0 Replies
      Latest reply on Jun 15, 2016 4:42 PM by rtrouton
      rtrouton Level 1 Level 1 (0 points)

        Question:

         

        How does the MDM command to "Install major update" force macOS Sierra upgrades on DEP-enabled Macs?

         

        Is the user asked to authorize the upgrade, or does the upgrade happen with or without user consent?

         

         

        Answer:

         

        It downloads the OS installer from the MAS, and triggers the startosinstall command line tool.

         

        It behaves like a restart-required software update:

         

        • If the user is logged-in and there is unsaved data, it will nag you that there is a pending software update and to please restart.
        • If nobody is logged-in (i.e. at loginwindow), the OS upgrade starts without user intervention.

         

         

        Question:

         

        Can both the ALF and PF firewalls be configured via MDM?

         

         

        Answer:

         

        Yes, with caveats. Refer to Sierra's Profile Manager for the currently supported functionality.

         

         

         

         

        Question:

         

        Are the ALF and PF firewalls configured via Profiles (.mobileconfig) or directly via MDM commands?

         

         

        Answer:

        Configuration profile (.mobileconfig file)

         

         

         

         

        Question:

         

        Can firewall logging also be configured this way? If so, can the new log command line utility see the logs, so that firewall logs can be viewed as JSON?

         

        Answer:

         

        No.

         

         

        See complete list of session and lab notes here:

        https://forums.developer.apple.com/message/142899