Hello to you all.
The cause of this is due to some problems to do OS updates remotely, but firstly I'll give you some context.
We have deployed MacBooks Air M1 during last year' summer in our hardware rollout. By the time JAMF School wasn't able to keep the bootstrap token on the server side (it was assigned to a local admin deployed with the MDM configuration) and Big Sur didn't have a stable way to update remotely (this was on Monterey roadmap, and they did solve this part) so we've waited to the Monterey debut and JAMF School updates.
By todays day all of this is working and we are adapting to this changes, and this is what we had to do:
--> Check if the only user with a Secure token is the local admin
--> Send the Bootstrap token to the server side
--> Push the update on JAMF
--> Wait until it updates since it runs silently and you only now when it restarts.
By now we've managed to successfully update two laptops individually by deploying that script and forcing the updade to the device., so, the next step is to turn this into production and separate the devices that had already executed the script from the ones who haven't (only way to guarantee that the BootStrapToken is on server side). Therefore I was thinking to automatically add the devices that executed the script via Smart Group but i cannot find a way to do this straighforward. Does the member filter "BootStrap Token not stored" does the trick.
Anyone knows a way to filter these devices ?
Best regards from Portugal
