Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
448 results found
-
Admin Console Banner
Allow customization of the banner at the top of the admin pane after login. Currently you have a banner that states:
"You are currently viewing the new Ul for the Devices page. If you would like to temporarily switch back to the old view, click here."
We have a specific requirement to add a banner to any system with user-added content about what type of data is allowed to be uploaded. It would be awesome to be able to customize the banner to add a message to users of the system.
12 votes -
Notifications: When a device *has been* seen... in addition to device has not been seen for X days / months
Notifications: When a device has been seen... in addition to device has not been seen for X days / months
I only can find:
When a VPP token is set to expire
When a DEP token is set to expire
When a push certificate is set to expire
When a device enrolls
When a device hasn't been seen for
When the SimpleMDM iOS app stops reporting location forBut there is no option for Notification "Last seen Devices", not meant
"When a device .."Need > When a device has been seen...
4 votes -
Allow setting scope values when uploading a new Custom Configuration Profile via API
When using the SimpleMDM portal to upload a new custom configuration profile, you are able to define a scope for the profile - targeted OS, min/max OS version, and Mac architecture.
It would be useful to be able to define these values via the Create (POST)
custom_configuration_profiles
API [https://api.simplemdm.com/#create-4].13 votes -
Extend the devices - list profiles API method to return ALL profiles that a device is assigned
The list profiles method in the devices API endpoint only returns profiles that are directly assigned to the device; it would be very helpful to the data returned included all profiles assigned to that device, including profiles assigned through groups, etc, along with an attribute that identifies how the profile is assigned.
17 votes -
Record administrator logins in Logs
Currently, there is no visibility in the logs when an admin session is started from a login. We'd like to see log in and log out for at least "local" SimpleMDM accounts if not IdP initiated sessions as well, populated into the admin namespace. It would be helpful if the logs contained the account email, IP address they are logging in from, and the usual timestamp / "At" value. A user agent value would be a bonus but it's understandable if that's not available.
23 votes -
Add new Microsoft Teams to Shared Catalog
Microsoft is rolling out an updated Teams experience or Mac, with a new binary that can be installed alongside the Classic teams experience. Please add the standalone installer to the shared catalog alongside the existing Teams (and possibly rename teams to Classic, like MS does?) https://go.microsoft.com/fwlink/?linkid=2249065
9 votes -
Sort the Scripts -> Jobs -> History tab by newest to oldest by default
Right now, the sorting is by name (I think?) which is not useful. It would be great to show the most recently queued jobs in the history first by default.
10 votes -
Add Reporting Tool
It'd be great to have a reporting tool in the GUI. This way I can easily look up a specific app and see what version is installed on multiple/all devices. I know there is an API tool but having something in the GUI would be great.
1 vote -
Report on profile status - pending, installed, failed
SimpleMDM currently only surfaces profile assignment in the main profiles UI. To see the status of a specific profile on a device an admin must navigate to a device record. What information isn't readily available is the status of a profile. Even if it's assigned to 100 devices, there's no way to tell how many of those devices the profile successfully installed.
Specifically asking...
- Add three columns to the view at/profiles
in the UI - installed, pending, failed.
- In the profiles and custom profiles API endpoints include data about these status as well.The major driver behind…
11 votes -
visionOS Management Support
WIth visionOS 1.1 management is possible. https://github.com/apple/device-management/tree/seed_iOS-17.4_macOS-14.4
We have an increasing number of devices that we would like to get basic management on.4 votes -
Route SSO-only users to their account-specific SSO
When our SSO-only users go to a SimpleMDM bookmark in their browser, they get routed to the email/password login page. Since SSO login (via SAML) requires an organization-specific sign-in page, they don't know where to go to sign in.
A suggestion that I hope would help here would be to route a user whose account is SSO-only to their organization's SAML login page so that they can complete their sign-in flow. This could either be letting them enter their email on the existing login page or having a button on the page for "Log in via SSO" so they could…
4 votes -
Auto-admin password complexity settings
For the auto-admin password generation done by SimpleMDM, it'd be preferable to be able to manage the level of password complexity when the password is generated. Environments can have different password policy rules that all accounts, including MDM generated, need to abide by. The Dude abides.
