Skip to main content

Howdy all,

 

I am facing an issue that I can’t seem to solve with running Microsoft AutoUpdate via script from Jamf to keep our mac office apps updated. I have had this set up for several years and it had been working beautifully as a hands off solution. I am not sure exactly when it started failing, I recently noticed the problem and started digging into it. I am wondering if anyone is facing the same problem, or has advice on what to try.

The setup is fairly simple, a policy that runs against a smart group of any macs with office apps that are not the latest version once a day. It runs a script to use the MAU command line msupdate to pull and install any available updates.

Script is below, it only worked under user context originally so that is why it is set that way.

The error I am seeing on every run now is related to the XPC connection, this happens on all clients no matter what, -reinstalled MAU with latest version, brand new mac build with latest install etc.
 

 

I have the original PPPC profile set up from pbowden for com.microsoft.autoupdate2 as this was originally required to make it work years ago. However this has not been updated as we all know macadmins.software and pbowdens work went silent.

https://github.com/pbowden-msft/MobileConfigs/tree/master/Jamf-MSUpdate

I am wondering if something changed in the way that the updater connects that Jamf needs new PPPC settings? 

if MAU is run MANUALLY on the machine, it DOES work.

thanks all!

@msergi We switched to using the Office apps in the Jamf App Catalog which you can set to automatically update. That way we don’t have worry about a separate policy to check if they need to be updated. 

You're likely facing issues with your Jamf script because of a path change for Microsoft AutoUpdate (MAU) or new macOS security restrictions. The old script's `MAU2.0` path is outdated; the current path is `/Library/Application Support/Microsoft/MAU/Microsoft AutoUpdate.app`. Additionally, recent macOS updates may have altered how scripts can run in a user's context. To fix this, update your script to use the correct MAU path and consider adding logging to diagnose any new permission problems. Manually testing the command with `sudo` can also help you isolate the issue.

Move to the config profile setup for updates.  Invoking the msupdate binary manually is asking for problems.  Wait till you get it stuck in a never ending loop of checking for updates that fills up the logs and almost crashes your jamf instance...or better yet the end-point.

This method worked 10 years ago.  There are better ways to do this now (configuration profiles and user opt-in).

Thanks for the replies all! my backup plan was to move to mac app updates from the jamf catalog anyway as you did ​@ktrojano  - so I may just go that direction as its a more modern solution. 

Thanks for catching the path error ​@donna641 I will correct that and try it 

@Chubs Yes I think it may be time to update my solution here to something more modern/controllable :-)

Terms & ConditionsCookie settingsAccessibility statement