Softpedia >Mac >System Utilities >macOS Server >  Changelog

macOS Server Changelog

What's new in macOS Server 5.12.1

Jan 10, 2022
  • Bug fixes and performance improvements.

New in macOS Server 5.12 (Dec 9, 2021)

  • Xsan management has been removed from macOS Server. Starting with macOS Big Sur, command-line tools for Xsan management are included in macOS. See https://developer.apple.com/support/downloads/Xsan-Management-Guide.pdf to learn more.

New in macOS Server 5.11.1 (Apr 29, 2021)

  • Profile Manager performance improvements
  • New restrictions for Unpaired External Boot to Recovery and Unlock with Apple Watch
  • Support for Xsan management is now included in macOS Big Sur. See https://developer.apple.com/support/downloads/Xsan-Management-Guide.pdf to learn more about migrating to the new tools.

New in macOS Server 5.11 (Dec 15, 2020)

  • iOS/iPadOS:
  • Automated Device Enrollment: Skip Restore Completed and Update Completed panes in Setup Assistant
  • Install non-removable managed apps
  • Exchange ActiveSync: Override previous password
  • Network Usage Rules: Configure SIM rules
  • Notifications: Allow Notification previews on lock screen
  • Restrictions: Allow App Clips
  • WiFi: Disable association MAC randomization
  • Include eSIM Identifier "EID" in device info
  • iPadOS:
  • Education: Allow configuring only Shared iPad login window, not
  • Classroom:
  • Shared iPad: Manage quota-based users
  • Shared iPad: Disable temporary sessions
  • macOS:
  • Configure Auto Advance
  • Automated Device Enrollment: Skip Accessibility pane in Setup Assistant, show Server Activation Lock Bypass Code in device security info
  • Install managed apps
  • Account Configuration: Managed local user short name
  • Associated Domains: Enable direct downloads
  • Content Caching: Auto-enable tethered caching, send ContentCachingInformation command
  • Restrictions: Allow apps to get file provider info, Defer app updates
  • iOS/iPadOS/macOS:
  • VPN: Configure new system extension and network configuration keys
  • iOS/tvOS
  • Set time zone on supervised devices

New in macOS Server 5.10 (Apr 2, 2020)

  • Profile Manager
  • iOS:
  • Disable Shared iPad temporary users
  • macOS:
  • Device Enrollment: Enable FileVault support on first user login
  • Query Content Caching information
  • iOS and macOS:
  • Content Caching: Automatically Activate Internet Connection Sharing
  • VPN: Configure Provider Designated Requirement for Custom SSL connection type
  • VPN: Configure network options for Cisco, Juniper, Pulse, F5, SonicWall, Aruba, CheckPoint, and Custom SSL connection types
  • Send all traffic through VPN
  • Exclude local networks

New in macOS Server 5.9 (Oct 14, 2019)

  • IOS, macOS, tvOS:
  • WiFi: Configure WPA3 Personal security type
  • IOS and macOS:
  • Add consent text to manually downloadable and enrollment profiles
  • Configure extensible single sign-on payload
  • IOS:
  • Skip Dark Mode and Welcome panes in Setup Assistant
  • Configure new supervised only restrictions for allowing external drive access in Files app, continuous path keyboards, and force Wi-Fi to on
  • Exchange ActiveSync: Enable Mail, Calendar, Contacts, and Reminders individually for managed accounts
  • Single App Mode: Configure Voice Control
  • Refresh enterprise eSIM cellular plans
  • macOS:
  • Support Web-based authentication for Device Enrollment Program
  • Skip Screen Time and TouchID panes in Setup Assistant
  • Configure new account configuration options for DEP enrollment
  • Display Secure Boot and External Boot levels in Device Information
  • Support Bootstrap Token to enable mobile accounts to sign in on FileVault Macs
  • Manage Activation Lock: Enable Activation Lock, Clear Activation Lock, automatically fetch Activation Lock Bypass Code on Catalina enrolled Macs
  • Configure automatic macOS updates and app updates
  • Dock: Configure double click, recents, and tab settings
  • Configure Associated Web Domains payload
  • Configure Content Caching as infrastructure
  • TvOS:
  • Configure whether device will sleep

New in macOS Server 5.9 Beta 6 (Aug 22, 2019)

  • Profile Manager:
  • iOS:
  • Bug fixes and performance improvements.

New in macOS Server 5.9 Beta 5 (Aug 2, 2019)

  • Profile Manager:
  • iOS:
  • Bug fixes and performance improvements.

