The new Minimum macOS version scope is very helpful.
Can you please implement a Maximum macOS version scope to limit profiles (such as the KEXT whitelist profile) to stop profiles being deployed to macOS versions.

We are trying to implement our Azure B2C login for authentication into enrolments to help speed up onboarding new customers - we are an MSP.

When we set up SAML for access to the console, we can get it working fine; we can see and access the 'callback' and 'metadata' URL's ie.
https://a.simplemdm.com/admin/auth/saml/123456789123456789/callback
https://a.simplemdm.com/admin/auth/saml/123456789123456789/metadata - Azure B2C needs these address to function.

But when we try to set this up for SAML enrolments, both the 'callback' and 'metadata' URL's aren't accessible for the new SAML Audience ie. https://a.simplemdm.com/device/enrollment/authentication/saml/987654321987654321.

Can this be enabled?

Apple's MDM protocol allows the list of users to be queried from managed systems:

https://developer.apple.com/documentation/devicemanagement/listtheuseraccounts?changes=latestminor&language=objc

It would be very helpful for us if this information could be displayed in the SimpleMDM Web UI. Thank you!

Please integrate Munkireport, Sal, or some type of reporting and smart group criteria functionality. It would be lovely to have hosted reporting built into SimpleMDM. Munkireport is the most obvious choice due to the sheer amount of great modules available. Thank you!

The Apple MDM Spec includes huge amounts of dock configuration options for MacOS, but I can only use those with custom configuration profiles at the moment. I would love to be able to choose what items are in the docks for specific profiles, maybe even a UI that would allow us to add Shared and VPP apps to the dock.

It would be helpful to have a dedicated place to submit requests for new apps to be added the Shared Apps (for Munki). We can do it here of course, but seems like maybe it needs it's own section?

I have to periodically examine and update (where needed) a custom attribute for all the devices in our fleet. This currently requires one API request (with paging) to retrieve the list of devices, and then one request for each and every device to retrieve the custom attribute value. With 2500 devices this is already prohibitively slow.

An API call that returns the custom attribute values for all devices would solve this neatly and speed up the code thousandfold.

It would be great to have a way to customize the Munki Managed Software Centre now that Munki integration is part of the beta. If there was a way to apply something like Munki Theme Creator files (https://grovetech.co/blog/munki-theme-creator-for-munki/) This would be amazing.

iOS 14 Home screen layout profile update - Searchable VPP text filter when selecting apps & configurable widgets

FULL pkginfo support.

- Basic Info information, Name, size, type, restart action, force install date, catagory, etc
- Contents: Dmg/pkg contents
- Requirements: Software requirement, upgrades, minimal OS, maximum OS
- Installation: Blockers, supported architecture.
- Install scripts: pre install and post install
- Uninstall scripts: pre uninstall, post uninstall
- Install check scripts: Scripts for determining if it should install or uninstall
- Alerts
- Misc

I used the layout of MunkiAdmin of easy of demonstration

When a device is added to DEP it would be great to have a webhook notification.

My goal with this is to take that notification and have it create a new asset for the new Mac in our asset management system.

I think the Serial number would be the biggest needed component. I'm not sure what all information you can pull from Apple side, but if possible the order number would be really awesome to have and the date it was added to DEP on Apple's end.

Thanks!

-bryan

As we get option to assign profile to specific device (https://suggestions.simplemdm.com/forums/204404/suggestions/31773355) via API it will be brilliant to also have web UI to work with this.

Web UI should look similar to "Apps" page under device called "Profiles".

-List all profiles on device via https://developer.apple.com/documentation/devicemanagement/listtheinstalled_profiles (this will list also profiles installed by user)
-Display if profile is managed or not
-Ability to display .mobileconfig/profile for user installed profiles (it is returned in ProfileListCommand command)
-Ability to re-push/reinstall profile(s) (API call to do this will be brilliant)
-Ability to add profile from configured profiles

Thanks David

A custom profile indicating
<key>DisableFMMiCloudSetting</key>

        <true/>

Will disable a user's ability to enable Find My Mac. As a Restrictions profile has the option to manage many other features in the iCloud category (Back to my mac, Document Sync), it would be desirable to also manage this option under the Restrictions: iCloud category.

It's a known issue that applying a kernel extension profile to an M1 device can put it into a failure to boot condition, displaying a "Recovery is trying to change system settings. No administrator was found." dialog.
Would be great if SimpleMDM could prevent us from ending up in that situation.

Dashboard/visualization to quickly see key points across all devices (ie. battery percentages, last seen, etc)

Add a "when the Push Certificate is about to expire" event to notifications.

If the email of the AppleID used to issue the Push Certificate is not actively monitored, it is easy to miss the email alerts. And letting the Push Certificate expire can cause significant interruptions.

To prevent such interruptions, please add a "when the Push Certificate is about to expire" event to notifications, so that the alert can be sent to actively monitored email addresses.

Just had a frightening incident in which I thought we had been locked out of a managed device. Turns out the problem was just that the firmware password was hard to read: I was mistaking a 1 for an l.

I suggest you choose a different font for passwords/recovery codes/etc., which makes very clear whether a given character is a 1 or l; likewise for 0 and O, which I also mistake on a regular basis.

Recently I pushed a custom PKG to a MacBook Air over MDM. While the SimpleMDM interface allows you to "uninstall" the package, nothing actually occurs since this capability is not possible. The lack of clarification from the UI is generally confusing, and it would be nice to update it and save others in the future from the same confusion.

The cloud agent icon in the menu bar is great for people that need it but it would be great if we had the ability to have that not load in the menu bar as we already have other things such as Nomad or SSO extensions payload that can be configured to have an option to open the Managed Software Centre.

• allow for a re-push of profiles in a group


• allow for a re-push of profiles assigned to a device
  
  
  • group
  
  
  • assignment group
  
  
  
  


• allow for a re-push of profiles in a specific assignment group