When you schedule a Managed Software Delivery policy, you can assign different schedules for compliance and remediation. For example, you can schedule the compliance process to occur during the day and the remediation to occur only during a maintenance window.
Table: Compliance and remediation actions
Compliance on Mac computers depends on the delivery method you select to install the software, as follows:Using Quick Delivery or Managed Delivery installs the software.
If you select Quick Delivery to install the software, then no detection is executed. In this case, you execute a command line command.
To determine which software is installed on a Mac client computer, you must create a Software Inventory task that runs periodically and detects installed software. As a result of running this task, the information appears in Notification Server.
If you select Managed Software Delivery, when you execute delivery you first verify in your local cache if the software was installed previously. This cache is located inside the swc.dat file in the SMFagent on the client side.
If a record of the software is present in that file, then delivery is not executed. If no information about the software is in the cache, then you execute a command line.
You have the following options for ensuring that software appears in the cache:
If you installed the software manually, when you set Software Inventory to run the cache is also updated.
If software is installed using Managed Software Delivery, the cache is updated when the software delivery is executed.
Remediation is the act of fixing any software that is out of compliance on the client computer. The nature of the remediation depends on the command-line action that the Managed Software Delivery policy performs. For example, an installation command runs when the compliance check returns False, and an uninstall command runs when the compliance check returns True.
The following example illustrates how the installation command line determines the remediation action:
Assume that you want to install antivirus software on all managed computers that do not have it installed. You create the Managed Software Delivery policy and select an installation command line. When the policy runs, the compliance check determines whether the specified antivirus software is installed.