Tag: macOS

AppleScript Force Software Updates

I needed a simple way to force Mac’s to run all updates from the Apple App store and then restart but give users notification and an option to defer for a set time.

This is what I came up with.

AppleScript that runs a

1
softwareupdate -l

if anything is found it then runs

1
softwareupdate -i -a

which will install all available updates. After completion it then has kicks off a dialogue box informing the user the Mac needs a restart. They have two options, defer for 5 minutes or restart straight away.

The script will be added to Library/Scripts/ along with the linked company logo via JAMF install on Check-in

It can be run via ssh into the Mac and

1
osascript /Library/Scripts/update_restart_script.scpt

or via a JAMF policy with a Process payload.

Hopefully this will be more reliable that JAMF policies which either stay as pending or fail to restart the Mac even though set to Restart Imemdiately.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
if (do shell script "softwareupdate -l") contains "*" then
    do shell script "softwareupdate -i -a"
    tell application "Finder"
        activate
        repeat -- forever
            set answer to button returned of (display dialog "Mandatory updates have been applied." & return & "Your Mac is ready to restart." & return & return & "Please close all applications and click RESTART." & return & return & "For further information email: support@yourcompany.com" with title "Mandatory Security Update - Restart Required" with icon {"/Library/Scripts/logo.png"} buttons {"Wait 5 minutes", "RESTART"} default button "RESTART")
           
            if answer is equal to "RESTART" then
                tell application "Finder" to restart
                exit repeat
            else
                delay 300 -- time in seconds 300 is 5 minutes
            end if
        end repeat
    end tell
end if

Proxy Setting for all network devices

An issue that came up recently was the proxy URL and bypass was not being set correctly when connecting a Mac via USB-A or USB-C cable to a network enabled device, like screen, docks or hubs. DisplayLink was installed so they were all making a network connection but as no proxy was set there were a few access issues.

In the past setting network settings via a script had been pretty easy but now Mac’s don’t have a network port and desks are ¬†switching to a single cable solution which is USB-C to a dock which than connects to screens, ethernet and power its got a little harder.

The previous solution was to identify the device and add the settings, for example if it was an ethernet connection then you just specify the connection and the details:

1
2
networksetup -setautoproxyurl "Ethernet" http://urltoyourproxy.pac
networksetup -setproxybypassdomains "Ethernet" "*.local" "169.254/16" "*.adomain.com"

You could add this for various devices that were used to connect to a network:

1
2
3
4
networksetup -setautoproxyurl "Apple USB Ethernet Adapter"
networksetup -setautoproxyurl "Wi-Fi"
networksetup -setautoproxyurl "Thunderbolt Ethernet"
networksetup -setautoproxyurl "USB Ethernet"

The problem was with docks and hubs and screens all being different names and makes and models there  you would have to set each item specifically:

1
networksetup -setautoproxyurl "Philips 231P4U"

Clearly this is not ideal as usually as an Admin you have no idea what is being put on a desk, so another solution was required.

The following script is via a variation from MacMule, this loops through all the devices that have been connected or are connected and regardless of name adds in the required details.

Simply set you values at the top of the script. The script can then be deployed via MDM such as JAMF and set it to run on network change. Now when a Mac changes network connection the script loops through and adds in the the correct proxy URL and proxy bypass details.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/bin/sh
####################################################################################################
#
# More information: https://macmule.com/2014/12/07/how-to-change-the-automatic-proxy-configuration-url-in-system-preferences-via-a-script/
#
# GitRepo: https://github.com/macmule/setAutomaticProxyConfigurationURL
#
# License: http://macmule.com/license/
#
# Updated to add proxyBypass settings by M Griffin October 2017
####################################################################################################

# HARDCODED VALUES ARE SET HERE
autoProxyURL="http://urltoyourproxy.pac"
proxyBypassDomains="*.local 169.254/16 *.adomain.com"

# CHECK TO SEE IF A VALUE WAS PASSED FOR $4, AND IF SO, ASSIGN IT
if [ "$4" != "" ] && [ "$autoProxyURL" == "" ]; then
autoProxyURL=$4
fi

# Detects all network hardware & creates services for all installed network hardware
/usr/sbin/networksetup -detectnewhardware

IFS=$'\n'

#Loops through the list of network services
for i in $(networksetup -listallnetworkservices | tail +2 );
do

# Get a list of all services
proxyBypassDomainsLocal=`/usr/sbin/networksetup -getproxybypassdomains "$i" | head -1 | cut -c 6-`

# Echo's the name of any matching services & the autoproxyURL's set
echo "$i Proxy set to $proxyBypassDomainsLocal"

# If the value returned of $autoProxyURLLocal does not match the value of $autoProxyURL for the interface $i, change it.
if [[ $proxyBypassDomainsLocal != $proxyBypassDomains ]]; then
/usr/sbin/networksetup -setproxybypassdomains $i $proxyBypassDomains
echo "Set proxy bypass for $i to $proxyBypassDomains"
fi

if [[ $autoProxyURLLocal != $autoProxyURL ]]; then
/usr/sbin/networksetup -setautoproxyurl $i $autoProxyURL
echo "Set auto proxy for $i to $autoProxyURL"
fi
# Enable auto proxy once set
/usr/sbin/networksetup -setautoproxystate "$i" on
echo "Turned on auto proxy for $i"

done

unset IFS

# Echo that we're done
echo "Auto proxy present, correct & enabled for all interfaces"

Recent Posts

Recent Comments

    Archives

    Categories

    Meta

    GiottoPress by Enrique Chavez