New in macOS Server 5.9 Beta 4 (Jul 17, 2019)

  • Profile Manager:
  • iOS:
  • Support for Find My Friends and Find My Device restrictions in the iOS 13 Find My app
  • Support for restriction to prevent mounting USB drives

New in macOS Server 5.8 (Mar 26, 2019)

  • Profile Manager
  • MacOS:
  • Export a pre-defined set of device information values for specified devices using a new command line tool, exportDeviceInfo
  • Skip TrueTone pane in Setup Assistant
  • Configure new restrictions: screen shot and remote screen observation
  • Configure Exchange Web Services authentication certificate
  • Configure Apple Remote Desktop access
  • Configure managed classes on student Macs
  • IOS:
  • Enable or disable Voice and Data Roaming and Personal Hotspot
  • Configure new restrictions: Personal Hotspot modification (supervised only), disable server-side Siri logging
  • Display phone number, ICCID and IMEI details of enrolled Dual SIM devices
  • MacOS and iOS:
  • Configure Certificate Transparency payload
  • TvOS:
  • Configure Managed Software Updates

New in macOS Server 5.8 Beta (Jan 25, 2019)

  • Profile Manager:
  • MacOS:
  • Export a pre-defined set of device information values for specified devices using a new
  • Command line tool, exportDeviceInfo
  • Skip TrueTone pane in Setup Assistant
  • Configure new restrictions: screen shot and remote screen observation
  • Configure Exchange Web Services authentication certificate
  • Configure Apple Remote Desktop access
  • IOS:
  • Enable or disable Voice and Data Roaming and Personal Hotspot
  • Configure new restrictions: Personal Hotspot modification (supervised only), disable
  • Server-side Siri logging
  • Display phone number, ICCID and IMEI details of enrolled Dual SIM devices
  • MacOS and iOS:
  • Configure Certificate Transparency payload
  • tvOS:
  • Configure Managed Software Updates

New in macOS Server 5.7.1 (Sep 30, 2018)

  • Profile Manager:
  • Profile Manager provides enhanced management capabilities and support for management of new features in macOS, iOS, and tvOS.
  • Configure an Apple Business Manager account
  • Install App Store apps for tvOS
  • Configure new restrictions, payloads, and commands:
  • macOS 10.13.4:
  • New Restrictions payload settings:
  • Allow proximity based password sharing requests
  • Allow password sharing
  • Allow password autofill
  • Allow software update installation for non-admin users
  • New Dock payload settings:
  • Show Recents in Dock
  • New Exchange payload settings:
  • Use OAuth for authentication
  • New Smart Card payload settings:
  • Require Smart Card
  • Enable screen saver on Smart Card removal
  • New Passcode payload settings:
  • Force password reset during next user authentication
  • New Security & Privacy payload settings:
  • Show personal recovery key
  • New Education payload settings:
  • Send to teacher-assigned Macs
  • New Xsan payload settings:
  • Ability to configure automatic mounts
  • Ability to specify Distributed LAN Client mount preferences
  • iOS 11.3:
  • New Restrictions payload settings:
  • Allow managed Contacts accounts to write to unmanaged accounts
  • Allow unmanaged Contacts accounts to read managed accounts
  • Disable eSIM (Supervised only)
  • Allow proximity based password sharing requests (Supervised only)
  • Allow password sharing (Supervised only)
  • Allow password autofill (Supervised only)
  • Force automatic date and time (Supervised only)
  • Allow USB restricted mode (Supervised only)
  • New Mail and Exchange payload settings:
  • Allow a user to enable or disable S/MIME signing
  • Allow a user to modify the selection of the S/MIME signing certificate
  • Allow a user to enable or disable S/MIME encryption
  • Allow a user to modify the selection of the S/MIME encryption certificate
  • New Exchange payload settings:
  • Use OAuth for authentication
  • New Notifications payload settings:
  • Specify whether an app is allowed to send critical alerts
  • Allow grouped notifications
  • Show in CarPlay
  • New VPN payload settings for IKEv2 configurations:
  • Ability to specify DNS server addresses
  • Ability to specify primary domain of the tunnel
  • Ability to specify DNS search domains
  • Ability to specify DNS supplemental match domains
  • New Setup Assistant pane Device Enrollment skip options:
  • iMessage, FaceTime & Screen Time:
  • Add Cellular Plan
  • Deprecated payloads:
  • macOS Server Accounts
  • New Commands:
  • Show SIM information
  • tvOS 11.3:
  • New restrictions payload settings:
  • Allow proximity based password sharing requests (supervised only)
  • New Commands:
  • Install Updates (only appears in the Action pop-up menu when updates are available on the selected Apple TV or Apple TV devices within a group)

New in macOS Server 5.6.3 (Sep 18, 2018)

  • Compatibility changes to support secure network communication with client applications in future releases of macOS and iOS

New in macOS Server 5.6 (Apr 17, 2018)

  • SERVER APP:
  • This Fall, Apple plans to cease bundling the open source services (Calendar Server, Contacts Server, Messages Server, Mail Server, DNS, DHCP, VPN Server, and Websites) in macOS Server, and will guide customers to acquire these same services directly from the open source providers. For more information, please refer to: https://support.apple.com/en-us/HT208312
  • To help prepare for this transition, these services— which are still included in macOS Server 5.6—will no longer be visible in the Server App sidebar for new installations. Existing installations that update to macOS Server 5.6 will be unaffected and will continue to work as usual.
  • We continue to actively develop and support the other features of macOS Server, including Open Directory, Profile Manager and Xsan management.
  • PROFILE MANAGER:
  • Support for new restrictions, payloads, and commands:
  • macOS 10.13.4:
  • Configure Software Update delay from 1-90 days (default 30 days)
  • Configure access to Accessibility APIs for testing apps
  • Enable and disable Bluetooth
  • Configure kernel extension permissions
  • Configure Content Caching
  • Device Enrollment Program Skip option for iCloud Storage
  • iOS 11.3:
  • Delay when a user will see a new Software Update in the UI (supervised only)
  • Configure Software Update delay from 1-90 days (default 30 days - supervised only)
  • ScheduleOSUpdate now supports an optional version number to install a specific eligible iOS version (supervised only)
  • Enable and disable Bluetooth (supervised only)
  • Require FaceID authentication before AutoFill (supervised only)
  • Disabled USB restricted mode (supervised only)
  • Require teacher consent to leave a teacher-created Classroom class (supervised only)
  • Restrict Remote connections from whitelisted devices (supervised only)
  • AlwaysOn VPN now supports a CellularServices service exception
  • Device Enrollment Program Skip option for Privacy pane
  • Erase Device command now supports preventing proximity setup in Setup Assistant
  • tvOS 11.3:
  • Configure Movie ratings, TV ratings, app ratings, explicit content
  • Device Enrollment Program skip option for "Where is this Apple TV?”

New in macOS Server 5.5 (Jan 24, 2018)

  • Profile Manager reliability and performance improvements
  • NetBoot bug fixes

New in macOS Server 5.4 (Sep 26, 2017)

  • Server App:
  • Caching Server, Time Machine Server, and File Sharing advanced options are now built directly into macOS
  • Caching Server now supports a tiered architecture
  • Xcode Server has been integrated into Xcode
  • Support for APFS volumes
  • Profile Manager:
  • Support for new restrictions, payloads, and management commands:
  • iOS 11:
New supervised-only restriction: Allow VPN creation
  • New supervised-only Classroom restrictions to allow managed class behavior for 
unmanaged classes on supervised devices: Force unprompted joining of classes, Force 
unprompted App and Device Lock, Force unprompted Screen Observation and AirPlay
  • New supervised-only AirPrint restrictions: Allow AirPrint, require trusted TLS certificates 
for AirPrint, Allow iBeacon discovery of AirPrint printers, Allow AirPrint credentials to be 
stored in keychain
  • AirPrint payload now supports specifying a port and whether connection must be TLS
  • VPN IKEv2 and Wi-Fi payloads now support specifying TLS min/max version
  • New supervised-only payload: DNS Proxy
  • Option to preserve data plan when erasing device
  • Option to install apps and books on iOS devices only when they are USB tethered with Ethernet
  • Software updates can now be installed on all supervised devices even while passcode 
locked 
Skip new Setup Assistant panes: Keyboard chooser and Watch migration 

  • macOS 10.13:
  • New macOS payload: Extensions
  • New macOS payload: Smart Card
  • New macOS payload: System Migration
  • VPN IKEv2 and Wi-Fi payloads now support specifying TLS min/max version
  • New macOS MDM commands: User List, Unlock User, Delete User, Shutdown, and 
Restart
  • New macOS MDM commands and status query for EFI password management
  • Option to apply 802.1X configuration to any Ethernet interface
  • Option to hide Siri setup screen on first login
  • New macOS FileVault key escrow mechanism 

