However, MDM commands for updates are super flaky across the board, and are lacking in a lot of features currently, when they work, imo. The only way to force updates are: if the machine is an Intel one using the softwareupdate -iaR command, using the same command but coding in a known username/password for ARM Macs, or by using MDM commands. The general fix is to manually check for updates a few times, reboot, or run the "sudo launchctl kickstart -k system/" command and then check for updates again. Many people haven't seen the 12.5 or 12.5.1 updates available to them yet because of this. It's an issue with the softwareupdate binary again. On top of all of that, in general there's been issues on Big Sur & Monterey with timely fetching software updates, even with the "keep my mac up to date" button checked. If you can script an known user password on the machine you can fully automate it though. This generally also require some level of user interaction on modern macOS's/Mac hardware. I believe these two are the most popular ways to do so: 1 2. This is non-destructive, it will just take longer. ![]() Option 2 is to download the full macOS Monterey 12.5.1 installer (which you can do with the link here ), and then make a policy that just installs that over top of the OS. Thus modern versions of macOS/Mac hardware essentially require user interaction to complete, until MDM commands improve/are fixed. Home users are the demographic Apple has primarily developed their product for, while the enterprise Mac environments are a languishing thought in the back of their heads often times. ![]() Both essentially bug users to install updates themselves. Another option is utilizing SUPER which is also pretty well documented. Nudge works great, is widely used, and is extremely well documented. Option 1 is to use a 3rd party tool to help gain compliance. It seems like something that in a few years might be good, but it's just not good or reliable currently. However that is extremely flaky, and you lack a real good way to schedule or notify users. As a result Jamf policies running that command no longer work, nor do policies with the software update payload either. Apple depreciated the -iar part of the softwareupdate binary. That specific softwareupdate command doesn't work the same with ARM based Mac computers (or apparently Monterey, I guess, I'm not 100% sure on that). Maybe a policy to cache the update and then install but they still need to be the ones to initiate it (when they have good/fast/reliable internet). but that doesn't even seem to work for Monterey.Īny suggestions? Can't use a caching server, as sometimes these are the only users of ours in a location. I've tried using the Files and Processes with. So we've trained the users to run the update regularly from our self service portal. We're a 24/7 organization with users in every time zone, and many do not have Silicon Valley quality internet (literally leasing lines from sheep herders in some countries or using mobile satellite terminals with bandwidth measure in KB not MB or GB). I'm aware of configuration policies to force updates down onto machines, but we can't do that. ![]() ![]() But obviously this doesn't work now with Monterey (apparently). In the olden days (Catalina and prior) we used the Software Update option to let users install any Apple software updates available (this doesn't include upgrades like 10.15 to 11.x, but just 10.15.x to 10.15.x+).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |