iOS version enforcement

MYDennis
New Contributor

iOS 14 reached EOL almost two years ago but Jamf Pro still supports it. My InfoSec team has asked that we prevent our older iPads on version 14 from enrolling. I figured it would be in the pre-stage enrollment settings but alas, have not found it. Is it located somewhere else or simply not possible?

1 ACCEPTED SOLUTION

sdagley
Esteemed Contributor II

@MYDennis There isn't a built-in mechanism to set a minimum macOS version for enrollment yet, but Apple is finally adding a Declarative Device Management setting to macOS 14/ and iOS/iPadOS 17 which allows defining the minimum supported OS for enrollment.

For now your best option would probably be using a Smart Group to find your non-complaint devices and then work with the users to upgrade (and lock the device if they don't respond)

View solution in original post

3 REPLIES 3

sdagley
Esteemed Contributor II

@MYDennis There isn't a built-in mechanism to set a minimum macOS version for enrollment yet, but Apple is finally adding a Declarative Device Management setting to macOS 14/ and iOS/iPadOS 17 which allows defining the minimum supported OS for enrollment.

For now your best option would probably be using a Smart Group to find your non-complaint devices and then work with the users to upgrade (and lock the device if they don't respond)

obi-k
Valued Contributor III

Hi @sdagley 

Do you know if it's confirmed with Apple that the DDM Enforcement Update Feature requires iOS 17 and macOS 14?

In other words, can admins use DDM to Enforce updates/deadlines for iOS 15 or 16 devices? Or macOS 13?

 

sdagley
Esteemed Contributor II

@obi-k Yes, that DDM feature will require iOS/iPadOS 17 and macOS 14 because it was not part of the DDM spec for older OSes. The chances of Apple back porting it to an older OS version in any security updates that might be made available for them is basically 0%.