  • tvOS 11:
  • New supervised-only restriction: Allow modifying device name
  • Wi-Fi payload now supports specifying TLS min/max version
  • Now supports Home Screen Layout payload
  • New tvOS payload: AirPlay Incoming Security

New in macOS Server 5.3.1 (May 16, 2017)

  • Fixes issues with VPP app assignment in Profile Manager

New in macOS Server 5.3 (Mar 28, 2017)

  • Caching Server:
  • Enhanced control over cache size
  • Profile Manager - Support for new device management capabilities introduced in tvOS 10.2:
  • Configure Device Enrollment Program settings including auto-advance through Setup Assistant
  • Install enterprise apps
  • Create new Conference Room Display and Single App Mode (enterprise apps only) profile payloads
  • Configure restrictions to disable AirPlay, disable pairing with Remote app, and require a passcode on first AirPlay pairing
  • Set name, restart, and erase
  • Support for new Configuration Profile payload changes and commands introduced in iOS 10.3:
  • Restrict WiFi network connections to managed networks only
  • Configure restrictions for Dictation and modification of AirPlay and View Screen permission settings
  • Specify separate S/MIME Sign and Encrypt certificates in the Mail and Exchange payloads
  • Restart, shut down, and play Lost Mode sound on a device
  • Location accuracy information provided for devices in Lost Mode
  • VPN on demand support for IKEv2 in the VPN payload
  • Set the supported IP versions for the default APN in the Cellular payload
  • Configure new restrictions introduced in macOS Sierra 10.12.4:
  • Allow Touch ID to unlock a supported Mac
  • Allow iCloud Drive
  • Allow iCloud Desktop & Documents
  • Allow iCloud Keychain, Mail, Contacts, Calendars, Reminders, and Bookmarks
  • Other new features include:
  • Ability to set device name at enrollment time
  • A new Classroom configuration option to allow modifying the AirPlay and View Screen permission on student devices
  • Ability to configure Class name format with a combination of Course Name and Class Number for classes synced from Apple School Manager
  • Automatic syncing of passcode type for Managed Apple IDs from Apple School Manager
  • Ability to assign ownership of a Mac enrolled without authentication
  • A new option to skip the Home Setup Assistant pane in the Device Enrollment Program settings

New in macOS Server 5.2 (Sep 20, 2016)

  • Profile Manager:
  • Integration with Apple School Manager to get Managed Apple ID and class information
  • Skip the iMessage & FaceTime Setup Assistant pane in iOS 10
  • Skip the Siri Setup Assistant pane in macOS Sierra version 10.12
  • Choose default app for audio calls for Contacts, Exchange, and Google accounts
  • Set Bluetooth Modification restriction on supervised devices
  • Set Apple Music; iCloud Keychain Sync; and Sharing to Notes, Reminders, or LinkedIn restrictions for macOS Sierra version 10.12
  • Set new IKEv2 authentication method option or specify IPSec disconnect on idle timeout for VPN
  • Restrict Cisco fast lane Quality of Service marking or disable captive network detection for Wi-Fi networks
  • Restrict unlocking a Mac using Apple Watch
  • Configure IP firewall
  • Caching Server:
  • Enhanced control over peer replication
  • SMB:
  • To improve security, SMB connections now require signing by default.
  • NFS:
  • AES is now a supported encryption type for Kerberized NFS
  • Xsan 5:
  • macOS Sierra and Server 5.2 include support for the Xsan 5 file system. Xsan 5 is compatible with the Quantum StorNext 5.3 file system.
  • See Xsan Compatibility information before upgrading to Xsan 5.

New in macOS Server 5.1.7 (Jul 18, 2016)

  • Profile Manager:
  • Fixed an issue affecting Server installations configured with a third-party SSL certificate that prevented MDM enrollment using DEP

New in macOS Server 5.1.5 (May 16, 2016)

