Skip to main content

Reported Issues with macOS Software Updates

Summary

Many of our customers have reported issues related to Software Updates on macOS recently. And, we have seen issues here first-hand as well. We believe Apple are working on a number of issues related to software updates over MDM at the moment, but in the meantime, here is some information on the issues and suggested workarounds.

Software Update via MDM Overview

Software Updates for macOS since Big Sur/FileWave 14.1 have been delivered via MDM commands solely. Specifically the MDM commands AvailableOSUpdates tell us what updates are valid for a device, and once we assign an update via fileset, the download of the update is scheduled using the ScheduleOSUpdate command and DownloadOnly action. Periodically, the download progress is checked via the OSUpdateStatus command and once the device reports the update to be 100% completed, another ScheduleOSUpdate with InstallASAP action schedules the installation itself.

Experienced Issues

All in all, the above is quite simple. A standard MDM command is sent to the device to “do stuff”, and the device should do it, and we report results. But, we have seen several issues in the field such as:

  • The actual macOS MDM client process stops, with an error similar to “Client crashed processing: OSUpdateStatus MDMClientError:94”
    • Behaviour: If this happens the system channel of the MDM client will no longer function, and it must be restarted
    • Workaround: See KB article here for instructions on restarting the MDM client process
  • The MDM client receives a command to install a smaller update, such as XProtect or Safari, but the OSUpdateStatus command sticks at “Downloading 0%” and will not proceed
    • Behaviour: Patch does not download, nor apply
    • Workaround: Remove association for update via MDM. Use alternate method for deployment (softwareupdate -i)

  • A larger update, such as Monterey 12.6.3 is assigned, and starts to download, but fails with “Failed to personalize the software update. Please try again.”
    • Behaviour: Download begins, never progresses. Patch remains unapplied
    • Workaround: Use alternate method for deployment (softwareupdate -i )
      • Suggestion: A custom field leveraging the results of softwareupdate -l can be very useful for comparison sake
  • If software update via MDM fails, and a patch is applied locally for the same, the status of the update from MDM still shows an error:
    • Behaviour: Patch is actually applied, but status is not reflected in admin UI
    • Workaround: No known workaround at moment

  • A major upgrade such as macOS Ventura is applied to a device, but the assignment never completes:
    • Behaviour: Error message such as “Unsupported InstallAction for majorOS update” is seen in command history. This is an issue on FileWave’s part.
    • Workaround: Deploy major OS upgrade as a standard fileset using this article. We highly recommend this method regardless, as it will leverage boosters.
  • You may also experience the following if checking for updates locally on the device. Despite the device being on a network and manual access to the download pages are accessible:
    • Behaviour: Unable to check for updates. Make sure you are connected to the internet.
    • Workaround: No known workaround.
      • Suggestion: The command line tool will show the following in this instance.
# softwareupdate -l
Software Update Tool

Finding available software
The operation couldn’t be completed. (NSURLErrorDomain error -1012.)

Workarounds

Please take a look at Address Stalled MDM Commands for the best workaround we've found. Please also consider opening an Apple Enterprise Support ticket as well as a FileWave Support ticket and letting us know the Apple ticket number. 

You can also look at solutions like macOS Software Updates with Nudge using the JSON file method to avoid the dependency on MDM commands working.

Related Content

No Comments
Back to top