What’s new for enterprise in iPadOS 14

Learn about the enterprise content that Apple has released for iPadOS 14.

iPadOS 14 updates improve the stability, performance, or compatibility of your device and are recommended for all users. Device administrators can manage software updates using an MDM solution. 

For information about general improvements, learn about iPadOS 14 updates.

iPadOS 14.2

  • When MDM defines a network via a Wi-Fi settings payload and disables the MAC address randomization option, the Private Address feature can no longer be manually enabled by users.
  • If the Global HTTP Proxy payload is configured to not allow direct traffic as a fallback, devices will no longer allow direct traffic when the PAC is unreachable. 
  • When a Private Address in enabled for a wireless network, the hardware MAC address will no longer appear in ARP traffic.

iPadOS 14.1

  • Always On VPN configurations without the CellularServices service will now connect to VPN over cellular. 
  • Third-party file provider applications will no longer show “Content Unavailable” in the Files app. 
  • Third-party VPN apps successfully reconnect following a network transition.

iPadOS 14

iPadOS 14 includes new features like per account VPN, single sign-on enhancements and other device management improvements. 

Device Management

  • The Installed Application MDM query minimizes impact on device load by specifying an array of items to return.
  • iPadOS 14 introduces a new Wi-Fi privacy feature. When an iPad connects to a Wi-Fi network, it identifies itself with a randomized MAC address. The MAC address randomization behavior only generates a new MAC address once for each WiFi network a device joins. A new random address will only be generated for a known network following “Reset Network Settings”, “Erase All Content and Settings”, or “Reset All Settings” actions. For networks defined by a Wi-Fi settings payload, this can be disabled with the DisableAssociationMACRandomization option.
  • The Setup Assistant settings payload allows for a list of setup items that can be skipped following automated enrollment and future updates. 
  • Managed apps can now individually be identified as unremovable by the user. 
  • Fonts installed via configuration profile will only be visible to apps implementing the Font APIs introduced in iPadOS 13. 
  • Devices now return correct DeviceCapacity values to the DeviceInformation MDM query
  • Web Clips installed by MDM will open in the specified app without prompting for user approval. 
  • Reinstalling an Exchange ActiveSync payload on a device will not cause a prompt for authentication. 
  • A device can successfully update to iPadOS 14 via MDM while in Single App Mode. 
  • Apple Configurator can now modify the home screen layout for iPadOS devices. 
  • For an account configured with the Exchange ActiveSync payload, the server returned via AutoDiscover will be ignored if a server is specified in the profile with the Exchange hostname key. 
  • You can upload a file from a managed source to a managed domain in Safari. 
  • The ListAvailableUpdates MDM command is only valid on supervised devices.


  • Exchange accounts on iPadOS 14 configured for OAuth with Microsoft cloud-based services (such as Office365 or outlook.com) will automatically be upgraded to use Microsoft’s OAuth2 identity platform (v2.0).
  • Emails for Exchange calendar invitations that contain notes will no longer result in “This message is only partially downloaded” message. 
  • The sending account will not be auto-updated from a managed to un-managed account when composing a new email. 
  • Fixes an issue in Mail where new messages may not appear in the Inbox.
  • Mail no longer prompts repeatedly when the account password has changed. 

Bug fixes and other improvements

  • If an IKEv2 VPN payload omits any values in Dynamic SA parameters, the defaults in iPadOS 14 will be set to:
    • NEVPNIKEv2EncryptionAlgorithmAES256
    • NEVPNIKEv2IntegrityAlgorithmSHA256
    • NEVPNIKEv2DiffieHellmanGroup14
  • CryptoTokenKit now includes support for persistent tokens. Persistent tokens allow third-party extensions to use cryptographic items stored on a Smart Card or networked hardware security module (HSM). 
  • Safari displays a warning when connecting to websites that use TLS v1.0 or v1.1. 
  • Addresses an issue that could cause a device to become unresponsive when initiating an AirPlay mirroring session with an Apple TV.
  • Fixes an issue that prevented VPN connections from reconnecting 
  • Resolves an issue that could cause the Contacts app to quit unexpectedly if more than one source account is set up.
Published Date: