OS upgrades 2024: macOS Feature Blog: Enterprise

This blog discusses the major features and functionalities from the macOS 15 Sequoia release like Setup Assistant, Apple Intelligence (including options to control it), and Managed Apple Accounts.

September 16 2024 by

Sean Smith

Apple computers running macOS Sequioa, managed by Jamf

Today, Apple released macOS 15 Sequoia!

As Apple continues to evolve how employees work, Jamf is evolving how we enable organizations to succeed with their new operating systems. By delivering operating system compatibility, admins can be confident their current workflows remain intact. And with support for key MDM features, admins can introduce new workflows into their environment.

Organizations of all types look for ways to improve management and security processes — including safely implementing new MDM features and reducing security vulnerabilities all while enhancing the end-user experience. With the release of macOS 15 Sequoia today, Apple has once again helped organizations do exactly that.

For more granular information including same-day compatibility, its impact on maintaining compliance and the newest Apple features Jamf Pro supports, visit our detailed release blog, or read on for highlights of key features new to macOS 15 Sequoia.

macOS 15

Apple Intelligence

One of the most highly anticipated features coming to macOS 15 Sequoia (and iOS 18 and iPadOS 18) is Apple Intelligence. Designed with privacy in mind, Apple Intelligence offers users a personalized intelligence system integrated across the entire macOS 15 experience that leverages generative models to create text and images while taking actions with a deep understanding of a user’s context.

The first set of Apple Intelligence features will be available next month for iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1. At that time, we intend to make support available for managing Apple Intelligence features on managed devices based on the documentation Apple has shared. Jamf Pro 11.9 supports the beta MDM restrictions to allow or disallow Apple Intelligence features like Genmoji, Image Playground, Image Wand and Writing Tools.

Setup Assistant updates

For Apple users, unboxing a new device is an important step in making the device theirs. Many employees use Macs that are owned by their organization, but the feeling of unboxing a device – whomever owns it – is important to the user experience and productivity. Organizations can choose to not display the following panes for computers and mobile devices:

  • Intelligence* (macOS 15 or later)
  • Welcome (macOS 15 or later)

The options above can be configured in two ways: in a new or existing PreStage enrollment for computers or mobile devices or via a mobile device configuration profile. An important note: Skipping Intelligence in Setup Assistant does not allow or disallow Apple Intelligence. Instead, admins should allow or disallow Apple Intelligence by using beta MDM restrictions.

You can apply these new settings with Jamf Pro 11.9 or later.

*Feature support is based on testing with the latest Apple beta releases.

New to Mac management?

Private Wi-Fi Address

Media Access Control (MAC) address randomization is another name for the technology that improves privacy by using a different MAC address with each Wi-Fi network, making it more difficult to track that device. It protects a user's privacy when connecting to any wireless network, like at work, home or at a coffeeshop.

Organizations use a device’s MAC address as an identifier to know which devices are connected to a managed network and implement measures to only allow certain devices to connect. This practice is known as MAC address filtering and it relies on a device having the same MAC address to allow only approved devices to connect to secured networks.

In macOS 15, there is a new profile key DisableAssociationMacRandomization for organizations to disable the use of Private Wi-Fi Addresses for enterprise wireless networks. This means that organizations can use this MDM payload to make sure there is not a randomized MAC address when connecting to corporate Wi-Fi networks.

This configuration applies to only managed networks. So, when an organizational device connects to an unmanaged network, like the airport or coffeeshop’s, the Private Address functionality remains enabled.

You can implement this new key with Jamf Pro 11.9 or later.

Passkey and hardware key support during macOS enrollment

In a future macOS 15 release, Setup Assistant will support ASWebAuthenticationSession, allowing support for passkeys and supported hardware security keys during enrollment.

If the identity provider (IdP) your organization uses for single sign-on with Jamf Pro supports FIDO2 authentication methods, users will now be able to use passwordless authentication methods during the Automated Device Enrollment process.

Platform Updates

Managed Apple Accounts

Formerly known as Managed Apple IDs, Managed Apple Accounts are designed specifically for use by a business. Similar to Personal Apple Account, a Managed Apple Account is created to personalize a device and software. Together with Apple Business Manager, administrators can easily create a Managed Apple Account for each employee using their existing company credentials. Updates to Managed Apple Accounts impacts any type of Apple device managed at your organization.

This year, IT admins will have the ability to limit new Apple Accounts created on their domain to be only a Managed Apple Account. On top of that, admins can now capture Apple Accounts that use their organization’s domain without having to connect to an IdP. This will help organizations manage and own all Apple Accounts using their enterprise-owned domain.

But that is not all for Managed Apple Accounts. Users will also be able to convert their existing account into a Managed Apple Account (this is helpful if a user was leveraging a Personal Apple Account for work purposes). By converting the existing account to a Managed Apple Account, it automatically adds that account to an organizations Apple Business Manager or Apple School Manager portal.

Jamf support for your updates

An Apple operating system release is an exciting (and busy) time for IT and security admins. At Jamf, supporting organizations by providing an easy upgrade path, while enabling the most impactful client features, is part of how we help organizations succeed with Apple.

Be ready to support your device fleet and users on macOS Sequioa release day!

Try Jamf Pro and see how same-day compatibility makes a difference in your enteprise.