Create a Mac Policy to Delay or Block Sonoma

On September 26th, 2023, Apple released the latest version of their operating system, macOS 14 Sonoma, to the general public.

Important:

If you're not yet ready for macOS 14 Sonoma, there are two settings to deliver to your MDM-enrolled macOS devices to prevent it from being installed.

To fully block the upgrade to macOS 14 Sonoma, configure two settings:

  1. To prevent the update from appearing in System Settings > Software Update, use Delay Major macOS Software Upgrades. Users with this policy set will not see macOS 14 Sonoma as an available upgrade.

Note:

Enforcement of this setting will depend if you're currently using Patch Management Policies:

  • If you're using patch policies, configure this via Policy Management > Patch Management > Defer Upgrade Releases.
  • If you're not using patch policies, configure this via the Delay Major MacOS Software Upgrades policy.
  1. Restrict the macOS Sonoma installer from running using the Block macOS Sonoma Installer Policy. Users are allowed to download the installer, but the installer will be blocked from launching. 

Prerequisites:

Delay Major macOS Upgrades

Delay macOS Upgrades Using Patch Management Policies

JumpCloud’s patch policies (Policy Management > Patch Management) help organizations manage their operating system versions, including managing new major version releases. The Major Upgrade Settings section allows you to specify a delay of up to 90 days for new major versions of macOS. See Create a macOS Patch Policy.

To add a delay, make sure Defer Upgrade Releases is selected, and then set a number of days from 1 to 90. The default is 30 days. 

For each policy in your patch rings (Vanguard, Early Adoption, General Adoption, Late Adoption), update the Major Upgrade Settings if you need to delay macOS 14 Sonoma.

Important:

After macOS 14 Sonoma is approved for use within your organization, uncheck Defer Upgrade Releases and allow upgrades to proceed as normal.

Automatic Action Changes

JumpCloud will implement updated Automatic actions for devices running older versions of macOS in October 2023, will allow admins to target older versions of macOS to upgrade automatically to macOS 14 Sonoma, and will set an Automatic action for devices running macOS 13 Ventura.

Delay macOS Upgrades Without Patch Management Policies

For customers not using Patch Management, you can access Apple’s Delay Major OS Upgrade settings through JumpCloud's Delay Major macOS Software Upgrades policy. 

To create a Delay Major macOS Software Upgrades policy:

  1. Log into your JumpCloud Admin Portal.
  2. Navigate to DEVICE MANAGEMENT > Policy Management.
  3. In the All tab, click (+).
  4. On the New Policy panel, select the Mac tab.
  5. Select the Delay Major MacOS Software Upgrades policy from the list, then click configure.
  6. (Optional) Add details or context regarding this policy to the Policy Notes.
  7. Under Settings, select Force Delayed Major Software Updates to delay major OS software updates from appearing for the length of time you specify in Software Upgrade Delay Days.
  8. For Software Upgrade Delay Days, specify the number of days to delay the software upgrade. The minimum value is 1 and the maximum is 90.
  9. (Optional) Select the Policy Groups tab and select one or more policy groups that will include this policy.
  10. Select the Device Groups tab and select one or more device groups where you’ll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.
  11. Select the Devices tab and select one or more devices where you’ll apply this policy.
  12. Click save.

Block macOS Sonoma Installer Policy

This policy prevents the macOS Sonoma installer from running on devices. If users have downloaded the installer via the App Store or other methods, the installer will be blocked from launching. 

  1. Log into your JumpCloud Admin Portal.
  2. Navigate to DEVICE MANAGEMENT > Policy Management.
  3. In the All tab, click (+).
  4. On the New Policy panel, select the Mac tab.
  5. Select the Block MacOS Sonoma Installer policy from the list, then click configure.
  6. (Optional) Select the Policy Groups tab and select one or more policy groups that will include this policy.
  7. Select the Device Groups tab and select one or more device groups where you’ll apply this policy. For device groups with multiple OS member types, the policy is applied only to the supported OS.
  8. Select the Devices tab and select one or more devices where you’ll apply this policy.
  9. Click save.
Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case