If you want to learn about all the gotchas & corners for MDM-based macOS major upgrades, definitely read @wikiwalk's article

Things that need radars:
- Requires DEP, UAMDM doesn't work
- UX sucks (2 minutes of nothing then reboot?)
- Gated by Apple pushing this notifier
etc.
Also:
- device must be plugged in

Definitely reach out to your MDM vendor and ask about support for this.

There's major MDM protocol handholding song-and-dance they'll need to implement for this to even remotely work.
And your clients will need to be receiving ConfigData updates to get that notification bundle that unlocks all this. If you're doing "assisted" updates with managed Software Update settings and those are disabled, your clients will never see the OS upgrade as available.
Very likely you could force out this update to your clients if you download the notification bundle directly to unlock the OS upgrade.

But it has to be Apple's package, it puts content in /System where third-party packages can't.
But we're, what, 3 weeks after Mojave came out and this notification bundle is just now being published?

So that's another radar - MDM based OS upgrades are gated on the release cycle of this ConfigData.

Which means you can't do it day 1 for your fleet, gotta wait.
It's not our fault Apple has tied their upsell nag to MDM based OS upgrades.

The feature needs to be split or they need to modify their upsell nag to include NotBefore date for the nag itself so the ConfigData can at least go out day 1.
And yeah- the DEP-only thing … is likely because UAMDM literally didn't exist when this MDM functionality was created

And hasn't been updated since because pretty much nobody but Profile Manager was doing this mechanism

And now it's too late to fix 10.13 to unlock it for UAMDM
The undocumented ConfigData requirement, gotchas like power, and the very touchy back-and-forth protocol sequence all line up with why no 3rd party vendors have implemented this.

They all probably figured it was a half-baked feature.
And yet ... if you can get this thing to fire ... gut feeling is that it's a more reliable kickoff than *any* startosinstall automation that anyone out there in the #macadmin community is doing with their tooling.
It's too late for this mechanism to be used for your Mojave rollout unless you're a 100% DEP shop.

But it's not too late to get this into a reasonable shape for the #macadmin community to finally be able to use it for 10.14 -> 10.15 and beyond.

POKE YOUR MDM VENDOR ABOUT THIS

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with mikeymikey

mikeymikey Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mikeymikey

Jan 27
HEY.

#MacAdmins and Mac developers

THIS IS IMPORTANT

**REMOVED**

developer.apple.com/documentation/…
ALSO:

macOS *does NOT* ship with python 3

It ships with /usr/bin/python3 - which is a stub - that the first time you run it, it will *GUI prompt* you to install Xcode or Developer Tools

Bring. Your. Own. Python 3. For. Apps. Or. IT.
Are you now looking for a python distro to use?

python.org has universal installers as of 3.9.2+ at python.org/downloads/maco…

I can *also* recommend this project - built for Mac admins - by @gregneagle and other Mac admins:

github.com/gregneagle/rel…
Read 5 tweets
Jan 26
iOS 15.3 19D50
iPadOS 15.3 19D50
watchOS 8.4
macOS Monterey 12.2 21D49
macOS Big Sur 11.6.3 20G415
support.apple.com/en-us/HT213053
About the security content of iOS 15.3 and iPadOS 15.3
support.apple.com/en-us/HT213057
About the security content of tvOS 15.3
support.apple.com/en-us/HT213059
About the security content of watchOS 8.4
support.apple.com/en-us/HT213054
About the security content of macOS Monterey 12.2
support.apple.com/en-us/HT213055
About the security content of macOS Big Sur 11.6.3
Read 8 tweets
Apr 26, 2018
As a reminder to anyone out there that's dealing with the TLS 1.2 cutover on python's pypi on macOS 10.12: You may still get stung by it if you end up unfortunately needing to deal with setuptools / easy_install packages that you can't get through pip.
Fortunately, @clburlison took work that I did (github.com/pudquick/tlsssl) and improved upon the build process: github.com/clburlison/ven…

This results in a "tlsssl-1.1.0.pkg" package you can install on 10.12 that will hotfix ssl to support TLS 1.1/1.2 in most situations.
Basic usage to get there on 10.12:
- download repo
- cd into code/openssl and run: sudo /usr/bin/python setup.py -vv -p -b -i
- cd into code/tlsssl and run: /usr/bin/python setup.py -vv -b -p

Poof, you have a tlsssl-1.1.0.pkg
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(