Suggestions

Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!

  1. Add more endpoints to SAML enrolments for full functionality

    We are trying to implement our Azure B2C login for authentication into enrolments to help speed up onboarding new customers - we are an MSP.

    When we set up SAML for access to the console, we can get it working fine; we can see and access the 'callback' and 'metadata' URL's ie.
    https://a.simplemdm.com/admin/auth/saml/123456789123456789/callback
    https://a.simplemdm.com/admin/auth/saml/123456789123456789/metadata - Azure B2C needs these address to function.

    But when we try to set this up for SAML enrolments, both the 'callback' and 'metadata' URL's aren't accessible for the new SAML Audience ie. https://a.simplemdm.com/device/enrollment/authentication/saml/987654321987654321.

    Can this be enabled?

    21 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add restart option to FileVault profile

    Currently, FileVault will not be enabled on MacOS until the user either logs out or logs in, depending on how it is configured. It would be great to add the ability to restart the machine once enrollment is complete to ensure FileVault is enabled as soon as possible.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Dock Customization Profiles

    The Apple MDM Spec includes huge amounts of dock configuration options for MacOS, but I can only use those with custom configuration profiles at the moment. I would love to be able to choose what items are in the docks for specific profiles, maybe even a UI that would allow us to add Shared and VPP apps to the dock.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow management of the DisableFMMiCloudSetting key

    A custom profile indicating
    <key>DisableFMMiCloudSetting</key>

            &lt;true/&gt;
    

    Will disable a user's ability to enable Find My Mac. As a Restrictions profile has the option to manage many other features in the iCloud category (Back to my mac, Document Sync), it would be desirable to also manage this option under the Restrictions: iCloud category.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add full app path to collected apps & return with API

    When reviewing / querying apps it would helpful to know the full path of all found apps. Would like this returned in the API as well.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Bring parity to timing options in Apple's Security & Preferences menu

    In System preferences, in the Security and Preferences -> General tab, the "Require password <insert timeframe> after sleep or screen saver begins" dropdown has many more granular options than SimpleMDM allows. My company's security policy prefers 5 seconds after lock, but our only close options are immediate or 1 minute after sleep. It would be nice to have parity between the SimpleMDM configuration options and the options Apple allows.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. support media deployment for macOS

    apple supports this, just need it in SimpleMDM

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Extend the included Device fields via the CVS download option

    Appears to be missing a few key fields:
    - passcode policy enabled (This is not the same as "firmware password" and btw, a similar field is downloaded but we think it's tied to iOS devices as opposed to Mac OS)
    - Firewall enabled
    - Mac OS Patch Management enabled
    - Anti-virus / Malware enabled

    You may recognize these as SOC2 requirements. Would be ideal to run a report / download for all devices with this data included. Thanks!

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Rotate Firmware Password option

    We would like to use unique firmware password with the option to rotate the password, in case we have to share the password with the user at some point. Currently that would only possible with moving the device to a group without a firmware password, clear the firmware password and assign the device back to the original group.

    Maybe there is a possibility like building a mechanism that sends out multiple commands (one to clear the password and one to set it again), which would effectively "rotate" the firmware password.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Push Certificate about to expire notification

    Add a "when the Push Certificate is about to expire" event to notifications.

    If the email of the AppleID used to issue the Push Certificate is not actively monitored, it is easy to miss the email alerts. And letting the Push Certificate expire can cause significant interruptions.

    To prevent such interruptions, please add a "when the Push Certificate is about to expire" event to notifications, so that the alert can be sent to actively monitored email addresses.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Maximum macOS version scope value on custom config profiles + provided profiles

    The new Minimum macOS version scope is very helpful.
    Can you please implement a Maximum macOS version scope to limit profiles (such as the KEXT whitelist profile) to stop profiles being deployed to macOS versions.

    17 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Present passwords in a font that disambiguates similar characters

    Just had a frightening incident in which I thought we had been locked out of a managed device. Turns out the problem was just that the firmware password was hard to read: I was mistaking a 1 for an l.

    I suggest you choose a different font for passwords/recovery codes/etc., which makes very clear whether a given character is a 1 or l; likewise for 0 and O, which I also mistake on a regular basis.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Update UI to Indicate Custom PKGs Can't Be Removed By MDM

    Recently I pushed a custom PKG to a MacBook Air over MDM. While the SimpleMDM interface allows you to "uninstall" the package, nothing actually occurs since this capability is not possible. The lack of clarification from the UI is generally confusing, and it would be nice to update it and save others in the future from the same confusion.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide a UI to configure system level DNS over HTTPS (DoH) and DNS over TLS (DoT) for macOS and iOS

    Many of us managing devices via MDM have to assume the devices are on networks that are insecure, malicious, or in the best case scenario, not malicious but definitely not private.

    The standard way of doing DNS in those environments is unsafe, as the DHCP server can provide any resolver, and the traffic to those servers is made in the clear.

    DNS over HTTPS (DoH) and DNS over TLS (DoT) are two options we have to make computing in such environments safer, by ensuring queries are encrypted as they leave the device.

    Big Sur and iOS 14 both support this,…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Implement AllowNonAdminUserApprovals for macOS Kernel Extension policies

    Starting in Big Sur, Apple requires a local user to explicitly allow kernel extensions to be installed, even if they are whitelisted by MDM policy. By default only admin-level accounts are permitted to do so, but this is not practical in environments that don't allow end-users to be admins. Any such kernel extensions, and the software that depends on them, are basically unusable after upgrading to Big Sur.

    Please implement the new 'AllowNonAdminUserApprovals' option in macOS Kernel Extension profiles. This will allow our non-admin users to "approve" the required kexts and their software to function again. The public documentation hasn't…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Enforce device name when re-enrolled

    Add option to enforce "New Device Naming" when device re-enroll to SimpleMDM.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow control of the TLSTrustedServerNames field when configuring WiFi certificates

    When deploying or upgrading machines to Big Sur, I'm finding a change in behavior vs Catalina, in that when connecting to an 802.1x network, BS devices are asking the user to approve a certificate, where Catalina devices do not. In https://macadmins.slack.com/archives/C016JHNMP1N/p1611939579192200 it is suggested that the 802.1x profile can support the TLSTrustedServerNames field. However, SimpleMDM does not offer this field in the Profiles:Wireless category. I think that having this would address the unwanted dialog. As documented at https://developer.apple.com/documentation/devicemanagement/wifi/eapclientconfiguration , it seems this could be a field you could expose in the certificate management interface?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. iOS version on dashboard

    I would like to see the iOS version on the main dashboard when you are looking at all the devices in your specific groups.

    So, today we have Name, Group, Model, Status, Last Seen. ADD: iOS Version!

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 15 16
  • Don't see your idea?

Suggestions

Categories

Feedback and Knowledge Base