CalvinBackup/apple-device-management-mdm
1
0
Fork 0
mirror of https://github.com/apple/device-management.git synced 2026-02-12 17:52:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Release-v26.2

Browse Source
This commit is contained in:
Cyrus Daboo
2025-12-08 12:44:36 -05:00
parent bfcc8bbd01
commit f878dea98f
7 changed files with 61 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -8,17 +8,11 @@ This release corresponds to the following OS versions
| OS | Version | | OS | Version |
|----------|---------| |----------|---------|
| iOS | 26.1 | | iOS | 26.2 |
| macOS | 26.1 | | macOS | 26.2 |
| tvOS | 26.1 | | tvOS | 26.2 |
| visionOS | 26.1 | | visionOS | 26.2 |
| watchOS | 26.1 | | watchOS | 26.2 |
## Important Release Notes
### Declarative device management related status
Declarative device management configuration schema now includes a `related-status-items` key to show the relationship between status items and configurations.
## What's Available ## What's Available

6
docs/errata.md
View File

@@ -2,6 +2,12 @@
This document lists errata for the YAML schema. This is used when older versions of the schema are incorrect, and a fix was made in later schema to correct the problem. This document lists errata for the YAML schema. This is used when older versions of the schema are incorrect, and a fix was made in later schema to correct the problem.
## macOS 26.2
### mdm/commands/remove-application.yaml
The `remove-application` command was incorrectly marked as disallowed on user enrollments on macOS. It is allowed on user enrollments.
## iOS 26.1 / tvOS 26.1 ## iOS 26.1 / tvOS 26.1
### mdm/profiles/com.apple.homescreenlayout.yaml ### mdm/profiles/com.apple.homescreenlayout.yaml

2
mdm/commands/application.remove.yaml
View File

@@ -22,7 +22,7 @@ payload:
supervised: false supervised: false
requiresdep: false requiresdep: false
userenrollment: userenrollment:
mode: forbidden mode: allowed
tvOS: tvOS:
introduced: '10.2' introduced: '10.2'
accessrights: AllowAppInstallation accessrights: AllowAppInstallation

4
mdm/profiles/com.apple.TCC.configuration-profile-policy.yaml
View File

@@ -155,7 +155,9 @@ payloadkeys:
- key: Accessibility - key: Accessibility
type: <array> type: <array>
presence: optional presence: optional
content: Specifies the policies for the app via the Accessibility subsystem. content: Specifies the policies for the app via the Accessibility subsystem. The
ability to grant access by this profile is deprecated as of macOS 26.2, and
will be removed in macOS 27.0.
subkeytype: Identity subkeytype: Identity
subkeys: *id001 subkeys: *id001
- key: PostEvent - key: PostEvent

12
mdm/profiles/com.apple.extensiblesso.yaml
View File

@@ -361,6 +361,18 @@ payloadkeys:
- `com.apple.security.pkcs12` - `com.apple.security.pkcs12`
- `com.apple.security.acme` - `com.apple.security.acme`
- `com.apple.security.scep` - `com.apple.security.scep`
- key: AccessKeyReaderIssuerCertificateUUID
supportedOS:
macOS:
introduced: '26.2'
type: <string>
presence: optional
content: The `PayloadUUID` of a certificate payload for the issuer certificate
of the `Terminal` identity of the access key. Other specifications refer to
the key as the "Reader CA Public Key". The key must be an elliptic curve key.
Required if `NewUserAuthenticationMethods` includes `AccessKey`. The issuer
of the Terminal identity of the access key needs to match this certificate,
otherwise the device fails the authentication.
- key: AllowAccessKeyExpressMode - key: AllowAccessKeyExpressMode
supportedOS: supportedOS:
macOS: macOS:

20
other/machineinfo.yaml
View File

@@ -211,6 +211,26 @@ payloadkeys:
If `true`, indicates that the server can trigger the device to do a required Platform SSO authentication before enrolling. If `true`, indicates that the server can trigger the device to do a required Platform SSO authentication before enrolling.
Available on macOS 26 and later. Available on macOS 26 and later.
- key: MANDATORY_SOFTWARE_UPDATE_REQUIRED
title: Mandatory software update is required
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '26.1'
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: |-
If `true`, indicates that the device requires a mandatory software update during Setup Assistant. The MDM server can return a 403 with a `ErrorCodeSoftwareUpdateRequired` error to force the device to update to a specific version instead of the device choosing a version.
Available on macOS 26.1 and later.
notes: notes:
- title: '' - title: ''
content: This dictionary is CMS-signed with the device identity certificate. The content: This dictionary is CMS-signed with the device identity certificate. The

14
other/skipkeys.yaml
View File

@@ -51,6 +51,20 @@ payloadkeys:
type: <string> type: <string>
presence: optional presence: optional
content: The key to skip the Action Button configuration pane. content: The key to skip the Action Button configuration pane.
- key: AgeAssurance
title: Skip Age Assurance pane
supportedOS:
iOS:
introduced: '26.2'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
type: <string>
presence: optional
content: The key to skip the Age Assurance pane.
- key: AgeBasedSafetySettings - key: AgeBasedSafetySettings
title: Skip Age Based Safety Settings pane title: Skip Age Based Safety Settings pane
supportedOS: supportedOS: