Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Remote Actions
  3. Admin actions

Category filter

How to enforce OS updates on macOS devices

Jump To

The Update OS remote action in Hexnode UEM allows IT administrators to remotely deploy system patches and major version upgrades to managed macOS devices to ensure organizational security and performance.

Why enforce macOS OS Updates?

Remote OS enforcement mitigates security vulnerabilities, ensures compatibility with the latest enterprise applications, and maintains a consistent software environment across the fleet without requiring physical access to individual workstations.

  • Security Compliance: Closes critical security loopholes by installing the latest Apple security patches.
  • Centralized Control: Allows admins to trigger updates for individual devices or entire device groups from a single console.
  • Operational Continuity: Ensures all users have access to the same macOS features and stability improvements.

Prerequisites and Constraints

Before initiating an update, ensure the target devices meet the following requirements:

Requirement Specification
Management State Devices must be Supervised (typically via ADE/DEP or User Approved MDM).
Virtual Machines Note: The Update OS remote action may not function reliably on Virtual Machines (VMs).
Network A stable internet connection is required for downloading large installation packages.

Step-by-Step Guide: Deploying macOS Updates

Administrators can initiate updates for individual devices or in bulk for device groups using the Hexnode console.

  1. Log in to the Hexnode UEM portal.
  2. Navigate to the Manage tab.
  3. Select Devices and choose the target device or device group from the list.
  4. Navigate to Actions > Updates > Update OS.
  5. Select the desired deployment method from the available options:
    Option Functional Behavior
    Download and Install Software updates are automatically downloaded to the device and installed without further administrative intervention.
    Download Only Updates are downloaded to the device but held in a pending state. The user must manually initiate the installation.
  6. If Download Only was selected, the user must navigate to System Preferences > Software Update > Install macOS updates on the local device.
  7. Click Update to execute the command.

Troubleshooting Guides

Problem Resolution
Update fails on Virtual Machines (VMs) This is a known limitation. It is recommended to perform manual updates or use a physical macOS device for testing remote actions.
Update remains in “Downloading” status Ensure the device has sufficient disk space for the update and that the network is not blocking Apple’s update servers (e.g., swscan.apple.com).
User cannot see the downloaded update If “Download Only” was used, confirm the user is looking in the correct location: System Preferences > Software Update.
Action not appearing in portal Verify that the device is correctly enrolled and currently in a Supervised state.

Frequently Asked Questions (FAQs)

Does remote OS update require user approval on macOS?

If the administrator selects Download and Install, the process is automated. However, if Download Only is selected, the end-user must manually trigger the final installation from their system settings.

Can a Mac that is not supervised be updated?

No. The Update OS remote action is strictly supported on supervised macOS devices.

What happens if the device is offline when the command is sent?

The command will remain in a “Pending” status in the Hexnode portal and will be delivered to the device once it re-establishes a network connection with the Hexnode UEM server.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Remote Actions