  • Profile Manager:
  • Configure grace period before passcode is required on Shared iPad
  • Support for skipping the True Tone Setup Assistant pane introduced in iOS 9.3
  • New commands (Shared iPad only): Enable/Disable Diagnostic Submission and App
  • Analytics
  • New Restrictions (supervised only): Allow Diagnostic Submission Modification
  • OS X Server 5.1 included the following new features and improvements:
  • OS X Server 5.1 requires OS X 10.11.4 (previous versions of OS X Server will not work on 10.11.4)
  • Support for TLS 1.2
  • Support for new Education features in iOS 9.3
  • Profile Manager:
  • Support for Shared iPad
  • Configure Shared iPad
  • Configure class roster shown in login window
  • Some settings can be applied to specific users on a Shared iPad: Accounts, Home Screen Layout, Notifications, Restrictions and Safari AutoFill
  • New commands: Force User Logout, Delete User, Enable/Disable Lost Mode, Get Device Location
  • Support for Classroom
  • Create classes
  • Configure Classroom
  • Allow Screen View in Classroom restriction
  • New commands (DEP devices): Enable/Disable Activation Lock
  • New payloads (supervised only): Notifications; Lock Screen Message
  • New setting in Exchange and Mail payloads: Allow Mail Drop
  • New Restrictions (supervised only): Allow Apple Music; Allow Radio; Allow Notifications Modification; Apps Shown on Home Screen
  • New Restrictions: Allow iCloud Photo Library, Allow Screen View in Classroom
  • Support for installing major OS X updates
  • L2TP/IPsec VPN profiles now require 2048-bit or stronger Diffie-Hellman groups
  • Caching Server:
  • Supports caching user data for Shared iPad
  • Performance optimizations for iCloud data caching
  • Automatic throttling of uploads when upstream bandwidth is restricted

New in macOS Server 5.1 (Mar 21, 2016)

  • OS X Server 5.1 requires OS X 10.11.4 (previous versions of OS X Server will not work on 10.11.4)
  • Support for TLS 1.2
  • Support for new Education features in iOS 9.3
  • Profile Manager:
  • Support for Shared iPad
  • Configure Shared iPad
  • Configure class roster shown in login window
  • Some settings can be applied to specific users on a Shared iPad: Accounts, Home Screen Layout, Notifications, Restrictions and Safari AutoFill
  • New commands: Force User Logout, Delete User, Enable/Disable Lost Mode, Get Device Location
  • Support for Classroom:
  • Create classes
  • Configure Classroom
  • Allow Screen View in Classroom restriction
  • New commands (DEP devices): Enable/Disable Activation Lock
  • New payloads (supervised only): Notifications; Lock Screen Message
  • New setting in Exchange and Mail payloads: Allow Mail Drop
  • New Restrictions (supervised only): Allow Apple Music; Allow Radio; Allow Notifications Modification; Apps Shown on Home Screen
  • New Restrictions: Allow iCloud Photo Library, Allow Screen View in Classroom
  • Support for installing major OS X updates
  • L2TP/IPsec VPN profiles now require 2048-bit or stronger Diffie-Hellman groups
  • Caching Server:
  • Supports caching user data for Shared iPad
  • Performance optimizations for iCloud data caching
  • Automatic throttling of uploads when upstream bandwidth is restricted

New in macOS Server 5.0.15 (Oct 21, 2015)

  • Improves reliability of upgrade and migration.
  • Fixes several Web Server and WebDAV issues.
  • Improves performance of the Profile Manager administration portal.
  • Enhances stability and performance for iCloud caching and iOS file sharing.
  • Fixes an issue where standard users were sometimes shown as administrators.

New in macOS Server 5.0.3 (Sep 17, 2015)

