For IT and devops, Sequoia brings iCloud to VM Macs

news
Jun 20, 20244 mins
AppleDesktop VirtualizationMac

In macOS 15, you'll be able to sign into iCloud and other Apple ID services from virtual machines — a small but significant improvement for software developers and IT admins.

One small but key new feature for iCloud in macOS Sequoia should make developers and engineers a little happier, as it will be possible to sign into iCloud and other Apple ID (soon Apple Account) services from virtual machines.

This hasn’t been possible before, which has impeded developers and users hoping to test iCloud features in apps, including trialing iCloud sync on their software. It has also been an obstacle for any Mac user who just wanted easy access to iCloud data form within a virtual machine. 

Who is this feature for?

For most developers, the big advantage will be in software testing. Many developers need to test software in multiple Mac configurations, but not all of them have the fleets of Macs required. Given that so many app developers now make use of iCloud features or make use to some degree of iCloud sync (think calendars, for example), the inability to easily make such tests may impact customer experiences.

Developers who like to keep a firewall between clients and their projects by hosting these in different virtual machines should also benefit from this support, as it means their iCloud data and services remain consistently available independently of their workflow.

So, what is the deal? 

Apple says that so long as both the host machine and VM are running macOS 15 Sequoia or later, it will be possible to use iCloud and other Apple ID-related services with the hardware. It’s not a complete panacea, unfortunately. That’s because the need to run macOS 15 or later means developers wanting to trial older operating systems will still have problems. All the same, it means that over time, it will become possible to test the performance of older macOS versions as new iterations ship.

There are a few technical considerations, as explained in an Apple tech note:

  • If someone moves a VM to a different Mac host and restarts it, the Virtualization framework automatically creates a new identity for the VM using the information from the Secure Enclave of the new Mac host. The person using the VM will need to reauthenticate to allow iCloud to work.
  • The Mac will also detect attempts to start multiple copies of the same VM simultaneously on the same Mac host. 

Enterprise-ready Macs

This is just one of a slew of WWDC-announced improvements coming to Macs and other Apple devices this fall. These include improvements in device management, passkeys, software updates, and Safari management.

Admins can also install executables, scripts, and configuration files remotely via MDM, which should make it a little easier for organizations to deploy and manage services across their fleets. Apple Account (formerly Apple ID) management has also been improved to encourage organizations to use Managed Apple Accounts..

Another great improvement is in Activation Lock. There have been problems in which perfectly functional Macs that have been handed on for renewal or sold legitimately on second-hand markets have ceased to function because people have neglected to disable Activation Lock. Apple does have a process to help in cases of this kind, but at WWDC it introduced new support to enable IT admins to remove Activation Lock using Apple Business Manager, which should mitigate the unintentionally bricked Mac problem.

Finally, Declarative Management will replace MDM profiles for software updates, as well as for some other commands and queries. The beauty of this is that Declarative Management delivers far more transparency to admins, while also improving the experience for users — your Mac won’t suddenly enter an update cycle just as you sit down with the board to begin a critical business condition status presentation, for example.

One more thing: whispers tell me it is also going to be possible for IT to disable services such as access to OpenAI from within Apple Intelligence, so unapproved sharing of enterprise data should not happen on managed devices.

All told, WWDC has been really good for IT admins, who now enjoy access to a broad and growing range of powerful tools with which to manage their Apple fleets. This seems particularly timely as the size of those fleets continue to expand

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Exit mobile version