![]() ![]() This opens up a great new workflow for updating Apple devices overnight as a failsafe mechanism if the user maybe forgets to run the update during their break. Note the prompt to install on both pictures, empowering the user to run the update at their convenience but ensuring a safety net deadline that will force the update for them at that time. What the user sees during the download What the user sees after the download. These changes are the same across iOS and iPadOS too, and here we can see a screenshot of what that looks like to the end-user, side-by-side before and after the download: It also offers a new option to set an installation deadline, a point in time at which the Mac will forcibly update itself by if the user hasn’t accepted the numerous prompts to do so beforehand (very handy in both lab and 1:1 environments). While that may sound like a small change, it makes a world of difference to the reliability of macOS updates and the amount of strain on the MDM server, since it doesn’t have to ‘babysit’ the Mac and check-up on it every 15 minutes. ![]() This puts the emphasis on the device to perform the update when instructed, and to report back to the MDM server once it’s been done. Handily, Apple saw fit to overhaul the managed software update workflow across all their operating systems and tie it into DDM. However, we do need the ability to easily keep our Apple estates updated so that we can stay secure and enjoy the latest software features (plus, the main reason we all update - new emoji!). There are solid reasons for this, mainly around the concept of volume ownership in macOS on the latest Macs, which are grounded in security and that is fundamentally a good thing. Much has been made in the Apple Admin community about how remotely updating devices - Apple Silicon Macs in particular - hasn’t been a smooth ride lately. OK, so what’s changed with managed software updates? You can learn much more about the latest updates to the DDM specification on Apple’s WWDC video. Being so new, however, Apple are regularly adding to DDM’s capabilities with every major OS release, so it’s important to keep eligible devices updated to ensure full support of the latest features. Of course, Jamf Pro and Jamf School have support for DDM, so your organisation is already primed to take advantage of it. In time, it may very well be the case that inventory updates become totally unnecessary, with devices instead sending real-time data back to the MDM as things change. This majorly cuts down on the stream of commands issued to devices (particularly when performing remote software updates, which we’ll loop back to shortly) and means that a growing number of attributes, such as OS version, can be updated on the MDM without an inventory update command being sent. What is DDM, anyway?įirstly, it’s not a typo of ‘MDM’! In a nutshell, gone is the notion that the MDM server needs to constantly check-up on how a device is getting on with a certain command it’s been asked to do instead, the device has much more independence and tells the MDM server when something has been done. We’re going to take a look at this in detail, as it’s been a particularly hot topic in the Apple Admin community over the last couple of years. As you’ve probably heard, Declarative Device Management (or, for less of a mouthful, DDM) is making significant changes to the way in which managed devices go about their business in some key ways - most notably how managed software updates work.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |