Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
284 results found
-
Add the ability for scripts/jobs to execute on boot / login.
It would be good if scripts/jobs could be configured to run each time the device boots or the user logs in.
This is handy to enforce script logic on the device without having to add a recurring script that executes every day.
5 votes -
Custom Configuration Profiles API - Download the profile as a JSON object, not a text object
Currently it looks like the download method for the custom configuration profiles API returns the profile being downloaded as a text object not a JSON object.
The preferred (at least for me) response object that should be returned is a JSON object in keeping with all other responses.
3 votes -
New API endpoints request
Hello,
When writing terraform provider we discovered few topics we would like to ask to improve on the API side.
Custom Profiles:
Please add endpoint "Retrieve one" GET https://a.simplemdm.com/api/v1/custom_configuration_profiles/{profile_id} with json answerPlease add "enable declarative management" and "Auto renew SCEP issued certificates" as attributes for create/update custom profile
Please add "enable declarative management" to json answer.
Device Groups:
Please add create, update and delete endpoints.Thank you, David
4 votes -
Introduce source IP based allow listing
While complex username/password + TOTP requirement is a standard and solid security requirement for administrative access to the SimpleMDM controls, it could be made even stronger with the addition of IP allow listing. I would love to have +1 layer of opt-in friction between the internet at large and a tool has the ability to brick all of my organization's laptops simultaneously.
If implemented, I'd request that a minimum of 2, preferably 3 remote sources be required before the service could be enabled: this will provide small businesses with redundancy for the event that they change ISPs and cannot bring…1 vote -
Support for defined build numbers in DDM software update
It's fantastic that we can get started with DDM software updates... however, I think the protocol does allow for us to push a specific build number.
This is handy for testing - as I've got a device enrolled in the beta that I'd love to push specific build numbers too, to try out the functionality - without having to reach for DFU mode on a long suffering test system.
Going forward, it would be fantastic to nudge/enforce specific build numbers for beta testers, so we can ensure testers are all on latest betas where appropriate.
Thanks :)
2 votes -
Use a SAN instead of CN when managing certificate renewal
Currently if an admin wants SimpleMDM to manage the renewal of their SCEP certificates, SimpleMDM bulldozes the CN and replaces it entirely. This is problematic for workflows that require specific values to be in a CN and not a SAN. If possible, please use a SAN to insert any necessary tracking values. Intune is doing this with success (see the blue box at the top of https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep).
2 votes -
WatchOS management support
We would like to deploy a fleet of Apple watches and would like to get support to manage these via DDM
3 votes -
Allow users to see the ipad locations on a map but nothing else
Allow users to see the ipad locations on a map but nothing else. Just users who want to see real-time location of all the ipads. But don't let them manage the ipads, change settings, etc.
1 vote -
Admin Console Banner
Allow customization of the banner at the top of the admin pane after login. Currently you have a banner that states:
"You are currently viewing the new Ul for the Devices page. If you would like to temporarily switch back to the old view, click here."
We have a specific requirement to add a banner to any system with user-added content about what type of data is allowed to be uploaded. It would be awesome to be able to customize the banner to add a message to users of the system.
12 votes -
Upload more than 2 media files at once
Increase the upload limit, allowing more than 2 files at a time.
1 vote -
Notifications: When a device *has been* seen... in addition to device has not been seen for X days / months
Notifications: When a device has been seen... in addition to device has not been seen for X days / months
I only can find:
When a VPP token is set to expire
When a DEP token is set to expire
When a push certificate is set to expire
When a device enrolls
When a device hasn't been seen for
When the SimpleMDM iOS app stops reporting location forBut there is no option for Notification "Last seen Devices", not meant
"When a device .."Need > When a device has been seen...
12 votes -
export list of apps on a device.
Would be nice to be able to export a csv file of all the apps on a device. Bossman wanted me to get a list of apps on these peoples devices and screenshots looked terrible. some folks have over 128 apps on their work devices. thanks!!
1 vote -
Update/upgrade WhatsApp in Shared Apps for macOS
The current version has now "WhatsApp (old)" as name and the logo is grey now instead of green. It also suggests downloading the new app. But I prefer to install it from the self-service app (Munki). So can you add/update it?
1 vote -
API Request: Ability to upload/change icons for uploaded macOS pkgs.
Currently in the API, only pkg uploads and changes are supported. However the ability to upload or change icons is unavailable.
The reason this is important for us is we maintain over a dozen instances and the ability to programatically set icons for our items would drastically reduce the amount of work required for us to configure especially when we're deploying new items.
If possible, we'd greatly appreciate the following added to the API:
- Apps -> Create:
- New optional argument: icon.
- Sets icon during upload.
- Apps -> Update:
- New optional argument: icon.
- Replaces current…1 vote -
Route SSO-only users to their account-specific SSO
When our SSO-only users go to a SimpleMDM bookmark in their browser, they get routed to the email/password login page. Since SSO login (via SAML) requires an organization-specific sign-in page, they don't know where to go to sign in.
A suggestion that I hope would help here would be to route a user whose account is SSO-only to their organization's SAML login page so that they can complete their sign-in flow. This could either be letting them enter their email on the existing login page or having a button on the page for "Log in via SSO" so they could…
7 votes -
add the ability to preview Welcome Screens as they are created
Rather than have to iterate changes to Welcome Screens with real hardware, it would be nice to have a generated preview in-browser as part of Enrollments > {enrollment_name} > Welcome Screen.
1 vote -
3 votes
-
Notifications for nodes running low on disk space
Notifications for nodes running low on disk space
2 votes -
Allow devices to be marked as unmanaged
Another idea to borrow from Jamf Pro. Please consider allowing SimpleMDM customers to mark devices as unmanaged in order to keep them for historical or data purposes without them actively being under management and NOT taking up a license. An unmanaged device would keep the same config, but not have the ability to interact with MDM moving forward. No profile installs, polling for device info, etc. It is a record stuck in time. Devices should be able to move freely between managed/unmanaged through the GUI and API.
As it today, every device which exists in a SimpleMDM tenant takes up…
4 votes -
Reject enrollments for unsupported macOS versions when using SAML
I am requesting SimpleMDM add guards for ADE where a macOS device is under 10.15. Copying directly from enrollment authentication config...
"OSes prior to macOS 10.15 and iOS 13 using Automated Enrollment and all devices enrolled with Apple Configurator do not support SAML authentication and will not be authenticated. Optionally enroll them in a less secure initial device group."
A helpful setting for sure since it means a device can be dropped into a group with no access to organization profiles, packages, or secrets. However, the device is still allowed to enroll and takes up a license. If that Mac…
1 vote
- Don't see your idea?