Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
415 results found
-
Implement "force password change when the user authenticates"
As per https://support.apple.com/en-ca/guide/deployment/dep4d6a472a/web, Apple has an API for forcing a user password change. This is useful when updating password policy - passwords that met the old policy but no longer meet the new policy are not evaluated and forced to change. This setting, however, would make it so.
6 votes -
Auto-admin password complexity settings
For the auto-admin password generation done by SimpleMDM, it'd be preferable to be able to manage the level of password complexity when the password is generated. Environments can have different password policy rules that all accounts, including MDM generated, need to abide by. The Dude abides.
Password storage apps like 1Password and Keeper offer, at minimum, password length, use of numbers, and use of special characters. See attached.
11 votes -
Provide a mechanism to assign profiles and applications based on attribute values.
I'd really like to assign apps and profiles based on attributes collected by an enrollment customization welcome screen form.
3 votes -
Add device EID from DeviceInformationResponse.QueryResponses.ServiceSubscriptionProperty command
Hello,
as part of eSIM distribution it will be very nice to have EID of the devices accessible via API in device details (adding EID to portal will be also nice).
Can you please add EID to each device from MDM command (this command is already in use by SimpleMDM for other data) https://developer.apple.com/documentation/devicemanagement/deviceinformationresponse/queryresponses/servicesubscriptionproperty
Thank you David.
3 votes -
Simplify User Enrollment using SAML Attribute(s)
When using User Enrollment pre populate the Managed Apple ID form with an attribute from the SAML auth process (or better yet skip the screen all together). The scenario is that a user's IDP username might be the same as their managed apple id username and entering it again is duplicative.
1 vote -
Nested Custom Attributes
Description: It would be extremely useful to have the ability to nest custom attributes in SimpleMDM. This feature would allow administrators to create custom attributes that reference or depend on other custom attributes, enabling dynamic and interconnected data management.
Use Case: For instance, suppose an organization has a custom attribute called "munkimanifestdepartement" that is a dropdown value in the DEP (Device Enrollment Program) welcome screen. The organization also wants to create another custom attribute called "munkimanifest" that includes the department value selected in "munkimanifestdepartement" along with additional static text. By nesting the custom attribute "munki…
3 votes -
Regex Rules for Custom Attribute Validation
Description: It would be highly beneficial to have the ability to use regular expressions (regex) to validate user-defined custom attributes in SimpleMDM. This feature would allow administrators to set specific rules and patterns that user inputs must adhere to, ensuring data accuracy and consistency.
Use Case: For example, suppose an organization has a custom attribute for employee IDs. By implementing regex rules, the administrator can define that the employee ID must follow a specific format, such as a combination of letters and numbers. Any user input that does not match the defined regex pattern would be flagged as invalid, preventing…
3 votes -
add the ability to deploy individual files/folders to macOS
I would like the ability to deploy individual files or folders to our Mac devices.
Sometimes an app has an additional config file that needs deployed to make it work. We also use PDQ Connect in our environment, and that allows for us to can create packages that contain .msi, .exe, or PowerShell or CMD scripts, then also have the option to attach additional files to use in the package (see screenshot).
Also, there are times where we may just need to send a file/folder to all devices. Something else besides an app, profile, or script. A simple option to…
3 votes -
Support account-driven user enrollment
Initially announced at WWDC21 [1], macOS, iOS, and iPadOS devices starting with iOS15 and macOS Monterey support a workflow called account-driven user enrollment [2]. This workflow differs from the existing user enrollment methodology in that it uses a slightly different protocol and requires the implementation of a session token on the MDM provider side.
We are interested in the account-driven workflow because it removes the need to distribute enrollment profiles or have users visit an enrollment URL and download / install the profile. The improved UX, when combined with this year's promised release of federated authentication to more providers in…
31 votes -
Devices API - Create - Extend method to include optional params for DEP device ID and device name
When creating a device using the Devices API create method (https://api.simplemdm.com/#devices), there are only two parameters that can be passed to it, 'name' and 'group_id'.
