Skip to main content

please forgive my dumb question, but is it possible to scope things to the computers that show up in the Available Software Updates under Logs/Receipts/Available Software Updates in the JSS?

it seems to me that it could make my life much easier than to create EAs and/or Smart Groups for certain policies to run. for example: finding which enrolled computers need the "JavaForOSX-1.0" update. This section has all the available Apple Updates and is divided into 2 categories: Computers Needing and Computers Not Needing.

Thanks in advance.

One of the areas where I agree that JAMF could and should "go farther" in making an admin's life easier. I wish Casper handled patch management differently/better, in this regard.

Somewhat involved, but you can download the Apple updates from http://support.apple.com/downloads, copy the packages to Casper, and, in Casper Admin, with a package selected, click on the Info button and, on the Options tab, click the checkbox for "Install only if SWU reports the package as available". You still have to create a policy to install said package, presumably scoping it to all clients. In theory it should only actually install on those that need it.

But, this is a lot of "manual" work and duplication of effort/bandwidth.

What I've done in most environments is set up a SUS or NetSUS, let it sync with all updates enabled, then go through and disable those (i.e. Java) that may be problematic. Also configure the server to download, but never automatically enable, new updates. The new updates are deployed/tested to test groups via policies. Once blessed, and gone through IT change management (if organizations require that), then the updates are enabled on the server and are executed by weekly policy (typically starting on Friday evenings at 5 p.m.)

Hope this helps,

--Robert

Thanks for your response, Robert. It did help.

Terms & ConditionsCookie settingsAccessibility statement