What’s new for enterprise in iOS 17

Find out about the enterprise content that Apple has released for iOS 17.

iOS 17 updates improve the stability, performance or compatibility of your device and are recommended for all users. Device administrators can manage software updates using an MDM solution.

For information about general improvements, find out about iOS 17 updates.

For details about the security content of these updates, see Apple security releases.

iOS 17.4

  • Users no longer have to disable Stolen Device Protection in order to enrol in Mobile Device Management (MDM) or configure an Exchange account, but if they are in an unfamiliar location they may have to wait an hour.

  • Improves stability when making phone calls and searching contacts on devices with thousands of contacts and Managed Open In restrictions.

  • Users with Managed Apple IDs can now add student IDs or employee badges to Apple Wallet, if allowed by their school or business.

  • New MDM restrictions and commands are available for managing alternative marketplaces.

  • MDMs can install thinned apps to save time, storage and bandwidth.

  • The command to set wallpaper no longer fails on subsequent attempts.

iOS 17.3

Stolen Device Protection must first be disabled in order to install configuration profiles, manually enrol in Mobile Device Management or manually configure Exchange accounts.

iOS 17.2

  • Introduced a key, allowLiveVoicemail, to allow enabling or disabling of Live Voicemail via MDM.

  • Devices no longer fail to complete extensible SSO authentication that requires multiple steps.

  • Passcode policy wipe will no longer delete configured eSIM(s) when the new forcePreserveESIMOnErase key is set to True.

  • The global proxy profile no longer causes AirDrop discovery requests to time out.

  • Resolved an issue where sharing crashes caused excessive mobile and Wi-Fi data use.

  • Exchange calendars are now shown as an option in default Calendar settings.

  • Devices are now able to locate AirPrint printers outside of the .local domain.

iOS 17.1

  • Continuity features can be used with Managed Apple IDs.

  • Always on VPN users are now able to make mobile and Wi-Fi calls, use mobile data and send SMS/MMS messages.

  • Resolves an issue with iOS devices losing communication with MDM.

iOS 17.0.3

  • Resolves an issue where Apple Business Essentials users were unable to complete the setup process after updating to iOS 17.

  • iOS 17 devices no longer become unresponsive when joining a managed Wi-Fi network.

  • The Calendar app will no longer resend invitations to all participants after accepting or declining an Exchange event invitation.

iOS 17

iOS includes new features, bug fixes and improvements for enterprise and education deployments.

Device Management

  • MDMs can enable account-driven Device Enrolment to allow users to enrol their iOS or iPadOS device into management using their organisation’s Managed Apple ID in Settings.

  • Apple Configurator in iOS 17 can now assign a device to an MDM server while it is being added to Apple School Manager, Apple Business Manager or Apple Business Essentials.

  • Sign-in with Apple automatically uses the Managed Apple ID for Managed Apps and a personal Apple ID for non-managed apps.

  • MDMs can now enforce a minimum operating system version on enrolling devices when using Automated Device Enrolment.

  • Declarative device management can now be used to manage updates on iOS and iPadOS.

  • iOS now provides support for private, data-only mobile networks using LTE, 5G Non-standalone (NSA) or 5G Standalone (SA).

  • With Return to Service, MDM can send an erase command including Wi-Fi details, and an optional MDM enrolment profile, so the device can erase all data and proceed to the Home Screen automatically, ready to be used.

  • An Apple Watch can be enrolled and managed by MDM when paired to a supervised iPhone.

  • New declarations support the deployment of certificates and identities using ACME, SCEP or an encrypted PKCS#12 container, and certificates such as .pem or .der encoded files.

  • Certificates from a self-signed Certificate Authority (CA) are added to the device’s trusted root certificates automatically.

  • Devices enrolled with User Enrolment can now be configured to disallow Auto Lock from being set to Never, which helps to protect organisational data.

  • MDM can now report on the battery health of iOS devices.

Bug fixes and other improvements

  • Cancelled Exchange events no longer remain on the Calendar if they’ve been deleted elsewhere.

  • Devices respond to MDM more reliably.

  • Apple devices now support connection to 802.1X networks using EAP-TLS with TLS 1.3 (EAP-TLS 1.3).

  • With Network Relay, a secure HTTP/3 or HTTP/2 relay can be configured to proxy all TCP and UDP traffic.

  • iOS and iPadOS devices support configuring 802.1X over Ethernet.

Published Date: