Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
460 results found
-
Managing battery settings
Add the option to manage battery settings as :
-Wake for network access
Prevent you mac from sleeping automaticaly when the display is off
-...1 vote -
Descriptive page titles
Descriptive page titles would help a lot when navigating history or having lots of tabs open.
7 votes -
Disable ActivationLock via API
It should be possible to disable the ActivationLock via API call, this is specificly helpfull if you want to decomission a device.
8 votes -
Support custom MDM commands
I'd like to see SimpleMDM support sending custom MDM commands with arbitrary payloads. Advantages being...
- Customers don't have to wait for SimpleMDM to implement new commands to start testing. With WWDC coming up this is especially pressing because new commands and/or keys need to be tested quickly during the summer beta cycle for any chance at improvement.
- Possible to test beta/RSR updates by passing in the product key to a software update command.
- WS1 has this feature and please don't make me say anything nice about WS1.
As an example, here's how WS1 implements it with the author using EnableRemoteDesktop. …
28 votes -
ability to allow admin to decide if end user can or cannot control their date and time zone settings
For some users, we want to allow them to control time zone while for others we want to lock it down. It'd be nice to have the option.
1 vote -
Disable big popup window from Managed Software Centre
Hi!
We use SimpleMDM on our rental/production macs, not as office computers. And I have gotten feedback that sometimes the "Managed Software Centre" pop up on the middle of the screen, when an update has been waiting for a few days.We want a way to turn this off, since we dont want a suddenly popup on the screen in middle of an event/production/show. And sometimes we have an event for a week or so, and dont want to update a program during that week. Would be nice if it was possible to turn of the popup either on each…
2 votes -
Allow the removal of generated local-admin passwords
When a device has been factory reset, its auto-generated local admin password gets a second, third etc entry depending on how many times it has been wiped.
Once confirming the older local admin passwords are no longer necessary, we should be allowed to remove them to avoid confusion
3 votes -
Checking the "Select All" checkbox should apply to ALL enrolled devices (not just the first 100)
Meaning if I want to push an Apple VPP update to all enrolled devices, clicking the "Select All" checkbox only applies to the first 100 (as the ceiling).
We currently only have 105x macOS devices enrolled, but are in the process of bringing over 850x others from VMWare Workspace ONE in a way that's "zero touch" for the user.
You can imagine us having to click the "Select All" checkbox on each 9x pages containing 100x devices/each would be inefficient.Screenshot is from my work Gmail and is just an example of what I would see implemented.
1 vote -
Ability to sort Apple VPP app by the version installed on device
So I'm not clicking the Select All checkbox --> clicking Actions - Install Update for users who are already on the latest version (example in screenshot being v2.0.25 as the latest for that app)
1 vote -
Ability to rollout Profiles and Pkgs to shards of devices
The basic idea would be to give each device a shard automatically (but allow it to be overridden) and then be able to set a release schedule for profiles and applications.
For example, on the assign page for a profile, you could select "Shard this assignment" and then be able to select 7 days and have the profile released to (total devices / 7) on each day. Would also need the ability to stop the rollout.
We currently do this in our internal munki with an installable_condition.4 votes -
Combine assignments into groups for easy viewing
Allow the ability to create a group/folder in the App Assignments menu to allow the grouping of assignments. We will have a lot of iPads that require individual apps. This will make it quite cumbersome to parse through.
If we could group the assignments into a folder and title it based on department, viewing the assignments would be a lot easier.
4 votes -
Support API key expiration
API keys currently never expire. A key can be regenerated to effectively expire it, but there's no way to do so by time. I'm specifically asking...
- Add support for API keys to expire after 30, 60, 90 days, by timestamp, or never.
- Optional. Let the API regenerate or expire keys. Ends up being a one key rules them all situation. Up to debate whether this is a secure approach.
1 vote -
Implement more granular API permissions
In https://suggestions.simplemdm.com/forums/204404-suggestions/suggestions/32990482-scope-api-key API permissions were split up to correspond with API endpoints. While a welcome change, it doesn't go far enough in providing granular access to sensitive MDM actions. Since the the /devices endpoint contains so much (device update, info, restart, shut down, lock, erase, etc.) it is a prime target were an API key to be compromised.
I am asking for API permissions to be split up to be even more granular by MDM command. An API key which only needs to enable/disable remote desktop should not also be able to lock or wipe the device. While I don't…
3 votes -
Allow Configurable Log Retention
I would like to be able to customize the log retention filter and length. Not all device logs are needed for longer than 30 days, however important access logs and commands such as locking devices should be able to be kept for much longer.
Alternatively or in addition, having a built in log pipeline to a SIEM would be great. Pulling logs out of the API is a bit of a hassle.1 vote -
Report on installed certificates
I'd like to see SimpleMDM report on installed certificates for all device types. A common feature in other MDMs, CertificateListCommand (https://developer.apple.com/documentation/devicemanagement/certificatelistcommand) has been around since iOS 4 and macOS 10.7 (!).
While we have other tools to report on certificates (like osquery), it's useful to have MDM as a data source as well since oftentimes installed certificates originate via profiles. Knowing certificate health within the same product has benefits, and could allow for more advanced certificate management directly in SimpleMDM.
Important fields...
- Certificate name
- CA/issued by
- Expiration
- Current validity status
- If possible, whether…20 votes -
API: Dont send Filevault keys by default from /devices
Separate the device API so it does not return filevault keys with every device object. Or create a filter to omit the keys.
I keep running into scenarios where using the device API means scrubbing file vault keys every single time I make it get request to https://a.simplemdm.com/api/v1/devices
It gets pretty messy downstream especially with logs.8 votes -
Offer access to script jobs from MSC
Not sure if this is possible, but I'd like to be able to assign script jobs, so they'd appear in the MSC. I know this is probably somewhat similar to NoPKG, but it would remove the hassle of authoring the PKG.
1 vote -
Allow for a few different local admin password formats
The current format is often very hard to type (and not easily copied), so it would be helpful if you offered some other password types that were more user and script friendly. 1Password's "memorable" word based passwords are a good example of a strong password, that's also easy type. Bonus points if you omit characters that need to be escaped in scripting (like when using the sysadminctl -secureTokenOn function).
Thanks5 votes -
Add a Dark Mode option
Add an option for dark mode on the web interface.
26 votes -
Support choosing which webhook events to subscribe to per endpoint
https://api.simplemdm.com/#webhooks
The current webhook events are as follows...
device.changed_group
device.enrolled
device.unenrolled
device.lock.enabled
abm.device.addedWhenever any of these events occurs, the webhook endpoint is pinged. However, processing these can get particularly noisy, especially in large environments and (hopefully) as SimpleMDM adds more supported events.
I am asking to add support for selecting which events are subscribed to per webhook endpoint. This way only events needed for a particular workflow are sent and the webhook receiver requires less work to filter out unneeded data.
The UI could look like other SimpleMDM settings with checkboxes for each event, where by default all are…
18 votes
- Don't see your idea?