What’s new in mobile device management for Apple devices
The following features are new in mobile device management for iPhone, iPod touch, iPad and Mac devices. This list includes updates from the following operating systems:
iOS 14.2 to 14.5
iPadOS 14.2 to 14.5
New payloads for iOS 14.2 and iPadOS 14.2
Certificate Revocation: Use the Certificates Revocation payload to revoke certificates on an iPhone or iPad. For example, an MDM administrator can create a list of certificates for revocation. Specifying a certificate authority (CA) enables revocation checking for all certificates chaining up to that CA.
New restrictions for iOS 14.5, iPadOS 14.5 and iOS 14.2
Allow putting an iOS or iPadOS device into Recovery Mode from an unpaired host (Supervised only): iPhone, iPod touch and iPad previously allowed any external host computer to start a device in Recovery Mode, which meant that the host computer could completely erase the device and restore the operating system. iOS 14.5 and iPadOS 14.5 now prevent this behaviour by default.
Force on-device dictation: You can use dictation instead of your keyboard to enter text with many apps and features that use the keyboard on your iPhone, iPad or iPod touch running iOS 14.5 or iPadOS 14.5. This setting prevents dictated content from being sent to Siri servers for processing.
Prevent auto unlock: With watchOS 7.4, users can’t use their Apple Watch to unlock their paired iPhone running iOS 14.5.
Allow near-field communications (NFC): Users can’t use built-in NFC hardware in compatible devices running iOS 14.2 or later.
New restriction updates for macOS 11 through macOS 11.3
Support for separate deferral values for major, minor and non-operating-system updates: Starting with macOS 11, administrators have the ability to choose different values for deferring major operating system releases, minor operating system releases and non-operating-system updates. For example, an administrator may choose to hold back a major release while, in contrast, immediately offering every minor release. In this way, the administrator can work to approve the latest major release for production in their environment, while at the same time users can benefit from important security updates.
New Shared iPad command updates for iPadOS 14.5
Send a settings command to Shared iPad that allows administrators to configure Shared iPad to show only the Temporary Session option at the sign-in screen.
Set each type of Shared iPad session to sign out automatically after a specified period of inactivity.
See Prepare Shared iPad.
New command updates for macOS 11.3
Restart command: User notification for device restarts: MDM can notify users that administrative operations require a restart at their convenience, letting them complete current tasks. This command can be especially helpful when an administrator is attempting to remotely enable legacy kernel extensions, which require a reboot (and other specific properties of the restart command like KextPaths and RebuildKernelCache).
Install Application command: iOS app: Install iPhone and iPad apps on a Mac with Apple silicon from Apps and Books in Apple School Manager and Apple Business Manager.
See MDM commands.