Help

Nudge opening Self Service policy

healthcareaa
New Contributor III

Posted on ‎11-03-2023 10:35 AM

Screenshot 2023-11-03 at 10.31.17 AM.png

 

Our current Nudge configuration. The Nudge button "Update Now" is only opening the MacOS Sonoma Installer application that requires admin credentials. It won't open the Self Service update policy that we have. We need the Self Service update because it doesn't require Admin credentials. The regular Sonoma app installer update just started requiring admin creds as of today for our Org so we can't use it anymore. 

 

Anyone have the actionbuttonpath field working to open Self Service in Nudge?

0 Kudos
Reply
5 REPLIES 5

sdagley
Esteemed Contributor III

Posted on ‎11-03-2023 10:47 AM

@healthcareaa If you're running a full macOS installer on an Apple Silicon Mac it's going to require user credentials whether or not you launch it via Self Service. Only on x86 Macs can the full macOS installer run without requiring user credentials.

Reply

healthcareaa
New Contributor III
In response to sdagley

Posted on ‎11-03-2023 11:01 AM

Yes, with our Self Service erase-install script it only requires the user credentials. If we run the MacOS Sonoma Installer application then it requires Admin. We are looking for Nudge to open the Self Service policy and allow users to run the update script. 

0 Kudos
Reply

sdagley
Esteemed Contributor III
In response to healthcareaa

Posted on ‎11-03-2023 11:03 AM

Are you providing admin credentials to erase-install via your Self Service policy? If not then there's no way it's capable of running a macOS installer on an Apple Silicon Mac without prompting the user for credentials. This is an Apple requirement for the macOS installer, and even updates, on Apple Silicon Macs.

Reply

bcrockett
Contributor III

Posted on ‎11-03-2023 03:08 PM

This is a link to an overview of that workflow.  I use Nudge to run a policy in self-service. That policy is Erase -install. 

 

In the configuration profile for nudge --> Applications & Custom Settings --> External Applications --> actionButtonPath = Configured --> A path to a URL for opening alternative actions, like Jamf self-service items = your policy ID URL.

 

This can be found in your self-service policy that you created and want to link nudge. 

An example of one is below. 

jamfselfservice://content?entity=policy&id042=&action=execute

 

 

 

Reply

bcrockett
Contributor III
In response to bcrockett

Posted on ‎11-03-2023 03:12 PM

 Also, the info in the document below gives context to why admin and/or user credentials are required for updates on current macOS systems running on Apple chips. 

#########

Use secure token, bootstrap token, and volume ownership in deployments 

https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web

 

0 Kudos
Reply