Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
19 views3 pages

2.deployment & Patching Process (Monthly) - Jamf & SCCM

The document outlines a structured monthly app deployment and patching process for both macOS using Jamf Pro and Windows using SCCM. It details workflows for managing updates, including automated and manual methods, and provides a suggested schedule for each platform. The summary emphasizes the importance of testing updates before full rollout and utilizing tools to streamline the patching process.

Uploaded by

bharathbabu2022
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views3 pages

2.deployment & Patching Process (Monthly) - Jamf & SCCM

The document outlines a structured monthly app deployment and patching process for both macOS using Jamf Pro and Windows using SCCM. It details workflows for managing updates, including automated and manual methods, and provides a suggested schedule for each platform. The summary emphasizes the importance of testing updates before full rollout and utilizing tools to streamline the patching process.

Uploaded by

bharathbabu2022
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

1.

Jamf Pro (macOS) – Monthly App Deployment &


Patching
🛠 Apps Typically Managed:

 Adobe Reader
 Google Chrome
 Mozilla Firefox
 Slack, Zoom, etc.

🔁 Jamf Patching Workflow (Step-by-Step)

A. Option 1: Using Jamf Patch Management (Built-in)

Good for macOS apps that support patch titles, like Chrome, Firefox, Adobe Reader.

1. Go to: Computers > Patch Management


2. Click New → Select app (e.g., Chrome)
3. Add software title to patch reporting
4. Create a Smart Group (e.g., “Chrome < 126.0”)
5. Create a policy to:
o Install latest .pkg
o Trigger: Recurring Check-in
o Scope: Smart Group

✅ Automatically updates devices with outdated versions.

B. Option 2: Manual Packaging via Composer or Vendor PKGs

For apps not in Jamf patch titles, like Notepad++ via Wine (if needed).

1. Download latest .pkg from vendor (e.g., Chrome or Adobe)


2. Or, build using Composer
3. Upload package to Jamf
4. Create a monthly deployment policy:
o Trigger: Recurring check-in or Monthly custom trigger
o Scope: Static/Smart Group
o Payloads: Package, optional restart or notification

📅 Suggested Monthly Schedule:

 Week 1: Check vendor websites for updates


 Week 2: Upload/update packages in Jamf
 Week 3: Deploy to test group
 Week 4: Full rollout via Smart Group or site-based scope

💡 Tips for Jamf


 Rotate app patching weekly to avoid overloading systems
 Use Self Service for optional user-initiated upgrades
 Use extension attributes to detect versions if patch title is missing

🖥️ 2. SCCM (Windows) – Monthly App Deployment &


Patching
🛠 Apps Typically Managed:

 Adobe Acrobat Reader DC


 Notepad++
 Google Chrome
 Mozilla Firefox
 WinRAR, VLC, etc.

🔁 SCCM Software Update Workflow (Step-by-Step)

A. For Microsoft Patches (via WSUS integration):

1. Open SCCM Console


2. Go to Software Library > Software Updates
3. Sync WSUS updates
4. Create Software Update Group (SUG) (e.g., “July 2025 Updates”)
5. Deploy to device collections

B. Third-Party App Updates (Adobe, Chrome, Firefox, etc.)

Option 1: Manual Upload

1. Download .msi or .exe from vendor (Adobe, Google, etc.)


2. Create Application in SCCM:
o Use MSI detection
o Set uninstall/install strings
3. Deploy to collection (Pilot group first)
4. Monitor via App Compliance reports

Option 2: Use SCUP or Patch My PC (3rd-party patching tool)

Automates patching for 3rd-party apps in SCCM.

 Integrates with SCCM via WSUS


 Auto-publishes updates for Chrome, Adobe, Firefox, etc.
 Saves packaging time

📅 Suggested SCCM Monthly Cycle:

Week Task
Week 1 Gather vendor updates
Week 2 Package and deploy to IT pilot
Week 3 Monitor, resolve issues
Week 4 Deploy to all users

📋 Version Detection Examples


Jamf Smart Group Criteria (e.g., Chrome):

yaml
CopyEdit
Application Title: Google Chrome
Application Version: less than 126.0

SCCM Detection Method (MSI example):

bash
CopyEdit
Product Code: {AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Version: 23.008.20423

️ Interview Summary Response:


“We follow a structured monthly patching cycle. On macOS, I use Jamf’s built-in Patch
Management for apps like Chrome and Adobe, creating Smart Groups to target outdated
versions. I automate policies to run on recurring check-ins and test before full rollout. On
Windows, I use SCCM with WSUS and third-party tools like Patch My PC to manage app
updates. We deploy in phases, starting with IT and moving to production, ensuring minimal
disruption.”

You might also like