![Full Logo.png]](https://help.devicie.com/hs-fs/hubfs/Full%20Logo.png?height=30&name=Full%20Logo.png){kind=small}
macOS Foundation - Production Ring Update Settings
MacOS : Understanding Production Ring Update Settings in Devicie
Overview:
Auto update settings for macOS OS, App Store/VPP apps, Microsoft Office applications, and Devicie managed third-part applications. These settings are intended for the production ring of devices.
Pre-Requisites:
N/A
Recommended Assignment Target:
If the pilot and UAT groups are user groups: assign to All Users and exclude the pilot and UAT groups
This is a baseline when not wanting a pilot or a UAT group.
Variable Settings:
No Variables Settings for this policy
Base Settings:
macOS Update Settings
Controls the release of
-
Major macOS
-
Minor macOS
-
and non-OS updates (eg. VPP and native apps)
| Setting | Description | Value |
| Allow Pre Release Installation | If true, prerelease software can be installed on this computer. | False |
| Automatic Check Enabled | If false, deselects the "Check for updates" option and prevents the user from changing the option. | True |
| Automatic Download | If false, deselects the "Download new updates when available from the App Store" option and prevents the user from changing the option. | True |
| Automatically Install App Updates | If false, deselects the "Install app updates from the App Store" option and prevents the user from changing the option. | True |
| Automatically Install Mac OS Updates | If false, restricts the "Install macOS Updates" option and prevents the user from changing the option. | True |
| Config Data Install | If false, restricts the automatic installation of configuration data. | True |
| Critical Update Install | If false, disables the automatic installation of critical updates and prevents the user from changing the "Install system data files and security updates" option. | True |
| Allow Rapid Security Response Installation | If false, the system prohibits installation of rapid security responses. | True |
| Allow Rapid Security Response Removal | If false, the system prohibits removal of rapid security responses. | False |
| Enforced Software Update Major OS Deferred Install Delay | This restriction allows the administrator to set the number of days to delay a major software upgrade on the device. When this restriction is in place, the user sees a software upgrade only after the specified delay after the release of the software upgrade. This value controls the delay for force Delayed Major Software Updates |
60 days |
| Enforced Software Update Delay | How many days to delay a software update on the device. With this restriction in place, the user doesn't see a software update until the specified number of days after the software update release date. The restrictions force Delayed App Software Updates and force Delayed Software Updates use this value. | 7 days |
| Enforced Software Update Minor OS Deferred Install Delay | This restriction allows the administrator to set the number of days to delay a minor OS software update on the device. When this restriction is in place, the user sees a software update only after the specified delay after the release of the software update. This value controls the delay for force Delayed Software Updates |
7 days |
| Enforced Software Update Non OS Deferred Install Delay | This restriction allows the administrator to set the number of days to delay an app software update on the device. When this restriction is in place, the user sees a non-OS software update only after the specified delay after the release of the software. This value controls the delay for force Delayed Software Updates | 7 days |
| Force Delayed App Software Updates | If true, the system delays user visibility of non-OS software updates. Control visibility of operating system updates through force Delayed Software Updates. The delay is 30 days unless you set force Delayed Software Updates to another value. | True |
| Force Delayed Major Software Updates | If true, the system delays user visibility of major OS updates. | True |
| Force Delayed Software Updates | If true, the system delays user visibility of software updates. In macOS, the system allows seed build updates without delay. The delay is 30 days unless you set enforced Software Update Delay to another value. | True |
Microsoft AutoUpdater Settings
Configures Microsoft AutoUpdater to control the release of Microsoft application updates.
| Setting | Description | Value |
| Start Daemon on App Launch | Automatically start update checking when each Office app is launched | True |
| Acknowledged Data Collection Policy | Suppress the Required Data Collection policy dialog from being shown to users. | RequiredDataOnly |
| Channel Name | Sets update channel, allowing for interim updates | Current |
| Disable Insider Checkbox | Prevent users from changing to an Office insider channel and obtaining interim updates | True |
| How To Check | Controls frequency and application of updates | AutomaticDownload |
| Update Deadline Days Before Forced Quit | Specify the maximum number of days that an update can be pending before the user is forced to update the app | 3 days |
| Update Deadline Final Count Down | Number of minutes before the deadline date Forced Update Dialog will be displayed | 120 mintues |
| Optional Updates Deferrals Days | This defines the number of days to wait to offer/install updates after an update is released. | 7 days |
| Applications | A dictionary containing the installation location and application ID of all of the applications that Microsoft AutoUpdater is responsible for updating. | { |
| App Custom Pref | A dictionary containing the installation location and license type of all of the applications that Microsoft AutoUpdater is responsible for updating. | { |
| Alert Type |
The type of alert for notifications for Microsoft AutoUpdater:
|
1 |
| Badges Enabled | Enables badges for Microsoft AutoUpdater. | True |
| Critical Alert Enabled | Enables critical alerts that can ignore Do Not Disturb and ringer settings for Microsoft AutoUpdater. | True |
| Notifications Enabled | Enables notifications for Microsoft AutoUpdater. | True |
| Show In Lock Screen | If true, enables notifications on the Lock Screen for Microsoft AutoUpdater. | False |
| Show In Notification Center | Enables notifications in the notification center for Microsoft AutoUpdater. | True |
| Sounds Enabled | If true, enables sound for Microsoft AutoUpdater. | False |
Devicie Managed Updates
Devicie offers an update management service for the majority of our back catalogue applications.
Features include:
-
Set the number of days, from release date, to defer update availability.
-
Set the number of times the user can defer an update - this roughly translates to the number of days ‘grace period’ a user is given before the update install is enforced. The deferral option is only presented to the user if the application is in use - if it’s not in use then the update installation will proceed in the background.
| Setting | Description | Value |
| Update Delay | How many days to wait before attempting to update application | 3 days |
| Max Deferrals | The number of times the end-user is allowed to defer an update before update is forced | 2 days |