Endpoint Services, Workspace ONE, Munki Notification Center Preferences
How to enforce Munki's Managed Software Center notifications on macOS 10.15+ with a Workspace ONE profile.
Systems
Munki Mac Endpoint Management
Workspace ONE Unified Endpoint Management (UEM)
Affected Customers
University of Illinois IT Pros leveraging Technology Services Munki Mac Endpoint Management
Catalina’s New Application Notification Preferences
Beginning with macOS 10.15, an application’s ability to create Notification Center alerts, banners, badges, sounds, etc... must be explicitly allowed by the end user. This includes Munki’s Managed Software Center, as seen in the following per-user prompt the first time Munki runs on macOS 10.15 and up:
Consequences
When the user selects ‘Allow’, they can select among various notification types, and could choose a less-effective approach leading to overlooked software updates.
If the user selects ‘Don’t allow’, Munki won’t present ANY update notifications.
Unless users are in the habit of logging out with the Mac awake and on the wired network (leaving Munki free to run at the login window), the system may fall behind with software updates.
The only automated way to allow Munki to notify the user is with the use of a profile installed via an MDM solution such as Workspace ONE. Installing the profile manually or via Munki will not work.
Managing Munki's Notification Preferences With Workspace ONE
In response to the new application notification behavior, the EPS team has created a custom Workspace ONE profile to enforce the following Notification Center settings for Munki's Managed Software Center:
With this profile installed on macOS 10.15 and up, all logged-in users will receive effective alert-type notifications when Munki updates are available.
[Note that the profile does not change the existing Munki schedule, so devices using Munki Time Window will continue to adhere to the desired schedule.]
To request use of this global profile, or to request provisioning if your unit is not leveraging Workspace ONE for Mac management, please submit an Endpoint Services support request.