Description
Upgrades can be completed via MDM commands or via policy. If you want to run this through a policy, see the blog post for the different policy options and caveats. This knowledge article will outline one policy method.
Requirements:
User logged in needs to be an Admin account
User logged in needs to be have SecureToken enabled
We'll need to make two policies: one to download the macOS installer, the other to run the installer.
Upgrading your M1 MacOS Computer
Policy 1
Download the MacOS Installer Files and Processes Payload > Configure
Execute Command:
/usr/sbin/softwareupdate --fetch-full-installer --full-installer-version 1X.X.X
Policy 2
Install MacOS Files and Processes Payload > Configure
Execute Command:
echo '[admin_password]' | '/Applications/Install macOS [Operating_System].app/Contents/Resources/startosinstall' --agreetolicense --forcequitapps --user [admin_username] --stdinpass
Encrypting a Password for Your Computer
Follow the steps provided in the script for more details: https://github.com/pip-b0y/MacOS/blob/master/helpers/M1_MacOS_Updater.sh
The Script will also mention another link to generate the encrypted password using the link below:
https://github.com/pip b0y/Random_tools/blob/main/PasswordMash/PasswordMash_signed.dmg
Once we've created the password, upload the script into Jamf Pro via Settings > Computer Management > Scripts.
Replace Policy 2 above with the following:
Policy 2* - Install MacOS 2.0 Script payload > Configure Add the MacOS Installer Script