  • Server Application:
  • OS X Server 5.0 features a cleaner, more consistent user interface.
  • OS X Server 5.0 is now operating system version independent. The same version of Server can be used on Mac computers running OS X Yosemite 10.10.5 and OS X El Capitan 10.11.
  • OS X Server can perform network diagnostic tests to verify that your server is accessible from the Internet. New diagnostic tests include the ability to verify when specific websites are no longer reachable and when DNS MX records are incorrectly configured or missing.
  • Caching Server:
  • Caching Server can accelerate the download of iCloud data, including documents in iCloud Drive and photos. Enabling iCloud Acceleration reduces the amount of iCloud data that must be downloaded when users have multiple devices on the same network.
  • File Sharing:
  • iOS 9 users can easily access and store documents on OS X Server. Once a share point is created, it can be shared to iOS devices and made available using traditional file sharing protocols such as SMB and AFP. This allows users to open, edit and save documents from both iOS 9 and OS X 10.11.
  • Profile Manager:
  • Profile Manager supports new MDM commands and queries as well as Configuration Profile payloads and settings introduced in iOS 9 and OS X 10.11.
  • iOS and OS X:
  • Device-based Volume Purchase Program (VPP) app assignment: Assign VPP apps to devices instead of a user’s Apple ID. This allows for the installation of VPP apps on iOS devices and Mac computers without configuring an Apple ID or sending an invitation.
  • VPP Managed Distribution migration: Migrate apps already installed on a device from assignment to a user’s Apple ID to assignment to that device without deleting the app or user data.
  • App installation improvements: App Store apps can be installed even if the App Store is disabled. This includes newly assigned apps and app updates.
  • iOS 9:
  • Single Sign-On: Apps configured to use Kerberos will automatically launch per-app VPN when a user logs in to that app.
  • Skip steps in Setup Assistant: Devices enrolled in the Device Enrolment Program (DEP) can be configured to remove the new Move from Android option from the Setup pane in Setup Assistant.
  • Update to latest iOS: Update DEP-enrolled supervised devices to the latest iOS.
  • Network usage rules: Network usage rules allow organizations to specify how managed apps use networks, such as cellular data networks; for example, restricting the app’s ability to connect over cellular or when roaming on other networks. These rules apply only to managed apps.
  • New device restrictions: Prevent Mail Drop; prevent trusting new enterprise app authors; prevent the use of AirDrop when the app is managed.
  • New restrictions for supervised devices: Prevent changing the wallpaper; prevent changing the device name; prevent enabling iCloud Photo Library; prevent keyboard shortcuts; prevent pairing with Apple Watch; prevent setting a passcode.
  • OS X Server accounts can be added in the Mail, Contacts and Calendars section of the Settings application in iOS 9.
  • OS X El Capitan:
  • Create a standard account or skip account setup during DEP enrolment: Configure OS X Setup Assistant to create a new standard (non-admin) account or skip account creation entirely during DEP enrolment.
  • Hidden administrator account: Automatically create an administrator account during initial system setup. The presence of this account can be hidden from standard users.
  • New MDM commands: Install Software Update on DEP-enrolled Mac Computers; Get Active Managed Users.
  • New restrictions: Prevent the use of iCloud documents and data; prevent Spotlight suggestions; prevent use of iSight camera; prevent sending diagnostic data to Apple; prevent dictionary lookup.

New in macOS Server 4.1.5 (Aug 13, 2015)

  • Updated for compatibility with OS X Yosemite 10.10.5.
  • Improved MDM command reliability.

New in macOS Server 4.1.3 (Jul 1, 2015)

  • Updated for OS X Yosemite 10.10.4.
  • Profile Manager support for new features, Mobile Device Management commands, and payloads introduced in iOS 8.3.
  • Caching Server configuration option to output DNS TXT records in Windows format.
  • Messages service improvements for group access.
  • Enhancements for Profile Manager device searching.
  • User and Group accounts can now be exported to a file.
  • Improved reliability of Time Machine backups and restores.
  • Fixed an issue that could cause Server to stall when updating Profile Manager, Calendar, and Wiki services.
  • Updated Profile Manager enrollment profile handling.
  • Improved Web service remote administration.
  • Fixed an issue where Firewall rules were incorrectly being applied after reboot.
  • Wiki service improvements on iPad.

New in macOS Server 4.1 (Apr 9, 2015)

  • Updated for OS X Yosemite 10.10.3.
  • Profile Manager support for new features, Mobile Device Management commands, and payloads introduced in iOS 8.3.
  • Caching Server configuration option to output DNS TXT records in Windows format.
  • Messages service improvements for group access.
  • Enhancements for Profile Manager device searching.
  • User and Group accounts can now be exported to a file.
  • Improved reliability of Time Machine backups and restores.
  • Fixed an issue that could cause Server to stall when updating Profile Manager and Wiki services.

New in macOS Server 4.1 (Apr 9, 2015)

  • Updated for OS X Yosemite 10.10.3.
  • Profile Manager support for new features, Mobile Device Management commands, and payloads introduced in iOS 8.3.
  • Caching Server configuration option to output DNS TXT records in Windows format.
  • Messages service improvements for group access.
  • Enhancements for Profile Manager device searching.
  • User and Group accounts can now be exported to a file.
  • Improved reliability of Time Machine backups and restores.
  • Fixed an issue that could cause Server to stall when updating Profile Manager and Wiki services.