Password storage apps like 1Password and Keeper offer, at minimum, password length, use of numbers, and use of special characters. See attached.
12 votes -
Implement Munki managed uninstalls
The SimpleMDM Munki implementation does not currently support managing uninstalls of software as a "pure" deployment of Munki might. Please implement uninstall management.
18 votes -
Introduce source IP based allow listing
While complex username/password + TOTP requirement is a standard and solid security requirement for administrative access to the SimpleMDM controls, it could be made even stronger with the addition of IP allow listing. I would love to have +1 layer of opt-in friction between the internet at large and a tool has the ability to brick all of my organization's laptops simultaneously.
If implemented, I'd request that a minimum of 2, preferably 3 remote sources be required before the service could be enabled: this will provide small businesses with redundancy for the event that they change ISPs and cannot bring…1 vote -
reduce the size of colored ovals in new devices UI
In the new devices UI, the colored ovals surrounding status on each line are distractingly large.
4 votes -
Support for defined build numbers in DDM software update
It's fantastic that we can get started with DDM software updates... however, I think the protocol does allow for us to push a specific build number.
This is handy for testing - as I've got a device enrolled in the beta that I'd love to push specific build numbers too, to try out the functionality - without having to reach for DFU mode on a long suffering test system.
Going forward, it would be fantastic to nudge/enforce specific build numbers for beta testers, so we can ensure testers are all on latest betas where appropriate.
Thanks :)
2 votes -
Device Groups API - add methods
The Device Groups API does not have the following methods:
create, update, remove/delete, it would be very helpful if this endpoint could have those methods added, along with various options such as:create: parameters "name" (required), "lock_screen_message" (optional), and "track_device_location" (optional, default False)
update: parameters "name" (optional), "lock_screen_message" (optional), and "track_device_location" (optional)
delete: parameters: "device_group_id"
Also, the clone method does not currently take any parameters that would allow device group settings to be configured, it would be helpful if the clone method was updated to allow the use of these parameters:
"name" (required), "lock_screen_message" (optional), and "track_device_location" (optional, default False)
12 votes -
Use a SAN instead of CN when managing certificate renewal
Currently if an admin wants SimpleMDM to manage the renewal of their SCEP certificates, SimpleMDM bulldozes the CN and replaces it entirely. This is problematic for workflows that require specific values to be in a CN and not a SAN. If possible, please use a SAN to insert any necessary tracking values. Intune is doing this with success (see the blue box at the top of https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep).
2 votes -
Enrollment Setting - Unassign Profiles at Re-Enrollment
We heavily utilize individually assigned profiles for Macs. There are also a few default profiles assigned via group. When a new out-of-box Mac is being enrolled for the first time only those default profiles are installed (around 5). Profiles are installed quickly and reliably. Later on during provisioning our configuration management tool handles installing other required per device profiles.
However, when a Mac from stock is being re-enrolled to be used by another person, every previously assigned profile is installed at setup assistant. Since in my case those individually assigned profiles are usually per user, team, department, etc. and no…
8 votes -
Make logging more detailed for MDM commands
While I appreciate how detailed SimpleMDM logs can be, especially with raw responses from MDM, sometimes they need to provide more detail. For example, when sending an OS update command the log only contains...
"Log Details
Full ID E7B0DBE9-A7C1-4EC8-8CB8-BFA4AB990C59
Created At 2023-08-17 3:34 PM
Namespace device
Type os.update.idle
Level info
Device redacted
UDID F405AA51-FF04-4B71-900F-9C09F0515398
Serial Number redactedMetadata
{
"update_version": "13.5.1"
}
"With OS updates in particular, it's useful to know what mode was used as well. 'downloadonly', 'notifyonly', 'installasap', or 'forceupdate' are all options, but there's no associated data. For some basic commands like…
9 votes
- Don't see your idea?