Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
415 results found
-
Add to the "Enable Remote Desktop" some actual setting of privs
After banging my head for a year or two on new machines being completely unreachable or at best screen-sharing-only, I think it's because while you can turn ARD ON via MDM, all users by default have no privileges.
So I now have a kickstart script to do this.
It seems to me this should be a fundamental part of the "enable" action. For the device action, it could maybe look like the attached. For an enrollment .. I'm not sure, can you execute scripts at enrol time? If not maybe automatically afterwards?
Some of the necessary kickstart commands are here…
1 vote -
Notification for annual renewal
Email notication a few weeks prior to renewal, stating how devices we have, the cost of the renewal, what credit last 4 it will charge and when the charge will happen...this would allow us to audit the device list, update an old credit card and know that the renewal is happening.
1 vote -
Add Android Studio to shared apps
Kindly consider adding Android Studio to shared apps
3 votes -
An option to automatically whitelist any apps assigned to a device group.
By default, we restrict what apps can be installed on iOS devices. Right now, if I want to deploy a VPP app to an iOS device, I have to add it to the device assignment AND remember to go to my restrictions profile and whitelist it.
I suggest that all assigned apps be automatically whitelisted, or at least have a setting that can turn on this automatic whitelisting if the SimpleMDM admin selects it.
Thanks!
3 votes -
Return the effective value of custom attributes in the API and exports
Currently, exports and the API will only return a custom attribute's value if the value is overridden at the device level - otherwise, it returns an empty string. Please modify the API and exports endpoint to return the effective value of the field. It would also be helpful if there was a taxonomy that outlined where that value came from (e.g. is it the default, group level, or device level override).
2 votes -
Include Rancher in Munki managed apps
This request is to include Rancher in the munki shared apps
Rancher is an open-source application that provides all the essentials to work with containers and Kubernetes on the desktop
1 vote -
Include Notion Calendar in munki shared apps
"Notion" is currently included in the munki shared apps. This request is to also include the Calendar App - https://www.notion.so/product/calendar
1 vote -
add baseline to munki shared apps
Add Baseline to the default munki shared apps
3 votes -
Filter Profiles by Device Type, Assigned Groups
It would be amazing if we could get more granular filtering for the profiles section. It gets very messy very quick.
Maybe a way to filter profiles by group, or profiles by device type would be amazing.
1 vote -
Remove the device name pop-up in the new devices page UI
The device name pop-up in the new devices page UI is intrusive and makes it difficult to open the device in a new tab
1 vote -
Monitoring unpatched CVEs
Interesting post by Graham about using the Sofa feed info to track unpatched CVEs in their mac fleet with osquery.
Last checked: 2024-05-03T20:33:36+00:00Z
Machine readable feed: v1/macosdatafeed.jsonhttps://grahamgilbert.com/blog/2024/05/03/investigating-unpatched-cves-with-osquery-and-sofa/
3 votes -
Option to auto renew ACME Certificates - DDM and Profiles - Managed Device Attestation
We would like an option to have ACME certificates auto renew. This is a feature currently available for SCEP issued certificates.
Our use case is using managed device attestation and the new ACME payloads to create certificates that can be used for 802.1x, but we need them to auto renew before they expire (for internal reasons the validity period is 91 days).
It would also be helpful to provide tokenised values for the CN.
3 votes -
Add the ability for scripts/jobs to execute on boot / login.
It would be good if scripts/jobs could be configured to run each time the device boots or the user logs in.
This is handy to enforce script logic on the device without having to add a recurring script that executes every day.
5 votes -
Saving column sorting / pin column
If device columns can't be custom sorted and saved at this time, it would be nice if the "pin to the left" feature remained pinned - not sure if it times out or reverts after X amount of navigating to different groups, but it doesn't stay pinned too long.
1 vote -
Integrate Google’s Santa project into SimpleMDM?
The clue is in the name SimpleMDM - your product makes the difficult parts of managing your Mac devices simple - setting up and managing Munki could be challenging, and now the easy to use implementation you’ve provided is a great fit for lots of organisations.
Can you apply the same magic to Google Santa please?
https://github.com/google/santa
Here’s the use case. In our organisation, end users run with administrator access. This empowers them to do all the things they need to do to be productive, and ensures IT isn't a bottleneck…
…but - with great power comes great responsibility. There’s…
3 votes -
Custom Configuration Profiles API - Download the profile as a JSON object, not a text object
Currently it looks like the download method for the custom configuration profiles API returns the profile being downloaded as a text object not a JSON object.
The preferred (at least for me) response object that should be returned is a JSON object in keeping with all other responses.
3 votes -
New API endpoints request
Hello,
When writing terraform provider we discovered few topics we would like to ask to improve on the API side.
Custom Profiles:
Please add endpoint "Retrieve one" GET https://a.simplemdm.com/api/v1/custom_configuration_profiles/{profile_id} with json answerPlease add "enable declarative management" and "Auto renew SCEP issued certificates" as attributes for create/update custom profile
Please add "enable declarative management" to json answer.
Device Groups:
Please add create, update and delete endpoints.Thank you, David
4 votes -
Introduce source IP based allow listing
While complex username/password + TOTP requirement is a standard and solid security requirement for administrative access to the SimpleMDM controls, it could be made even stronger with the addition of IP allow listing. I would love to have +1 layer of opt-in friction between the internet at large and a tool has the ability to brick all of my organization's laptops simultaneously.
If implemented, I'd request that a minimum of 2, preferably 3 remote sources be required before the service could be enabled: this will provide small businesses with redundancy for the event that they change ISPs and cannot bring…1 vote -
Support for defined build numbers in DDM software update
It's fantastic that we can get started with DDM software updates... however, I think the protocol does allow for us to push a specific build number.
This is handy for testing - as I've got a device enrolled in the beta that I'd love to push specific build numbers too, to try out the functionality - without having to reach for DFU mode on a long suffering test system.
Going forward, it would be fantastic to nudge/enforce specific build numbers for beta testers, so we can ensure testers are all on latest betas where appropriate.
Thanks :)
2 votes -
Use a SAN instead of CN when managing certificate renewal
Currently if an admin wants SimpleMDM to manage the renewal of their SCEP certificates, SimpleMDM bulldozes the CN and replaces it entirely. This is problematic for workflows that require specific values to be in a CN and not a SAN. If possible, please use a SAN to insert any necessary tracking values. Intune is doing this with success (see the blue box at the top of https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep).
2 votes
- Don't see your idea?