Help Center
14 DAY FREE TRIAL
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Uncategorized

Category filter

Configure Software Updates Preferences for iOS

Jump To

This help documentation will guide IT administrators on how to configure DDM software updates by setting preferences and deploying iOS system updates.

The Software Update Preferences Policy allows organizations to manage how and when iOS devices receive system and security updates handled via Declarative Device Management. DDM provides managed software updates that enable devices to proactively communicate with Hexnode. This results in fewer back-and-forth communication with the UEM server and faster, more reliable updates.

Through this policy, administrators can enable or restrict automatic software updates, define whether users can enroll in beta programs, and manage the installation and removal of rapid security responses. It also supports setting deferral periods for updates, giving IT teams greater control over when updates are presented to users. These settings help ensure that devices remain secure and compliant while allowing for flexibility in update deployment across the organization.

Configure DDM software updates for iOS devices

Configure DDM software updates for iOS devices with Hexnode
To configure iOS Software Update Preferences from Hexnode UEM,

  1. Login to the Hexnode UEM portal.
  2. Go to Policies, under Device Polices, select an existing policy, or click on New Policy to create a new one.
  3. In the case of a new policy, add a policy name, which is mandatory before saving the policy, and an optional description.
  4. Navigate to iOS > Patches and Updates > Software Update Preferences and click Configure.

Clicking “Configure” will present you with the following options for configuration:

Notifications

This option determines how notifications should be displayed on the device.

  • Enabled: Shows all software update enforcement notifications.
  • Disabled: Shows only the notification triggered one hour before the enforcement deadline and the restart countdown notification.

Automatic Software Updates

The following section lets administrators control how iOS devices automatically handle the download and installation of OS updates and critical security patches. The available options to configure are:

Download OS updates

Specify whether the automatic download of OS updates is controlled by the user. Admins can choose from the following options:

  • User can configure: Let the user configure whether to allow automatic download of OS updates.
  • Always On: Enforce the automatic download of OS updates on the device.
  • Always Off: Disable the automatic download of OS updates.
Note:


This option does not affect software upgrades and Rapid Security Responses.

Install OS Updates

Specify whether the automatic installation of OS updates is controlled by the user. This option will not be available if Download OS updates is set to Always Off. It does not affect software upgrades and Rapid Security Responses. Admins can choose from the following options:

  • User can configure: Let the user configure whether to allow automatic installation of OS updates.
  • Always On: Enforce the automatic installation of OS updates on the device.
  • Always Off: Disable the automatic installation of OS updates.

Install security updates

This option specifies whether the automatic installation of security updates is controlled by the user. Administrators can choose from the following options:

  • User can configure: Allows the user to choose whether to allow automatic installation of security updates.
  • Always On: Enforces the automatic installation of security updates on the device.
  • Always Off: Disables the automatic installation of security updates.

Beta Updates

The following section allows administrators to manage the visibility of Apple’s beta software updates on devices. These updates allow users to experience and test upcoming iOS features before their official release. Apple offers different beta tracks, such as Developer Beta and Public Beta, which users can enroll in through their device settings using an Apple ID associated with the respective program.

To retrieve the available beta updates for your organization, administrators must first integrate their Hexnode UEM console with Apple Business/School Manager.

Note:


This setting is not supported for devices enrolled via User enrollment.


Admins can configure from the following options,

Enroll in beta programs

This setting allows you to specify whether users can enroll their devices in beta programs. Administrators can choose from the following options:

  • User Can Enroll: This option lets users enroll in any beta programs associated with their Apple ID. If you want to restrict their choices, you can list the Allowed beta programs, and users will only be able to enroll in those.
  • Always On: When this option is selected, you can either configure Required beta programs or Allowed beta programs. The devices will either be automatically enrolled in the beta programs you specify under Required beta programs, or users can choose from the Allowed beta programs.
  • Always Off: This prevents devices from being enrolled in any beta programs. If a device is already enrolled, the system will automatically remove it.

Rapid Security Response

Apple Rapid Security Responses are a type of software release designed to deliver critical security fixes to your Apple devices more frequently and quickly than standard software updates. The following section allows you to specify how users can engage with these types of updates. Administrators can choose from the following options:

Automatically install Rapid Security Responses

When enabled, this option allows the device to automatically install Rapid Security Response updates.

Allow removal of Rapid Security Responses

When enabled, this option lets users remove Rapid Security Responses from the device.

Software Update Deferrals

The following section lets administrators control how and when software upgrades and updates are made available to users. Administrators can choose from the following options:

Defer software update/upgrade by

Set the number of days for which an update must be delayed. You can choose the time from 1-90 days from the date of release of the update.

Display software upgrade/updates

Specify how the software upgrade/update should be shown to the user when more than one update is available. Choose from the following options:

  • All: All available software updates and upgrades are shown to the user.
  • Oldest: Only updates for the oldest (lower-numbered) software version are displayed.
  • Newest: Only an update to the newest (highest-numbered) software version is displayed.

Associate the policy settings with target devices

  • When the policy is not yet saved,
    1. Go to Policy Targets within the Policies tab.
    2. Click on Devices > + Add devices, select the required devices and click OK to associate the policy with the target devices.
    3. You can also associate the policy with device groups, users, user groups or domains from the left pane of the Policy Targets tab.
  • When the policy has already been saved,
    1. From the Policies tab, select the appropriate policy.
    2. Then click on Manage > Associate Targets > choose the target devices and click on Associate to associate the policy with the target devices.
Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Uncategorized