Why Are My Apple Devices Are Allowed to Update iOS?

Why Are My Apple Devices Are Allowed to Update iOS?

Is anyone else having this issue? All of our enterprise devices have a profile that delays OS updates for 90 days. All of these devices are iOS 12+, but they randomly allow the user to update to the latest version of iOS. I'm looking at three identical devices right now and two of them will not allow an update (they have the "Your iPhone is running the latest software..." message) but one of them is asking to download and install 12.1.3. 

  • 23 January 2019
  • SOTI MobiControl
  • 5 Answers
  • 0 Upvote
  • 1 Follower
  • 693 Views
    • 5 Answers
    • 0 Upvote
    • 1 Follower

5 Answers

Order By:   Standard | Newest | Votes
Matt Dermody | posted this 23 January 2019

Because they're Apple devices ;). Great for personal devices, not ideal for enterprise devices. Have you tried also blocking the update server url(s) in addition to the update delay policy?

  • 0
  • 0
Raymond, Chan | posted this 23 January 2019

What are the version and build numbers of your server?

 

From the device information tab of each of the 3 devices, have you checked if they all are DEP devices in supervision mode?

 

From the device configuration/profile tab of each of the 3 devices, have you checked that the status of the profile with the delaying OS updates restriction is "installed"?

 

For the problematic device, are there more than one profiles with CONFLICTING restrictions payload deployed? 

  • 0
  • 0
Mike Shouppe | posted this 23 January 2019

We are on version 14.2.0.2894.

 

Yes, they are all DEP-supervised devices.

 

The configuration tab shows that the profile is installed (there aren't any other profiles that could be conflicting). What is strange is that if I administratively remove the profile and then re-install the profile, it will block the update properly. It seems like we have several devices that show the profile is installed when it isn't actually working properly.

  • 0
  • 0
Raymond, Chan | posted this 23 January 2019

If I remember correctly based on my previous tests, this "delay Firmware Update" restriction is guaranteed to be effective only after a soft reset.  Probably buggy iOS firmware implementation (by arrogant but incompetent Apple programmers) that cache this restriction setting, and does not update immediately after each modified profile received, and there is nothing Soti agent software can do.  Just remember to force a soft reset after deploying such restriction.

 

  • 0
  • 0
ARMOD@SOTI | posted this 22 February 2019

Hello Mike,

 

Were you able to delay the iOS update through Restrictions under iOS profile?

 

Please let us know if you were able to delay the iOS update after soft reset.

 

Thanks,

 

Technical Support | SOTI Inc. |1.905.624.9828 | support@soti.net | www.soti.net |

  • 0
  • 0
Give us your feedback
Give us your feedback
Feedback