We are trying to implement our Azure B2C login for authentication into enrolments to help speed up onboarding new customers - we are an MSP.
When we set up SAML for access to the console, we can get it working fine; we can see and access the 'callback' and 'metadata' URL's ie.
https://a.simplemdm.com/admin/auth/saml/123456789123456789/metadata - Azure B2C needs these address to function.
But when we try to set this up for SAML enrolments, both the 'callback' and 'metadata' URL's aren't accessible for the new SAML Audience ie. https://a.simplemdm.com/device/enrollment/authentication/saml/987654321987654321.
Can this be enabled?21 votes
Apple's MDM protocol allows the list of users to be queried from managed systems:
It would be very helpful for us if this information could be displayed in the SimpleMDM Web UI. Thank you!34 votes
The Apple MDM Spec includes huge amounts of dock configuration options for MacOS, but I can only use those with custom configuration profiles at the moment. I would love to be able to choose what items are in the docks for specific profiles, maybe even a UI that would allow us to add Shared and VPP apps to the dock.1 vote
It would be great to have a way to customize the Munki Managed Software Centre now that Munki integration is part of the beta. If there was a way to apply something like Munki Theme Creator files (https://grovetech.co/blog/munki-theme-creator-for-munki/) This would be amazing.25 votes
Please integrate Munkireport, Sal, or some type of reporting and smart group criteria functionality. It would be lovely to have hosted reporting built into SimpleMDM. Munkireport is the most obvious choice due to the sheer amount of great modules available. Thank you!46 votes
It would be helpful to have a dedicated place to submit requests for new apps to be added the Shared Apps (for Munki). We can do it here of course, but seems like maybe it needs it's own section?11 votes
I have to periodically examine and update (where needed) a custom attribute for all the devices in our fleet. This currently requires one API request (with paging) to retrieve the list of devices, and then one request for each and every device to retrieve the custom attribute value. With 2500 devices this is already prohibitively slow.
An API call that returns the custom attribute values for all devices would solve this neatly and speed up the code thousandfold.9 votes
As we get option to assign profile to specific device (https://suggestions.simplemdm.com/forums/204404/suggestions/31773355) via API it will be brilliant to also have web UI to work with this.
Web UI should look similar to "Apps" page under device called "Profiles".
-List all profiles on device via https://developer.apple.com/documentation/devicemanagement/listtheinstalled_profiles (this will list also profiles installed by user)
-Display if profile is managed or not
-Ability to display .mobileconfig/profile for user installed profiles (it is returned in ProfileListCommand command)
-Ability to re-push/reinstall profile(s) (API call to do this will be brilliant)
-Ability to add profile from configured profiles
Thanks David14 votes
FULL pkginfo support.
- Basic Info information, Name, size, type, restart action, force install date, catagory, etc
- Contents: Dmg/pkg contents
- Requirements: Software requirement, upgrades, minimal OS, maximum OS
- Installation: Blockers, supported architecture.
- Install scripts: pre install and post install
- Uninstall scripts: pre uninstall, post uninstall
- Install check scripts: Scripts for determining if it should install or uninstall
I used the layout of MunkiAdmin of easy of demonstration33 votes
iOS 14 Home screen layout profile update - Searchable VPP text filter when selecting apps & configurable widgets19 votes
When a device is added to DEP it would be great to have a webhook notification.
My goal with this is to take that notification and have it create a new asset for the new Mac in our asset management system.
I think the Serial number would be the biggest needed component. I'm not sure what all information you can pull from Apple side, but if possible the order number would be really awesome to have and the date it was added to DEP on Apple's end.
Dashboard/visualization to quickly see key points across all devices (ie. battery percentages, last seen, etc)13 votes
I've been working with custom profiles recently, and realised that the description field can be relatively long and verbose.
I work in an organisation that values transparency and openness - and it struck me it would be amazing if each profile could have a couple of lines describing what it does... self-documenting MDM - so rather than an end user sticking in a ticket asking "what does this profile do???" the profile can tell you what it does...
See the screenshot for an example.2 votes
A custom profile indicating
Will disable a user's ability to enable Find My Mac. As a Restrictions profile has the option to manage many other features in the iCloud category (Back to my mac, Document Sync), it would be desirable to also manage this option under the Restrictions: iCloud category.2 votes
We would like to use unique firmware password with the option to rotate the password, in case we have to share the password with the user at some point. Currently that would only possible with moving the device to a group without a firmware password, clear the firmware password and assign the device back to the original group.
Maybe there is a possibility like building a mechanism that sends out multiple commands (one to clear the password and one to set it again), which would effectively "rotate" the firmware password.5 votes
Add a "when the Push Certificate is about to expire" event to notifications.
If the email of the AppleID used to issue the Push Certificate is not actively monitored, it is easy to miss the email alerts. And letting the Push Certificate expire can cause significant interruptions.
To prevent such interruptions, please add a "when the Push Certificate is about to expire" event to notifications, so that the alert can be sent to actively monitored email addresses.2 votes
Just had a frightening incident in which I thought we had been locked out of a managed device. Turns out the problem was just that the firmware password was hard to read: I was mistaking a
I suggest you choose a different font for passwords/recovery codes/etc., which makes very clear whether a given character is a 1 or l; likewise for 0 and O, which I also mistake on a regular basis.2 votes
Recently I pushed a custom PKG to a MacBook Air over MDM. While the SimpleMDM interface allows you to "uninstall" the package, nothing actually occurs since this capability is not possible. The lack of clarification from the UI is generally confusing, and it would be nice to update it and save others in the future from the same confusion.1 vote
For users with access multiple SimpleMDM accounts, using direct-to-device links like https://a.simplemdm.com/admin/devices/?serial_number=C02J20WTXY3B only works if the device is in the last account used. It would be extremely helpful to jump to the proper account, particularly for creating links to SimpleMDM devices from other products such as Watchman or Addigy.3 votes
The cloud agent icon in the menu bar is great for people that need it but it would be great if we had the ability to have that not load in the menu bar as we already have other things such as Nomad or SSO extensions payload that can be configured to have an option to open the Managed Software Centre.6 votes
- Don't see your idea?