Aka “Adobe Deployment Testing: Autumn 2019”
Updated 2019.11.20 – See below
Updated again 2019.12.07 – See below
Hey folks. Hot on the heels of my last Adobe post, is another one! Strap in, it’s gonna be a long one…
Almost a month ago, Apple announced the release of their new macOS, Catalina. And there was much rejoicing.
Shortly after this, a few reports started to emerge in the MacAdmins #Adobe channel regarding deployment issues and this new OS.
I must admit, between other work commitments and time zone differences from here to the U.S. I missed a fair amount of the conversation. I found myself a little lost in what was confirmed and what was still suspected.
On November 7th Foigus shared a testing plan he’d completed to try and nail down some specifics. I decided to extend his testing further, both to confirm his findings and to check other conditions.
This post details the tests performed and the findings. Hopefully it’ll be useful to some!
All Adobe installs on macOS Mojave (10.14.6) should work fine as before (with the usual random failures).
Almost all Adobe installs on macOS Catalina (10.15.1) at the login window will fail with the error code 84. Regardless of the result, CCDA will still be installed but no other Applications.
The plan was to test a selection of packages, with various options across both ‘current’ macOS versions. This would also take into account different user scenarios and deployment techniques. In order to speed things up, I elected to use Virtual Machines for each test. This would allow me to quickly rollback changes between tests and allow repetition if required.
Virtual Machine Setup
I created two macOS Virtual Machines, both of which were assigned 2 processor cores, 4 GB RAM and 80GB of storage. These were built in the latest version of VMWare Fusion Pro (v11.5.0, build 14634996), with the latest non-beta release of the Munki tools installed (v3.6.4). One was built with the latest release of macOS Mojave (10.14.6, build 18G1012), with the other the latest build of macOS Catalina (10.15.1, build 19B88).
The creation process for each VM was:
- Fresh installation of macOS in VMWare Fusion Pro using the relevant Install macOS application
- Manual edit of the VM configuration file to add a ‘real’ Serial Number and a Model Identifier of iMac18,2
- No MDM or management solution enrolment
- Creation of 1 local administrator account (“Admin User”)
- Creation of 1 local non-administrator account (“Non-Admin User”)
- Log into each account to clear any first run or setup messages
- Enabling of SSH and ARD (Remote Management) options
- Installation of the VMWare Tools
- Installation of all available macOS software updates
- The Adobe Log Capture tool disk image copied into /Users/Shared/
- Munki client tools installed and configured to use a test Munki Repo
- No further additional software or applications installed
- Shutdown of VM
- VM snapshot taken.
This then formed the basis for the tests.
I decided to use 3 different Applications, all at the latest versions at the time of testing:
- Adobe CCDA only (18.104.22.1684)
- Adobe Photoshop CC 2019 (20.0.7)
- Adobe Photoshop 2020 (21.0)
In order to test all options with the above Applications, 7 packages were created. All packages were created as NUL (Named User Licensing):
This package is a “Self-Service” package, with no other options or applications. It only contains the Adobe CCDA.
This package is a “Managed” package with the default options enabled. The language was left as “Use OS locale” and “English (North American)”. It only contains the Adobe CCDA.
This package is a “Managed” package with the default options enabled plus all additional options. The language was left as “Use OS locale” and “English (North American)”. It only contains the Adobe CCDA.
This package is a “Managed” package with the default options enabled. The language was left as “Use OS locale” and “English (North American)”. It contains the Adobe CCDA and Photoshop 2020.
This package is a “Managed” package with the default options enabled plus all additional options. The language was left as “Use OS locale” and “English (North American)”. It contains the Adobe CCDA and Photoshop 2020.
This package is a “Managed” package with the default options enabled. The language was left as “Use OS locale” and “English (North American)”. It contains the Adobe CCDA and Photoshop CC 2019.
This package is a “Managed” package with the default options enabled plus all additional options. The language was left as “Use OS locale” and “English (North American)”. It contains the Adobe CCDA and Photoshop CC 2019.
macOS Versions Used
As mentioned above, all testing was performed on two versions of macOS, Mojave (10.14.6, build 18G1012) and Catalina (10.15.1, build 19B88).
Deployment Methods Used
I originally planned to use 4 different deployment methods for each test, however I didn’t have a license for Apple Remote Desktop (ARD), so I dropped this. This is still mentioned in the results spreadsheet but left blank. The 3 final deployment methods I decided on were:
- SSH / CLI, consisting of:
- Copying the zipped installers to the VM into /Users/Shared/
- Unzipping the installers on the VM
- SSH’ing into the VM
- Running the package with the command
sudo installer -pkg /Users/Shared/path/to/unzipped/package.pkg -target / -verbose
- Successful installation criteria is an install successful message from the installer binary
- Munki, consisting of:
- Adding the packages into Munki (stored in a disk image as they are bundle packages)
- Initiating the installation via the Managed Service Centre “Update” button
- Some tests had the installs also ‘require a logout’ to force an install at the login window.
