This guide applies to Mac computers
How Updates Are Delivered
Managed OS uses Declarative Device Management (DDM) to deliver and enforce macOS updates. The operating system handles downloading, caching, user notifications, and installation. You can offer major macOS upgrades via Self Service (install on-demand from Self Service) or have them enforced automatically. For more on how DDM and Managed OS work together, see Declarative Device Management and Managed OS. Update types you can manage include:- Minor and patch updates (e.g., 14.2.1 → 14.3)
- Major version upgrades (e.g., macOS 14 → 15)
- Background Security Improvements — Lightweight security updates from Apple (Safari, WebKit, system libraries) delivered between full OS updates.
Managed OS does not support downgrading macOS.
Deployment Considerations
If you use Automatically Enforce New Updates, the enforcement schedule is based on Apple’s release date. For example, with a 2-week timeline, if Apple has not released a new update in the last 2 weeks, at the next check-in the system may begin enforcing the latest available update. Out-of-date Mac computers would then see the countdown and be required to update and restart. For your first time enforcing a minimum macOS version on your fleet, Iru Endpoint recommends using Manually Enforce Minimum Version and setting the enforcement deadline at least 5 days away so users get advance notifications instead of an immediate requirement.Related articles
Configure Managed OS for macOS
Configure managed OS updates for Mac computers
macOS Managed OS User Experience
What to expect when Managed OS updates run on your device
Understanding Issues with Managed OS for macOS
Understand how Managed OS works with DDM and macOS when troubleshooting updates
Declarative Device Management and Managed OS
About Apple DDM and Managed OS in Iru Endpoint