Apple (Firmware Management)

Before you begin

  • Make sure you have the following permissions to view and manage Apple updates policies:
    • View Apple Update Policies
    • Manage Apple Update Policies
  • Configure an Apple Root Certificate to automatically populate OS version information. Download the Apple Root Certificate here.

About this task

The Apple update policy enables you to manage firmware updates for your enrolled Apple devices.
How-to: Configure Apple Firmware Updates [VIDEO]
How-to: Configure Apple Firmware Updates
Restriction: This policy only applies to declarative managed devices running iOS/iPadOS 17+ or macOS 15+.

Procedure

  1. From the main menu, navigate to Policies > Updates & Firmware Management and choose Apple.
  2. Select New Update Policy to create new policy.
  3. Configure your Apple update policy as required.

    Details

    Name Enter the Apple update policy name.
    Description Enter a brief description for your Apple update policy.

    Settings

    OS Platform Choose from iOS/ iPadOS and macOS platforms to target your Apple device(s).
    Target operating system version Specify the exact target OS version to update the devices. A list of stable releases populates from Apple's GDMF API.
    Target build version (Optional) Specify the target build version or rapid security responses (security patch) for the firmware update.
    Target local date and time Set the local date and time for the firmware update to take place.
    Details URL Specify a self-provided link, to make sure end-users are well-informed about the reasons and methods behind the enforced updates. This link directs users to a detailed explanation of the update, including its purpose and implementation process.

    Activations

    Enable custom activation conditions Toggle to enable custom conditions that device(s) must meet for OS updates to apply.
    Input type Choose from Conditions and Custom String for activation conditions.

    For Custom String, enter your custom predicate string contents.

    Tip: You can fetch a custom string by creating a predicate statement, enabling 'Display raw data', and then copying it over to make any necessary modifications.
    Display raw data Enable toggle to view the generated predicate statement for conditions used. Adding condition(s) displays the predicate statement under the Generated Predicate Statement view.
    Grouped conditions to trigger actions must include Choose from All and Any for more than one group condition.
    ALL/ ANY of these conditions must be satisfied Use the Add Condition button to specify the condition(s) for a device to update the OS.
  4. Select Save and Assign to apply the update policy to your Apple devices.

What to do next

See the OS Update Settings profile to configure OS update behavior.
Note: The "Software Updates" section under Device Details displays OS update information. See Device Details.
Note: Use "Apple OS Scheduled Updated Time" and "Apple OS Update Status" search properties to filter your Apple devices. See Searching With Properties for more details.