This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 81%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Hello,
I want to use Graph to update the iOS versions in different iOS update policies.
When looking up a policy I noticed this setting:
"enforcedSoftwareUpdateDelayInDays": null,
Is that an old deprecated setting or a feature that still has to be released? Because it sounds like something I'm looking for.
We have 4 environments that receive an iOS update after a specific timeframe after the update is released by Apple.
Because the iOS update policy does not take into account the delay configured in the device restrictions policy we always have to manually update the policy to the latest accepted version.
If we could just define a default delay in each policy that after x amount of days the update is download and installed automatically that would be great.
Full response:
Hello,
I want to use Graph to update the iOS versions in different iOS update policies.
When looking up a policy I noticed this setting:
"enforcedSoftwareUpdateDelayInDays": null,
Is that an old deprecated setting or a feature that still has to be released? Because it sounds like something I'm looking for.
We have 4 environments that receive an iOS update after a specific timeframe.
Because the iOS update policy does not take into account the delay configured in the device restrictions policy we always have to manually update the policy to the latest accepted version.
If we could just define a default delay in each policy that after x amount of days the update is download and installed automatically that would be great.
Full response:
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity",
"@odata.type": "#microsoft.graph.iosUpdateConfiguration",
"id": "abcd-efgh-ijklm-nopq-zrsabcdefgh",
"lastModifiedDateTime": "2023-01-11T08:21:11.9507753Z",
"roleScopeTagIds": [
"0"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": null,
"deviceManagementApplicabilityRuleOsVersion": null,
"deviceManagementApplicabilityRuleDeviceMode": null,
"createdDateTime": "2022-12-02T10:22:05.738444Z",
"description": "",
"displayName": "iOS_PRODUCTION_Update_Policy",
"version": 2,
"isEnabled": false,
"activeHoursStart": "00:00:00.0000000",
"activeHoursEnd": "00:00:00.0000000",
"desiredOsVersion": "16.2",
"scheduledInstallDays": [],
"utcTimeOffsetInMinutes": null,
"enforcedSoftwareUpdateDelayInDays": null,
"updateScheduleType": "alwaysUpdate",
"customUpdateTimeWindows": []
}
Thank you,
Joachim
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Joachim Berghmans, Thanks for posting in Q&A.
For the key "enforcedSoftwareUpdateDelay", it is used to delay visibility of updates to end users. For more details we can see in the following link:
Correctly, the feature is still there which you configured in device restriction. But this setting is used to hide an update from device users for a period of time on your supervised iOS/iPadOS devices. A restriction period can give you time to test an update before it's visible to users to install. After the device restriction period expires, the update becomes visible to users. Users can then choose to install it, or your Software update policies might automatically install it soon after.
For the software update download and install, it is controlled by iOS update policy with the setting "Schedule type". Software update policies install updates based on their own schedule, regardless of the update being hidden or visible to the device user.
For our situation, you can check what we configured the "Schedule type" and if the policy is applied to the device. Also see if the device is available during the scheduled time.
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.ns to the user's question.
@Joachim Berghmans, Hope things are going well. if there' s anything else we can help, feel free to let us know.
Hi Crystal,
Thank you for your answer.
For the key "enforcedSoftwareUpdateDelay", it is used to delay visibility of updates to end users. For more details we can see in the following link: https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-where-to-schedule-ios-policies/ba-p/280165
That article is out of date. That setting has moved to a device restriction policy.
But I guess this already answers my question. The value "enforcedSoftwareUpdateDelayInDays" comes from the deprecated setting in the iOS update policies.
I was hoping that an iOS update policy would take the delay of the device restriction policy into account.
If you put in the update policy to install the latest version it always installs the update straight away without the delay in the restriction policy. I guess this is expected behaviour?
Best regards,
Joachim
@Joachim Berghmans, Thansk for the reply. For the feature to define a default delay after x amount of days the update is download and installed automatically, you can request in Intune uservoice to see if it can be added again:
https://feedbackportal.microsoft.com/feedback/forum/ef1d6d38-fd1b-ec11-b6e7-0022481f8472
Meanwhile, when we configure "Latest update", then the delay visibility of software updates is no need to set. You can update directly as an expected behavior.
Hope it can help.
Thanks for the feedback.