If you want to learn about all the gotchas & corners for MDM-based macOS major upgrades, definitely read @wikiwalk's article
Things that need radars:
- Requires DEP, UAMDM doesn't work
- UX sucks (2 minutes of nothing then reboot?)
- Gated by Apple pushing this notifier
etc.
Things that need radars:
- Requires DEP, UAMDM doesn't work
- UX sucks (2 minutes of nothing then reboot?)
- Gated by Apple pushing this notifier
etc.
https://twitter.com/wikiwalk/status/1052555638985895936
Also:
- device must be plugged in
Definitely reach out to your MDM vendor and ask about support for this.
There's major MDM protocol handholding song-and-dance they'll need to implement for this to even remotely work.
- device must be plugged in
Definitely reach out to your MDM vendor and ask about support for this.
There's major MDM protocol handholding song-and-dance they'll need to implement for this to even remotely work.
And your clients will need to be receiving ConfigData updates to get that notification bundle that unlocks all this. If you're doing "assisted" updates with managed Software Update settings and those are disabled, your clients will never see the OS upgrade as available.
Very likely you could force out this update to your clients if you download the notification bundle directly to unlock the OS upgrade.
But it has to be Apple's package, it puts content in /System where third-party packages can't.
But it has to be Apple's package, it puts content in /System where third-party packages can't.
But we're, what, 3 weeks after Mojave came out and this notification bundle is just now being published?
So that's another radar - MDM based OS upgrades are gated on the release cycle of this ConfigData.
Which means you can't do it day 1 for your fleet, gotta wait.
So that's another radar - MDM based OS upgrades are gated on the release cycle of this ConfigData.
Which means you can't do it day 1 for your fleet, gotta wait.
It's not our fault Apple has tied their upsell nag to MDM based OS upgrades.
The feature needs to be split or they need to modify their upsell nag to include NotBefore date for the nag itself so the ConfigData can at least go out day 1.
The feature needs to be split or they need to modify their upsell nag to include NotBefore date for the nag itself so the ConfigData can at least go out day 1.
And yeah- the DEP-only thing … is likely because UAMDM literally didn't exist when this MDM functionality was created
And hasn't been updated since because pretty much nobody but Profile Manager was doing this mechanism
And now it's too late to fix 10.13 to unlock it for UAMDM
And hasn't been updated since because pretty much nobody but Profile Manager was doing this mechanism
And now it's too late to fix 10.13 to unlock it for UAMDM
The undocumented ConfigData requirement, gotchas like power, and the very touchy back-and-forth protocol sequence all line up with why no 3rd party vendors have implemented this.
They all probably figured it was a half-baked feature.
They all probably figured it was a half-baked feature.
And yet ... if you can get this thing to fire ... gut feeling is that it's a more reliable kickoff than *any* startosinstall automation that anyone out there in the #macadmin community is doing with their tooling.
It's too late for this mechanism to be used for your Mojave rollout unless you're a 100% DEP shop.
But it's not too late to get this into a reasonable shape for the #macadmin community to finally be able to use it for 10.14 -> 10.15 and beyond.
POKE YOUR MDM VENDOR ABOUT THIS
But it's not too late to get this into a reasonable shape for the #macadmin community to finally be able to use it for 10.14 -> 10.15 and beyond.
POKE YOUR MDM VENDOR ABOUT THIS
• • •
Missing some Tweet in this thread? You can try to
force a refresh
