What operating system version is your computer currently on? Are you on the latest version of your operating system? Operating systems, or OSes, get periodic updates in the same manner as normal applications installed on your computer. These updates can involve security patches and bug fixes, and they can bring new features to end users. To this point, it is important that we keep our OS up to date to make sure we reduce our risk of vulnerabilities and have access to the latest and greatest features available.
From a managed endpoint perspective, we are responsible for making sure that these updates are applied to the computers we oversee in a timely manner. For macOS, the last two updates (at the time of this writing, 12.5.1 and 12.6) included security patches that needed to be pushed out as soon as possible. There are many different ways to process these updates, which can include:
- Nudging the end user to install the update themselves
- Caching the macOS installers on the end user’s computer, then running the installer
- Using an MDM to process the updates
For this post, I will talk about how we can automate a workflow for processing updates to our end-user computers with the help of Microsoft Power Automate and Jamf Pro.
How to pair Microsoft Power Automate with Jamf Pro
Microsoft Power Automate is a platform for automation of recurring tasks. Power Automate can receive data, process the data, then perform defined actions with the data. In this case, we are receiving computer update information from Jamf Pro via a webhook, filtering out the computer ID information and available software updates, then calling the Jamf Pro API inside of Power Automate to process the available update.
To get started, we need to make sure there is a Smart Computer Group set up in Jamf Pro to target our Webhook against. We are looking for computers with available software updates for the criteria of this group. When using a Smart Computer Group for this, a computer will get added to the group when it has an update available. When the update is processed and no longer available, the computer will be removed from this group; this helps in the automation processes, as we do not have to manually specify which computers to send updates to.
To learn more about how to utilize webhooks in Jamf Pro, please visit: Jamf Pro Developer Guide - Webhooks and Jamf Pro Documentation - Webhooks. Jamf Pro can send the data for our Smart Computer Group membership change to Power Automate; Power Automate will then parse the data and find the computer ID to apply updates to. During the process, Microsoft Power Automate will make a few more API calls to find the available software updates for the computer ID, then finally send the applicable update to the end-user computer for processing via a MDM command.
For a deeper dive into this process, check out our JNUC ‘22 presentation!
Subscribe to the Jamf Blog
Have market trends, Apple updates and Jamf news delivered directly to your inbox.
To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.