1. SimpleMDM Help Center
  2. Documentation
  3. Device Management

Managed Software Updates

The "Managed Software Updates" profile is a declarative configuration that allows admins to schedule the enforcement of OS software updates by a specific date and time. Device users will receive period notifications to notify and remind them when the update will occur, with the option to update sooner if they choose.

Apple documentation for this feature is available here.

To create a Managed Software Updates profile:

  1. Make sure the target devices are running macOS 14+ or iOS/iPadOS 17+ and have DDM enabled.
  2. Go to Configs > Profiles and click “Create Profile”.
  3. From the list, select “Managed Software Updates”.
  4. Configure the settings as desired to enforce the specific update and enforcement date and time as needed.
  5. Assign the configuration to your devices/groups.

Managed Software Updates configuration settings explained 

SimpleMDM has built the Managed Software Update configuration with some additional logic to help you more easily control how and when software updates are enforced, without needing to repeatedly update the configuration when new OS versions are released.

  • Version (target operating system version): this is where you can select the OS version you want to enforce on devices. There are multiple modes available to choose from based on what best suits your needs. Options:
    • Latest Minor Version: Installs the latest minor and patch versions available (ex. 14.1 > 14.2.1), but does not install major upgrades (ex. 14.x > 15.0)
    • Latest Major Version: Always installs the latest major, minor, and patch version (ex. 14.1.2 > 15.1.1)
    • Minimum Specific Version: This option allows admins to select a specific OS version for both iOS and macOS to be enforced on devices. When selected, MDM will attempt to install the selected OS version. If this version is not available, admins can set a fallback behavior.
      • If Version Not Available: This option specifies what behavior the admin prefers if the specified OS version is not available. The options are:
        • Do No Install: If the selected version is not available, do not install the next available version (eg. do nothing).
        • Install Next Available Version: If the selected version is not available, install the next closest available version.
    • Latest Version Minus: This option allows admins to automatically enforce a specific version that is relative to the most recent version - eg. N-1. For example, if the offset is "N-1", 14.1.2 is the latest, and 14.1.1 is the previous version, installs 14.1.1. “N-2” would install 14.1.

       
  • Enforce By: This section is where admins can control the timing of the update enforcement.
    • Specific Date: This will enforce the selected update by a specific time and date.
      • Enforcement Date: The local date the update will be enforced.
      • Enforcement Time: The local time the update will be enforced.
    • Relative Date: This will enforce the selected update based on a date relative to the release date of the OS version.
      • Days After Public Release: The number of days following the official Apple release date for the specified OS version after which the update will be enforced on target devices.
      • Enforcement Time: The local time the update will be enforced, using relative days to determine the date.

         
  • Details Page URL: This is a custom URL that admins can set. On macOS, when users receive the prompt notifying them of the enforced update, an optional details link can be made available to allow end-users to click and get more information about the update. SimpleMDM does not set this automatically - admins would want to host their own web page to display any information they want to share with their end users.
Eric McCann
Was this article helpful?
Still have a question or want to share what you have learned? Visit our Community Discord to get help and collaborate with others.