An email notifying users of the update and deadline to install it, after which the update would be installed automatically.A Self Service policy for our users to install the security update at their convenience.An automated policy to invoke the on-demand policy via custom trigger to download the security update behind the scenes.An on-demand policy with a custom trigger to download the security update.A script to install the cached security update.A script to refresh the available softwareupdatelist and download the desired security update.A smart group containing all the eligible machines for the security update.
Upgrade jamf pro Patch#
Determine the softwareupdate name of the patch and the update ID of the folder that gets created in /Library/Updates.I opted instead to use the Mac’s built-in softwareupdate command-line tool to cache the security update for a later install triggered by our users. While Jamf Pro supports the ability to install all available software updates via policy, I only wanted to download and install the applicable security update. However, at the time Apple had not yet released the update to their support page yet, and while I’ve been eager to test and deploy reposado to keep the update deployment within our LAN, rather than out to Apple’s servers, it just wasn’t feasible given the time-frame. Normally I prefer grabbing Apple-related updates through their Support Downloads page, as this allows us to upload a single PKG to our distribution point, and then cache the PKG on our machines so that our users can then install the software at their convenience through Self Service.
So, it was time to figure out a workflow.Īpple normally releases software updates through the Mac App Store and later through other sources. Up until this point we haven’t had a reason to deploy a institution-wide patch to all our managed Macs, and we actively disable automatic software checks. While we avoid performing major OS and other software updates during the year to avoid negatively impacting our users, we were eager to patch this widely known security hole. To address the Meltdown vulnerability, Apple released a security update for macOS High Sierra (10.13) and later for Sierra (10.12) and El Capitan (10.11).
0 kommentar(er)
