macOS - Software - Download Sonoma Installer

What the Sonoma Downloader does

This Automox Worklet™ downloads the macOS Sonoma installer from Apple's software update servers to your endpoints. The Worklet queries available installer versions and fetches the latest Sonoma build to the /Applications folder, staging it for the subsequent upgrade process.

Before initiating the download, the Worklet restarts the softwareupdate daemon to retrieve current version information from Apple. It then performs compatibility checks including verifying at least 25 GB of free disk space, confirming the endpoint is not already on Sonoma or newer, and validating Secure Token status on Apple Silicon Macs.

Why download Sonoma specifically

Uncontrolled macOS upgrades disrupt operations when new OS versions break application compatibility. When endpoints auto-update to the latest macOS release, users experience application failures, workflow interruptions, and compatibility issues that generate urgent support tickets. Organizations need to test new OS versions with their specific application stack before deployment.

Pre-staging the Sonoma installer separates the lengthy download from the upgrade process. The installer is approximately 13 GB, and caching it ahead of time reduces upgrade window duration. You can schedule downloads during off-peak hours and trigger installations during maintenance windows.

For fleet-wide upgrades, pre-staging prevents bandwidth congestion when many endpoints attempt to download simultaneously. You can stagger the downloads across days or weeks before your upgrade deadline.

How Sonoma download works

1. Evaluation phase: The Worklet checks if the endpoint is already on Sonoma (Darwin 23) or newer. It verifies the endpoint runs macOS Catalina (Darwin 19) or later, which is required to cache installers. It checks if the Sonoma installer already exists at /Applications/Install macOS Sonoma.app.

2. Remediation phase: The script first restarts the softwareupdate daemon using launchctl kickstart. It then queries softwareupdate --list-full-installers for the latest Sonoma version, verifies 25 GB of free space, and runs softwareupdate --fetch-full-installer with that version. On Apple Silicon Macs, it uses either the Automox service account or console user with Secure Token enabled.

Sonoma download requirements

• macOS Catalina (10.15) through Ventura (13.x) as the current operating system

• At least 25 GB of free disk space

• Network access to Apple's software update servers

• Apple Silicon: Secure Token enabled for Automox service account or console user

• Hardware compatible with macOS Sonoma

• Extended Worklet timeout (download may take up to one hour)

Expected state after Sonoma download

After successful remediation, the installer application appears at /Applications/Install macOS Sonoma.app with the complete 13GB installer package ready for execution. The installer is ready for the Upgrade macOS Worklet to execute the actual upgrade process. Users will not see any prompts during the download phase. You can verify the download by checking for the Sonoma installer in /Applications using Finder or by running ls -la /Applications | grep Sonoma in Terminal. The Worklet execution logs confirm the exact Sonoma build version downloaded.

You can verify the download by checking for the Sonoma installer in /Applications or by reviewing the Worklet execution logs. The logs confirm the exact Sonoma build version downloaded. If the download fails, macOS automatically removes partial files, so no manual cleanup is needed.

How to validate download sonoma installer changes

1. Run this Worklet on a pilot macOS endpoint and review evaluation output for download sonoma installer.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as exit.

4. Validate remediation effects from script operations such as sudo, function, exit, then rerun evaluation for compliance.