Note: There are many reports that Software Updates performed via MDM are not working as intended on M1 Devices. Please see the reports section at the end of this article.
Starting with macOS Big Sur, Apple has made drastic changes to how System Updates are performed on devices. More changes are seen on the new M1 (Silicon) Devices, which are as follows.
M1 updates now require manual interaction by an end-user with a Secure Token to input their password in order to perform the update for the following update use cases:
- The end-user going to the System Preferences > Software Updates and clicking Update themselves.
- Using the Policies page > Updates tab which will leverage the softwareupdate native tool
Note: Using the Policies page to update will only prompt the user to install using System Preferences. This is due to Apple restricting the functionality of their softwareupdate CLI tool. - Using the GoLive page > Updates tab on a device without:
A.) bootstrap token escrowed (This will be done after enrolling via MDM, to verify this, check out How to Verify the macOS Bootstrap Token Was Escrowed)
B.) (Devices not enrolled via Automated Device Enrollment) Allowing remote management of kernel extensions and automatic software updates
Note: The only use case that would not require end-user interaction would be using the GoLive page method mentioned above which uses MDM when meeting the criteria of A and B
Software/System Update Reports
- In Big Sur, Devices may not see available Software Updates: https://arstechnica.com/gadgets/2020/12/some-big-sur-users-are-unable-to-update-macos-due-to-an-mdm-bug/
- Software Updates prompt for User Authentication now, even when all conditions are met.
- Software Update CLI now always requires User Authentication and does not support Bootstrap Token.
- Install with Forced Restart does not work: https://developer.apple.com/forums/thread/671524
- MDM Updates on macOS are not reliable: https://developer.apple.com/forums/thread/672429
- MacOS 11.2.1 will not download: https://developer.apple.com/forums/thread/673357
- Disk Space is not calculated properly and could potentially cause data loss: https://mrmacintosh.com/big-sur-upgrade-not-enough-hd-space-serious-issue-possible-data-loss/