New in macOS Server 4.0.3 (Jan 7, 2015)

  • Updated for OS X Yosemite and iOS 8.
  • SMB3 is the new default protocol for sharing files in OS X Yosemite. SMB3 helps protect against tampering and eavesdropping by encrypting and signing data “in-flight.”
  • Caching Server supports IP address range registration for caching content in non-NAT’ed networks.
  • Profile Manager support for new features in iOS 8 and OS X Yosemite, including Handoff and push install of OS X enterprise apps and iOS media assets including PDF, ePub, and iBooks Author files.
  • Redesigned Mail Server interface for setting up email for multiple domains.
  • Meeting room addresses can be stored in Calendar Server, allowing clients to associate map locations and travel times.
  • Simplified setup of Xsan volumes and clients using the Server application and Configuration Profiles.
  • Server now performs network diagnostic tests to verify that your server is accessible from the Internet. Network diagnostic tests verify reachability by checking your server's host name, service ports, and DNS MX records.
  • Firewall and user/group-based service access controls can now be defined in the Access tab of Server pane. Access restrictions can be applied in multiple levels — for all networks, local networks, this Mac, custom networks, and specific users and groups.
  • Xcode Server compatibility with Xcode 6.
  • Improved graphs and visual stats.

New in macOS Server 3.2.1 (Sep 18, 2014)

  • Profile Manager support for new features in iOS 8 and OS X Yosemite, including:
  • Install PDF, ePub, and iBooks Author files on iOS via MDM
  • Install OS X enterprise apps via MDM
  • Rename Mac and iOS devices via MDM
  • Prevent managed apps from storing data in iCloud on iOS 8
  • Restrict cellular data usage, Handoff, syncing, managed books and Spotlight search on iOS 8
  • Prevent login after a specified number of incorrect attempts on OS X Yosemite
  • Configure WPA2 Enterprise and WPA2-PSK security types in Network settings
  • Configure Always-on VPN and Internet Key Exchange (IKEv2) in VPN settings
  • Configure managed web domains on iOS 8 and mail domains on iOS 8 and OS X Yosemite
  • Xcode Server compatibility with Xcode 6
  • Also addresses the following security issue:
  • CoreCollaboration
  • Available for: OS X Mountain Lion v10.8.5
  • Impact: A remote attacker may be able to execute arbitrary SQL queries
  • Description: A SQL injection issue existed in Wiki Server. This issue was addressed through additional validation of SQL queries.
  • CVE-ID: CVE-2014-4424 (Sajjad Pourali ([email protected]) of CERT of
  • Ferdowsi University of Mashhad)

New in macOS Server 3.1.2 (May 21, 2014)

  • Calendar Server improvements for imports, invites and group scheduling
  • Improvements to Messages Server stability when using Chat Rooms
  • Fixes for Profile Manager deploying profiles containing variables when code signing is enabled
  • Improved Profile Manager reliability for sending Volume Purchase Program invitations
  • Fixes to enable Profile Manager to manage Device Enrollment Program systems with long descriptive names

New in macOS Server 3.1.1 (Mar 25, 2014)

  • Profile Manager support for the Device Enrollment Program
  • Management of Fonts, AirPrint and Wi-Fi Hotspot 2.0 settings
  • Improved Profile Manager scalability when syncing with large directories
  • Management of Activation Lock on supervised iOS 7.1 devices
  • Enhanced permissions for accessing My Device portal and for device enrollment

New in macOS Server 3.1 (Mar 18, 2014)

  • Profile Manager support for the Device Enrollment Program
  • Management of Fonts, AirPrint and Wi-Fi Hotspot 2.0 settings
  • Improved Profile Manager scalability when syncing with large directories
  • Management of Activation Lock on supervised iOS 7.1 devices
  • Enhanced permissions for accessing My Device portal and for device enrollment

New in macOS Server 3.0.3 (Feb 26, 2014)

  • Fixes an Xcode Server issue preventing the addition of new users.

New in macOS Server 3.0.2 (Jan 7, 2014)

  • LT2P VPN issues fixed via installation of separate VPN Update for OS X Server
  • Requires OS X Mavericks version 10.9.1
  • Fixes for various login and migration issues
  • Addresses an issue using Xcode services with Git repositories
  • Improvements for sending push notifications to MDM devices

New in macOS Server 3.0.1 (Nov 12, 2013)

  • Fixes for various Profile Manager migration issues.

