App Auto-Patch can be configured via command line, your own custom script, or an MDM configuration profile.

The AAP script automatically installs itself and its necessary components anytime it's run from outside its working folder /Library/Management/AppAutoPatch. This installation is acceptable for most administrators so there is not a configurable option to modify this default path. However, because AAP is a bash script, you can easily modify the appAutoPatchFolder="/Library/Management/AppAutoPatch" parameter via any text editor before running or deploying App Auto-Patch.

After installation, AAP maintains a settings file similar to that of a regular application. This means that many AAP options passed in via command line or script are automatically saved the first time you use them. For example, you only need to use the --debug-mode option once. After that, every time you run AAP it remains in debug mode until you disable it. To disable debug mode you use the --debug-mode-off option.

The AAP settings file default location is /Library/Management/AppAutoPatch/xyz.techitout.appAutoPatch.plist. While you can technically edit this settings file directly, you should avoid this and simply use the built-in AAP options.

Delete all locally saved options or labels, returning them to their default setting.

Command option examples: --reset-defaults --reset-labels

If there are specific AAP options you plan to set "permanently" then it is recommended to deploy these settings via a MDM configuration profile. This also ensures that these settings are enforced. In other words, if a specific AAP option is deployed via a MDM configuration profile then it cannot be ignored or changed via local command options.

The preference domain for App Auto-Patch is xyz.techitout.appAutoPatch The following are the options available to configure via MDM:

• Generate additional debugging output to the command line and various AAP logs.
• Options: [ TRUE | FALSE (default) ]
• Data Type: String

• Allows you to customize the name of App Auto-Patch to something else
• Data Type: String
• Example: App Auto-Patch

• Remove apps in the '/Users/*' folder and install them to the default path
• Options [ TRUE (default) | FALSE ]
• Data Type: String

• The number of days until patching completion status is changed to False
• Data Type: Integer
• Example: 7

• Number of deferrals allowed for incidents such as Active Display Assertions, Focus/DND mode. This type of deferral will be done silently and no prompts will be displayed for the user. Deferral time set by DeferralTimerFocus
• Data Type: Integer
• Example: 3

• Number of deferrals allowed by the end-user
• Data Type: Integer
• Example: 3

• The number of minutes to defer until the next update workflow attempt if a user chooses not to install updates
• Data Type: Integer
• Example: 1440

• Amount of time in Minutes that AAP will defer if any errors are detected throughout the process
• Data Type: Integer
• Example: 60

• Amount of time in Minutes that AAP will defer for Focus/DND/Display Assertions. Requires the use of DeadlineCountFocus. If no DeferralTimerFocus is set it will default to DeferralTimerDefault
• Data Type: Integer
• Example: 60

• Allows you to provide multiple deferral time options instead of the default of one day
• Data Type: String
• Example: 30,60,90,480,720,1440,2880 (minutes,minutes,etc...)

• Amount of time in minutes until AAP is relaunched after a workflow
• Data Type: Integer
• Example: 1440

• Forces the AAP dialogs to stay on top of all other windows
• Options: [ TRUE | FALSE (default) ]
• Data Type: String

• Time given to the user to respond to deferral prompt if enabled
• Data Type: Integer
• Example: 300

• What happens when the deferral timer expires Options: [ Defer | Continue ]
• Data Type: String

• Ignore apps found in '/Users/'. If an update is found in '/Users/' and variable is set to false, the app will be updated into the application's default path
• Options: [ TRUE | FALSE (default) ]
• Data Type: String

• A space-separated list of Installomator labels to ignore for the AAP workflow. Supports wilddcards
• Data Type: String
• Example: microsoft* googlechrome*

• A space-separated list of options to override default Installomator options (i.e., BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=silent LOGO=appstore)
• Data Type: String
• Example: BLOCKING_PROCESS_ACTION=prompt_user NOTIFY=silent LOGO=appstore

• Determines if the AAP script should use the Main (beta) or Release version of Installomator. The version from the Main branch typically includes more recent updates from PR's to fix issues or add new labels.
• Data Type: String
• Options: [Main (Default) | Release ]

• Data Type: Integer
• Options: 0 (Completely Silent) | 1 (Silent Discovery, Interactive Patching) | 2 (Full Interactive) (default)

• A space-separated list of optional Installomator labels. Labels in this category are only included if the app exists on the end-users device and will force install even if its the latest version. Does Not Support Wildcards
• Data Type: String
• Example: 1password8 adobereaderdc amazonchime apparency firefoxpkg vlc zoom

• The day of week to set the start date for a recurring patching cadence
• Data Type: Integer
• Options: 1 through 7 (1=Mon 2=Tue...7=Sun)

• Remove Installomator after App Auto-Patch is completed
• Options: [ TRUE | FALSE (default) ]
• Data Type: String

• a space-separated list of Installomator labels that are required, regardless if the app is installed or or the latest version. Supports wildcards.
• Data Type: String
• Example: desktoppr dockutil nudgesuite

• For the Support Team details that display in the Help Message
• Data Type: String
• Example: [email protected]

• For the Support Team details that display in the Help Message
• Data Type: String
• Example: Company Support Team

• For the Support Team details that display in the Help Message
• Data Type: String
• Example: 555-867-5309

• For the Support Team details that display in the Help Message
• Data Type: String
• Example: support.company.com

• Deterines if the Dialog should automatically close after completion if there is no response from the end-user
• Options: [ TRUE | FALSE (default) ]
• Data Type: String

• The number of seconds the AAP dialog will automatically close if UnattendedExit is set to TRUE
• Data Type: Integer
• Example: 60

• Toggles swiftDialog to use an overlay icon
• Options: [ TRUE (default) | FALSE ]
• Data Type: String

• Determines if Webhooks are sent when patching is completed
• Options: [ TRUE | FALSE ]
• Data Type: String

• The Slack Webhook URL to use if WebhookFeature is set to TRUE
• Data Type: String
• Example: https://webhook.slack.com/YourSlackWebhookURL

• The Teams Webhook URL to use if WebhookFeature is set to TRUE
• Data Type: String
• Example: https://webhook.teams.com/YourTeamsWebhookURL

• Disables the discovery of applications that require patching. If a list of labels from a previous discovery exists, AAP will use that list for the workflow
• Options: [ TRUE | FALSE ]
• Data Type: String

• Disable the automatic relaunch of AAP after the current workflow successfully completes
• Options: <true/> <faLse/>
• Data Type: bool