Jaime Gago Condensing Information Systems From the Vapor Of Data

22Dec/092

Apple Software Updates In A Business Environment

There are many ways to deal with Apple Software Updates, here’s the one I’m currently using with the Mac pool (300+) I am in charge of.

1)Automate the download from the mother ships aka Apple servers back to my home planet aka my LAN and make the updates available.

For this I use the Software Update Service that ships with Os X Server . Although I automatically download the updates I only enable them after I have tested them.

In my config I have found that one local SUS is plenty, if you need more than one  you can easily redirect the other(s) SUS to your principal, check Page 87 of this Apple doc

2)Point the Macs that *always* stay in the Home LAN to the Home Beacon aka my local SUS.
I manage my pool via Open Directory so all I have to do is use Workgroup Manager and set the Software Update Preferences to my local SUS using its URL (http://my_osx_server_hosting_SUS:8088/index.sucatalog ) and voila... If you need to point unmanaged clients check Page 88 of this Apple doc

3)After I’ve enabled a new update, I have to say “go and collect your minerals updates” to my SVCs clients.

I use Apple Remote Desktop to “Send a Unix command” as root (i.e. softwareupdate -i -a).

Also with 300+ Macs I often end up with one in my office that’s pointing to Apple SUS that I want to update, for example after re-imaging.
And so I have I written a short shell script that does this:
-Makes the Mac to point at my local SUS for updates
-Launch the updating process
-Reset to the default Apple SUS
-Reboot

Here it is

#!/bin/bash
#
#Apple software update via local SUS, machine will reboot.
#Requires Admin level access. Better not to interrupt...
#
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL "http://lo.cal.sus:8088/"
echo "Now pointing to Local SUS"
softwareupdate -i -a
echo "Apple software updated"
defaults delete /Library/Preferences/com.apple.SoftwareUpdate CatalogURL
echo "Now pointing to Apple SUS Mother Ships."
#Reboot needed?
if [ -e /var/db/.AppleSoftwareUpdateAtLogout ]; then
    echo "reboot needed:rebooting"
    osascript -e 'tell application "Finder" to restart'
fi
exit 0

At last since the laptop ratio of my pool is seriously increasing and since I don’t want to manage the Software Update Preference for those, I am looking into playing with DNS  as in this Mac Os X Hints post.


Filed under: Server Leave a comment
Comments (2) Trackbacks (0)
  1. Brian Rothshild
    December 28th, 2009 - 09:38

    Wow,

    Awesome! I admit my tech support skills are limited to LAN or Mac2PC-PC2Mac. Never had the op to manage more than 25-30. Now I see why x10 (250-300+), and network admin is soooooo very important. That’s my dilemma. I’m half production art/half tech support so it’s hard to decide which way to swing. The only UNIX I know are simple RIP server commands. I’m going to ask to link with you formally via LinkedIn.

    You’re smart Jamie, and kind to share (even if I only understand 2/3rds of what you just said ;-)

    ( REPLY )
    • Jaime
      December 28th, 2009 - 13:27

      Hey Brian, Thanks for the nice comment. Dividing your time between such different animals must be -at the very least- complicated, I have been doing some Computer Science teaching on top of Systems Architecture for a couple years and I understand your dilemma. My way out of this situation was to make a choice (i.e. Information Systems) and stick to it no matter what. Happy holidays!

      ( REPLY )

Leave a comment


No trackbacks yet.

» «

Categories

Tags

My Delicious

Blogs I Read

Books

Planned books:

None

Current books:

  • DNS and BIND, Fourth Edition

    DNS and BIND, Fourth Edition by Paul Albitz, Cricket Liu

  • The Mathematical Theory of Communication

    The Mathematical Theory of Communication by Claude E Shannon, Warren Weaver

Recent books:

View full Library