been asking Jamf Pro for a way to be able to manage/report and control macOS software updates (Appel Silicon) for a few Jamf Pro Betas but no joy. 

One day we will have it, one day, but not yet.

Reply

AJPinto
Honored Contributor III
In response to Mauricio

Posted on ‎06-07-2022 05:17 AM

Tell me about it. My quarterly calls with audit and security are fun. I need to start pestering my JAMF team again. I have been working on other things and kinda gave up on anything good coming anytime soon.

 

Q: "how are you tracking macOS update attempts"

A: "HAHAHAH, oh wait you are serious. This is Apple and JAMF, there is no tracking OS updates in any scalable way beyond reading the OS version of a device. So we have no tracking of failed OS update attempts beyond locally on an individual device level. Failure rate in the lab is about 30% with MDM commands between the failure to customize errors, random applications preventing reboots and the such. No we have no plans or ability to remediate or increase patching success rate beyond harassing users to update".

 

Its beyond me why apple is still struggling with the failure to customize error when updating macOS and has no formal fix beyond reinstalling macOS. 

0 Kudos
Reply

Spitzer
New Contributor II

Posted on ‎06-07-2022 09:55 AM

Apple: Use MDM it should take care of all this stuff for you
Mac Admins: What about updates
Apple: Use an MDM that we acknowledged doesn't have this ability. Anyway... look at how well you can collaborate with the other 4 people that use Keynote.

 

0 Kudos
Reply