Mac devices are constantly growing as the default workstation for businesses today. These devices have their own sets of upgrades and updates coming through Apple, and these patches need to be managed with care, to keep the network of assets running smoothly without bugs.

With SuperOps.ai’s MacOS patch management, you can remotely keep your client’s Mac assets up to date by approving the suitable patches and deploying them automatically.

With macOS patch management, you can create policy sets for your Mac workstations and servers on a global level to manage patching requirements for these devices at scale. Based on the patch’s priority, you can automate the approval process and ensure that critical patches and security updates are deployed ASAP.

Now that we’ve seen what MacOS patch management can do, let’s dive into how we can set up patching in a policy set.

1. Navigate to Settings > Policy Management > Mac Workstation Policies > Patch management.

2. Turn on patch management by toggling the switch in the right corner.

3. Click ‘Schedule’ to create deployment schedules for patches. And choose conditions to filter based on the category and severity of the patches.

💡 SuperTip:

You can create multiple deployment schedules with different conditions.

4. Select approval levels based on the patch severity category from the drop-down list.

📝 Note:

The default for Optional and Recommended categories is set as ‘Manual’ and ‘Approve’ respectively.

5. Once you are done, click the ‘Save’ button to successfully create the policy.

💡 SuperTip:
You can create more focused policies on a client/site/asset level by choosing them from the drop-down list on the top right of the screen.

Asset patch view:

4. You can select the patches you want to approve or reject either globally or at the asset level.

Patch list view:

3. You can also apply filters to view specific patches. Click on the Filter button in the top right corner and select the conditions you want to apply.

For example, to view just Mac patches, you can select ‘Asset Class is Mac’ from the drop-down menu and select ‘Apply’ to enable the filter.

OS compatibility

Note: You may encounter issues with Catalina (macOS 10.15)

Things you need to know:

To do that, Navigate to System Preferences > Security and Privacy > Full Disk Access, and select superops and updmgr.

2. Only software updates are installed during the scheduled patch installation cycle. Currently, you can not manage MacOS upgrades with SuperOps.ai. For example, Big Sur 11.5 to Big Sur 11.6 update will be installed during the patch cycle, but macOS Big Sur to macOS Monterey upgrade will not be installed.

3. Before the update process begins, please ensure that the Mac asset is connected to a power supply and has access to a steady internet connection.

4. A prompt appears when there is a Mac patch scheduled for installation as shown below. The admin user has to log in and provide the password to start installing the patches.

📝 Note:
The prompt will be active for only 10 minutes. If the installation fails, or if the prompt is missed, then the patch will only be installed in the next patch deployment schedule.

5. Only three attempts are allowed in a cycle for the user in case of an incorrect password. If the incorrect password limit is exceeded, the patch installation can only be attempted in the next patch cycle.

📝 Note:
​The user must be logged in for the installation to be triggered. If the user is logged out before the installation is complete, then the installation will fail and can be installed in the next patch cycle.

6. In case the update installation fails, please reboot the machine and try installing the patches again.

7. Any force reboots that take place during the installation are system-driven; SuperOps.ai does not have any control over them.