It would be very helpful, especially for devices that are expected to go through automated device enrolment, if we could pass a DEP device ID parameter to it so that a DEP device that is not yet enrolled will automatically be assigned to the nominated device group.
If the DEP device id parameter is assigned, then the response probably shouldn't include an enrolment URL, as this param should indicate the device is expected…6 votes -
Include a 'Devices' (or 'Assigned Devices') tab on a device group page
When inspecting a device group, it would be very helpful and handy to have a tab to inspect/manage the devices associated with that group.
Currently you have to go back to the Groups page, find the desired group, and then click on the number in the Assigned Devices column to look at the devices in that group and perform any management activities on them.7 votes -
Device Groups API - add methods
The Device Groups API does not have the following methods:
create, update, remove/delete, it would be very helpful if this endpoint could have those methods added, along with various options such as:create: parameters "name" (required), "lock_screen_message" (optional), and "track_device_location" (optional, default False)
update: parameters "name" (optional), "lock_screen_message" (optional), and "track_device_location" (optional)
delete: parameters: "device_group_id"
Also, the clone method does not currently take any parameters that would allow device group settings to be configured, it would be helpful if the clone method was updated to allow the use of these parameters:
"name" (required), "lock_screen_message" (optional), and "track_device_location" (optional, default False)
12 votes -
Extend the devices - list profiles API method to return ALL profiles that a device is assigned
The list profiles method in the devices API endpoint only returns profiles that are directly assigned to the device; it would be very helpful to the data returned included all profiles assigned to that device, including profiles assigned through groups, etc, along with an attribute that identifies how the profile is assigned.
16 votes -
Add blackmagic Resolve
Add DaVinci aka BlackMagic Resolve
1 vote -
Add username field to `device.enrolled` webhook event
The goal is to have a
usernamefield in thedevice.enrolledwebhook event.This field would be populated using the the custom attribute defined in the "Username custom attribute" setting in the Automated Enrollment Authentication section.
In our use case, a user will be prompted to auth using Okta during Automated Device Enrollment (ADE). The username that is returned by Okta would be part of the webhook event payload. We use the username and device serial number to help with automating other internal processes to help determine which user is assigned to which device.
This could be covered by https://suggestions.simplemdm.com/forums/204404-suggestions/suggestions/46831099-control-webhook-data…
6 votes -
More granularity on the SimpleMDM menu bar icon...
So, we've just rolled out Nudge and have used the SimpleMDM agent to do so. And now I'm being grumbled at about the Managed Software Centre Icon taking up valuable menu bar space...
I appreciate I can kill it via the UI - but it's a bit all or nothing, and when we start adding apps to self-service, the menu bar app seems as good a place as any to direct our end users.
So - can we set icon visibility per assignment group?
I think what I'm basically saying is if all apps are managed, and there's no self-service…
3 votes -
Record administrator logins in Logs
Currently, there is no visibility in the logs when an admin session is started from a login. We'd like to see log in and log out for at least "local" SimpleMDM accounts if not IdP initiated sessions as well, populated into the admin namespace. It would be helpful if the logs contained the account email, IP address they are logging in from, and the usual timestamp / "At" value. A user agent value would be a bonus but it's understandable if that's not available.
17 votes -
Implement Munki managed uninstalls
The SimpleMDM Munki implementation does not currently support managing uninstalls of software as a "pure" deployment of Munki might. Please implement uninstall management.
12 votes -
Add reMarkable to shared apps
DMG file available publicly here:
https://downloads.remarkable.com/3 votes -
Add notification option for when enterprise certificate is expiring
Currently when an enterprise certificate is expiring, the only place to see that is on the SimpleMDM site at the top of the Devices page.
We develop custom apps and push them to SimpleMDM with the API, so we don't log in that often which means we could easily miss these alerts. This could lead to lost productivity for our internal users.
Please allow us to send notifications to specified user(s) when an enterprise certificate is about to expire.
It would be nice if one or more time intervals could be selected as well, like you can for VPN and…
3 votes
- Don't see your idea?