- Successful installation criteria is an install successful message from the Munki installer command
- GUI, consisting of:
- Coping the zipped installers to the VM
- Unzipping the installers on the VM
- Double-clicking to launch the package in the installer application.
- Successful installation criteria is an install successful message from the Installer App.
In addition to all the above components, I tested the following scenarios:
- Admin user logged in and screen unlocked
- Admin user logged in and screen locked before performing installation
- Non-Admin user logged in and screen unlocked
- Non-Admin user logged in and screen locked before performing installation
- No user logged in (at the login window)
The Testing Process
For each test, the same process was followed in order to maintain consistency:
- Power up VM
- Run the relevant test
- If the test involved Munki, grab a copy of the logs from /Library/Managed Installs/Logs/ (no matter the result)
- Run the Adobe Log Capture Tool and save the logs (no matter the result)
- Copy log files to test numbered folder on VM Host’s Desktop
- Restore VM snapshot.
Testing Tweaks and Changes
During the testing, 3 tweaks / changes were made:
- If a test failed, after the logs were gathered the VM was reverted and a repeat of the test was conducted. Logs were also collected and stored for the repeated test
- I realised I didn’t have a license for Apple Remote Desktop (ARD) so I skipped those tests
- Some theoretical scenarios were not possible and so were skipped. Examples include:
- Running a GUI installation at the login window
- Triggering a Munki install with a locked screen via Managed Software Center
Testing Results and Findings
So of the originally planned 280 different tests, 158 were actually performed. A full spreadsheet of the results can be found here. Green indicates a successful deployment, Red a failure, and yellow a test that wasn’t possible.
And so my findings…
- Sometimes deployments would fail in 10.14.6. No correlation between the failures, and second runs of the exact same test (on rolled back VMs) worked fine
- This one I’m probably gonna chalk up to standard random failures
- If you enable the “Enable browser based login” for a package, each user login results in the Adobe CCDA auto-launching minimised, with an Adobe login page opened in the default browser
- This might be an annoying new feature for most
- Installations on 10.15.1 via SSH/CLI at the login window resulted in a failure.
- If this was a CCDA-only package, the CCDA still appeared to install and work fine.
- If this was another package, the CCDA appeared to install and work fine, but the accompanying Application install did not.
- Re-running this test under the same conditions occasionally resulted in a successful installation, even with the VM restored to the same pre-install point. No specific pattern was found.
- Some installations on 10.15.1 via Munki “logout required” (at the login window) failed.
- As above, the CCDA still installed and appeared to work
- All installations on 10.15.1 via Munki “logout required” (at the login window) failed if they contained a version of Photoshop.
- As above, the CCDA still installed and appeared to work but Photoshop was not installed
The issue has been raised by a number of Mac Admins in the Adobe channel and with Adobe themselves. I’ve also raised this with Adobe direct.
I’d strongly suggest you verify at least the failures I’ve mentioned above, then log tickets with Adobe support. Include your impact numbers and exact steps to replicate where possible.
Also, other Admins have been kind enough to share their ticket numbers, with a current list available here. Feel free to link them into yours, then add yours to the list.
From my own interactions, Adobe is aware of the issue and has escalated it to Product Engineering as a high priority bug. No details on an ETA to resolution yet.
Follow Up Testing
At the moment, I’m a little tested-out, but I’ve got further thoughts about follow up testing that may be useful if no progress is made:
- Testing with SDL Packages
- Testing with other Adobe applications
- Testing with Apple Remote Desktop deployments
- Testing with Jamf deployments
- Testing with other Mac management venders
Well there you go, that’s the full details of my testing of Adobe Packages last weekend!
As always, if you have any questions, queries or comments, let me know below (or @daz_wallace on Mac Admins Slack) and I’ll try to respond to and delve into as many as I can.
There have been some reports that issues with deployments on Jamf Pro should be resolved now. I conducted a second set of very compressed tests and found there is still no changes to the results I’ve found above.
Full breakdown of these additional tests can be found in the second workbook called “Round 2”, found here.
On the 5th December, there was further reports that more fixes have been implemented. I ran another very small selection of tests on macOS Catalina 10.15.1 at the login window and found there is still no changes to the results I’ve found above.
For the record, the new packages were created on the 5ht December from scratch, and tested on the 7th December.
Full breakdown of these additional tests can be found in the second workbook called “Round 3”, found here.