New in macOS Server 3.0 (Oct 23, 2013)

  • Addresses the following security issues:
  • PROFILE MANAGER:
  • Available for: OS X Mavericks v10.9 or later
  • Impact: A remote attacker may be able to cause a denial of service
  • Description: The JSON Ruby Gem permanently allocated memory when parsing certain constructs in its input. An attacker could exploit this to use all available memory leading to a denial of service. This issue was addressed through additional validation of JSON data.
  • CVE-ID: CVE-2013-0269
  • PROFILE MANAGER:
  • Available for: OS X Mountain Lion v10.9 or later
  • Impact: Multiple issues in Ruby on Rails
  • Description: Multiple issues existed in Ruby on Rails, the most serious of which may lead to cross site scripting. These issues were addressed by updating the Rails implementation used by Profile Manager to version 2.3.18.
  • CVE-ID: CVE-2013-1854, CVE-2013-1855, CVE-2013-1856, CVE-2013-1857
  • FREERADIUS:
  • Available for: OS X Mavericks v10.9 or later
  • Impact: A remote attacker may be able to cause a denial of service or arbitrary code execution
  • Description: A buffer overflow existed in FreeRADIUS when parsing the 'not after' timestamp in a client certificate, when using TLS-based EAP methods. This issue was addressed by updating FreeRADIUS to version 2.2.0.
  • CVE-ID: CVE-2012-3547
  • SERVER APP:
  • Available for: OS X Mavericks v10.9 or later
  • Impact: Server may use a fallback certificate during authentication
  • Description: A logic issue existed whereby the RADIUS service could choose an incorrect certificate from the list of configured certificates. The issue was addressed by using the same certificate as other services.
  • CVE-ID: CVE-2013-5143 (Arek Dreyer of Dreyer Network Consultants, Inc.)

New in macOS Server 2.2.1 (Feb 5, 2013)

  • Caching Server to speed up download of software distributed by Apple through the Mac App Store.
  • Time Machine service monitoring of which computers have backed up, when they last backed up and size of backup.
  • Wiki Server support for MacBook Pro with Retina displays.
  • Fix for deleting apps uploaded to Profile Manager.
  • Ability to use Active Directory groups within Profile Manager.
  • Centralized Certificate management interface.
  • Fix for setup failures due to an SSL error.
  • Fixes for upgrading from Lion Server.

New in macOS Server 2.2 (Dec 7, 2012)

  • Caching Server to speed up download of software distributed by Apple through the Mac App Store.
  • Time Machine service monitoring of which computers have backed up, when they last backed up and size of backup.
  • Wiki Server support for MacBook Pro with Retina display.
  • Fix for deleting apps uploaded to Profile Manager.
  • Ability to use Active Directory groups within Profile Manager.
  • Centralized Certificate management interface.

New in macOS Server 2.1.1 (Sep 27, 2012)

  • managing DHCP service from within the Server application
  • iOS 6 device management support in Profile Manager
  • using the Server application to create a large number of users or groups
  • authenticating with Calendar Server when using an Active Directory account
  • renewing certificates for use with the Apple Push Notification Service
  • configuring DNS entries with second level domains and aliases
  • retaining network, DNS and PHP settings installing or upgrading OS X Server
  • migrating from Lion Server and Snow Leopard Server

New in macOS Server 2.1 (Sep 21, 2012)

  • Recommended for all servers running OS X Server on Mountain Lion. This update includes general fixes that enhance stability, compatibility and security of your server. It includes specific fixes for:
  • managing DHCP service from within the Server application
  • iOS 6 device management support in Profile Manager
  • using the Server application to create a large number of users or groups
  • authenticating with Calendar Server when using an Active Directory account
  • renewing certificates for use with the Apple Push Notification Service
  • configuring DNS entries with second level domains and aliases
  • migrating from Lion Server and Snow Leopard Server
  • Server app:
  • Server app now has the ability to manage the DHCP service; for more information, see About the DHCP Service.
  • Allows the ability to manage the blacklist settings for the Mail service.
  • Prevents spurious "Host name changed" alert messages after restarting.
  • Addresses an issue in which. under certain circumstances, AirPort Base Stations couldn’t be managed after upgrading from a previous version of OS X Server.
  • Allows for setting a default NetBoot image in Server app.
  • Addresses an issue where migration from previous versions of Server app might not work if certain languages were used.
  • Allows for faster user account creation when larger numbers of accounts already exist.
  • Allows Active Directory users to authenticate to the Calendar service on after migrating from previous versions of OS X Server.
  • Mail service:
  • Addresses several issues with the Mail service after migrating from previous versions of OS X Server.
  • Profile Manager:
  • Allows managing the ability to connect to the Mac App Store only for software updates.
  • Allows management of iOS 6 features.
  • Software Update service:
  • Addresses an issue in which the catalog files were not properly updated after migrating from a previous version of OS X Server.
  • Website service:
  • Addresses some issues with migrating from previous versions of OS X Server.