Suggestions
Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!
459 results found
-
Maximum macOS version scope value on custom config profiles + provided profiles
The new Minimum macOS version scope is very helpful.
Can you please implement a Maximum macOS version scope to limit profiles (such as the KEXT whitelist profile) to stop profiles being deployed to macOS versions.17 votes -
Implementation of System Extensions payload in Configs > Profiles > Add Profile
There is a new profile payload for macOS 10.15.4+ operating systems that facilitates whitelisting system extensions. This payload is in addition to the existing kernel extensions payload: https://developer.apple.com/documentation/devicemanagement/systemextensions
Currently the only option in the SimpleMDM Configs > Profiles > Add Profile is for Kernel Extensions.
It would be very helpful to have the System Extensions payload added as an option when adding a new profile.
16 votes -
Make the Security/OS Update settings queryable via the API
SimpleMDM now has some super useful data about device security posture available in the webUI only :(
Things like
"Firewall Status"
"System Integrity Protection Enabled" and
"Automatic OS Installation Enabled"Would be fantastic things to query via the API, for compliance reports etc etc.
If I had to prioritise, I'd want Firewall status first (because my stakeholders want it!) but more of the "Security" and "OS Update Settings" data would be amazing and much appreciated :)
Thanks
16 votes -
Support "Non-Removable" flag on deployed iOS Store Apps
As noted here on the SimpleMDM blog, an option was added to iOS starting in 14.x where individual apps can be marked as "non-removable" by the administrator when being deployed.
https://simplemdm.com/blog/mdm-ios-14-macos-11-big-sur/
https://it-training.apple.com/tutorials/deployment/dm195"To prevent a user from uninstalling a managed app, mark the app as nonremovable when you assign the managed app to a user or device. Depending on your MDM solution, you might need to deselect a Removable attribute or set a nonremovable attribute. With your MDM solution, you may also be able to set this attribute on apps that are already installed on a device."
I feel it…
16 votesThis is now supported in the new Groups interface (currently in Preview).
-
Allow switching of a device from group to group via the API
Switch a device from one group to another, with a Cron job for instance, via the API.
16 votesThis functionality has been added to the API and ruby binding library. For more information, refer to the SimpleMDM API documentation: http://simplemdm.com/docs/api/#assign-device
-
Dedicated place to request additions to Shared Apps
It would be helpful to have a dedicated place to submit requests for new apps to be added the Shared Apps (for Munki). We can do it here of course, but seems like maybe it needs it's own section?
16 votesThis is now available. SimpleMDM has been added to PDQ's Package Request form: https://simplemdm.pdq.com/hc/en-us/p/packageRequest
Note: The form template currently covers all PDQ products so the language may be slightly different, but requests for SimpleMDM will go towards SimpleMDM's Shared Apps Catalog.
-
Allow upload and assignment of custom .mobileconfig files
As an advanced feature, allow admins to upload unsigned .mobileconfig profiles created in iPhone Configuration Utility to DeviceLink and subsequently assign them to multiple individual devices OR multiple groups.
This will allow new and customized mobile configurations to be used in DeviceLink should it not fully support a desired configuration.
16 votes -
Include Custom Attributes in export
With custom attributes I now have a place for my asset tags and assigned to values, but these values are not exportable. Even the API makes it very hard to retrieve these fields.
16 votes -
Create restriction groups
Create different groups of restrictions and make it possible to apply these restrictions on serveral groups of devices.
This way you don't have to manually set the restrictions every time.
16 votes -
Allow to apply a profile to a specific device.
Would be great to have the possibility to apply a custom profile to a specific device without having to create a new group!
15 votes -
API to retrieve custom attribute values for all devices
I have to periodically examine and update (where needed) a custom attribute for all the devices in our fleet. This currently requires one API request (with paging) to retrieve the list of devices, and then one request for each and every device to retrieve the custom attribute value. With 2500 devices this is already prohibitively slow.
An API call that returns the custom attribute values for all devices would solve this neatly and speed up the code thousandfold.
15 votesCustom attribute values are now included in the response from the Devices endpoint. Use the query param to include custom attributes that have been marked as secret: https://api.simplemdm.com/#list-all-6
-
IKEv2 VPN support
It doesn't look like IKEv2 connection type is supported in the UI. This would be useful with attribute support so that we can add accounts per device and have the username and password assigned in the profile.
15 votes -
Add scheduling flexibility for iOS Auto Update Policy
As many businesses are limited to which day(s) of the week upgrades can be performed, adding more versatility to the scheduling would be very helpful.
(https://support.simplemdm.com/forums/204404-suggestions/suggestions/31349005-add-the-ability-to-schedule-forced-updates-for-bo)15 votes -
Possibility to lock account name during enrollment
LockPrimaryAccountInfo and put use of the saml login name
from:
https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/commandand if possible collect the users full name from the saml login.
15 votesLockPrimaryAccountInfo is now available as of macOS 10.15.4. Earlier versions of macOS have a bug that prevents this feature from functioning reliably.
SAML attributes can be saved to a device’s custom attributes. Under the “Authentication” tab in Enrollment details, SAML authentication types include an option to “Allow provider to set custom attributes”.
-
Button to force/request device details
Add a button to request device details.
Example: When adding/removing an app to/from devices, it takes up to an hour for the portal to reflect the changes. It would be nice to push a request for the data, especially when we don't have the luxury of waiting an hour.15 votes -
15 votes
SimpleMDM supports scenarios where more than one device object may exist for a given serial number. Additionally, device objects do not always have serial numbers attached to them. For instance, a new device record may be created before device enrollment occurs. Such being the case, a serial number cannot function as a unique ID.
Nonetheless, the Device – List All API endpoint has been expanded to support searching for devices based on serial number, UDID, phone number, and name. This allows for more efficient device ID lookups. More information is available here: https://simplemdm.com/docs/api/#list-all39
-
Add extra fields to the device list
The device list currently displays:
Device Name Initial Group Model Status Serial Number EnrollmentIt would be useful to be able to customize the fields being shown to include or exclude any of the fields available, including custom attribute fields.
15 votesCustom attributes and additional fields can now be displayed on the devices index page. Click the gear in the table to select more columns.
If there are additional specific attributes you would like, please create a new request.
-
Enrollement links - Security Issue
Current enrollment links are not secure, links are permanent and for unlimited use. If some will steel or simply he will trying random number from 000000000 to 999999999, he will sooner or later find link with valid invite.
This have multiple issues:
1) License price, if i will enroll 1000 devices to someones mdm he will pay 3000$ in best case scenario or also 30000$, of course SimpleMDM will refund this but it is lost on both sides and lost of trust2) if the person will enroll to group with some login/security details (wifi, vpn, mail, network shares etc)…
14 votes -
Service status page for service
Ease of access to tell when the service is not responding etc.
14 votesI'm a few months late to updating this post, but SimpleMDM/PDQ now has a status page available here: https://pdq.statuspage.io/
-
14 votes
- Don't see your idea?