Suggestions

Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!

  1. Manage Non-Custom Profiles via API

    Currently the API has a customconfigurationprofiles endpoint (https://simplemdm.com/docs/api/#custom-configuration-profiles) which can be used to create, modify, and assign/unassign custom profiles. However, there is on way to manage other profile types via the API.

    Say I create a FileVault profile in the web app and then want to assign the profile only to specific Macs using the API. There's not a specific group or device I want to manually assign. Instead I only want to assign to specific endpoints programmatically using a config management tool like Chef or Ansible. Since the profile is not "custom" I am unable…

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Profiles API - add upload/create custom profile method

    The profiles API endpoint doesn't have a method of uploading a custom configuration profile. This means it is not possible to create custom profiles and upload them to SimpleMDM, and then automatically create device group relationships and or assigning scopes to those custom profiles.

    An example where this would be useful is where profiles are managed within a git repo and pushed to SimpleMDM via automated workflows when these profiles are updated with new payloads.

    This upload/create method should also include settings for creating an assignment scope (for example, setting the OS type the profile can be applied to, the…

    0 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Implement Apple Kerberos SSO Extension as a profile

    This is a great tool to sync AD password to the local one. It is somewhat easy to get this done as a custom plist profile. I used the settings from Kandji MDM as reference, a guide from JAMF on how to deploy the Kerberos Extension and Imazing.com profile manager to create the plist file. Imported the custom profile in SimpleMDM, applied to Pilot group and it worked just like intended. This was easy, but it should be made standard.

    A sample plist file is available from https://github.com/ProfileCreator/ProfileManifests/issues/556

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Munki Integration : On-Demand installation

    I wish that the Munki "OnDemand" key that is planned for a PkgInfo is exposed in the declaration of a package in SimpleMDM. That would offer to trigger the installation of a package as needed without an instal / remove cycle.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Expose assignment count for custom profiles via API

    The internal API for profile search https://a.simplemdm.com/admin/profiles.json returns the number of groups and devices assigned to a profile as groupCount and deviceCount.

    Exposing this information to the customconfigurationprofiles "list all" endpoint would make it possible to add a scheduled job to cleanup profiles with 0 installs, so the UI doesn't get clogged up with outdated profiles.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Enable Remote Desktop per enrollment instead of globally

    The new feature to enable remote desktop automatically is great, but we only want to enable it on a certain enrollment, not on all machines.

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Add the ability to mark some custom attributes as "secret"

    We're looking at pushing things like wifi passwords to devices using profiles and custom attributes... as we aim to use MIST's multiple PSK option - https://www.mist.com/documentation/multi-psk/

    Each device will have their own wifi password pushed as a custom attribute - but these are effectively passwords. It would be awesome if they could be tagged as secret (like a lot of CI/CD tools allow you to do) and we could log that an admin had viewed them (in the same way unlock PIN and Activation Lock Key access is logged now

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    When editing a custom attribute via Configs > Attributes, you can now select "Mark as secret". When checked, this will prevent users with "Custom attributes marked as secret" permissions disabled for their user role from seeing the values stored for these attributes.

  8. Implement "SetAutoAdminPassword" to allow DEP created admin account password rotation

    SetAutoAdminPassword allows changing the password of a local admin account that was created by Setup
    Assistant during DEP enrollment via the AccountConfiguration command. It is available in macOS v10.11 and
    later. This would be useful to allow admin password rotation. Ideally this would also available via the API.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Add Slack universal installer to Shared Apps

    I found that Slack has a universal installer available on their website, but only the Intel version is in the Shared Apps library. It would be nice to be able to push the universal version from Shared Apps instead/in addition.

    (link here, under the "Distribute Slack" section: https://slack.com/help/articles/360035635174-Deploy-Slack-for-macOS)

    Thank you!

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Add Scripts and Script Jobs to API

    Feature Request: Add Scripts and Script Jobs to API

    Currently the "Scripts" and "Script Jobs" functionality is only supported when using the SimpleMDM web console via a browser.

    With the goal to support custom advanced automation for our machine provisioning processes and integration with other configuration management systems, we need the ability to:

    Requirements:

    • Create/Update (Upload) and Delete Scripts
      • Support multipart/form-data by default (similar to other SimpleMDM APIs)
    • List and Get Scripts, including:
      • Script ID
      • Script name
      • Full script contents
      • Created/Updated timestamps
    • Create Script Jobs
    • List Script Jobs
    • Get Job Status
    • Get Job Log /…
    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    This has been implemented. Please see our documentation for more information:


    If there are additions/changes you would like to see, please submit a new suggestion. Also, thank you for the very detailed description!

  11. Permit override of receipts or installs keys in Munki pkginfo

    Related to this feature request: https://suggestions.simplemdm.com/forums/204404-suggestions/suggestions/40986322-fully-support-the-munki-pkgingo-plist

    As per the documentation (https://help.pdq.com/hc/en-us/articles/6430464122907-Custom-PkgInfo-for-Munki-apps) the following keys are not permitted to overridden by the user:

    installs
    receipts

    I believe the intent of the restriction on these in the manifest is to prevent installation issues, but these keys are vitally important to fix the installation of packages that include sub packages that are not always installed.

    Without being able to override these options, some packages that include a large amount of sub packages that are not always installed (for example, architecture specific ones) will get stuck in a state where Munki believes…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    We have added the ability to set the "receipts" key in the custom PkgInfo. From what I currently understand, this should solve most scenarios, but if the "installs" key is also necessary for your use-case (or any other PkgInfo keys), please submit a new suggestion and/or email us at [email protected] and let us know. Thanks!

  12. Allow admins to set 'Remote Desktop Enabled' for all devices

    A freshly built macOS 12.1 machine can only have Remote Desktop / screen sharing enabled using MDM. Currently, this can only be done on a per machine basis using 'Enable Remote Desktop' option or API call. It would be great if we could: -

    1. Set 'Remote Desktop Enabled' at a global level for all macOS devices that are in SimpleMDM.

    2. Have the ability to set it on multiple machines at once by ticking the box next to the device and setting from the 'Actions' menu.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    Remote Desktop can now be enabled/disabled on multiple devices at once via the main Devices page, as well as enabled automatically when a device enrolls. To enable this for enrollments, see the option under Enrollments > Settings.

  13. Devices API should indicate if phone is in lost mode

    The following API

    GET https://a.simplemdm.com/api/v1/devices

    Lists detailed information about the device status under attributes.

    We would like to see an additional attribute for when the device was placed in lost mode and if the device is currently in lost mode.

    For example:

    {
    "is_in_lost_mode": true,
    "lost_mode_active_at": "2021-07-13T16:00:54.000-07:00",
    }

    Since we have a large fleet of devices, we periodically place some of that fleet into lost mode if they go missing, using your existing API.

    We would like to build out reporting which would require having lost mode information available in the API.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    The "lost_mode_enabled" key has been added to the Devices API.


    The Logs API can be used to get "lost_mode.enabled" logs to see when the device issued a response indicating that it received the "Enable Lost Mode" command successfully.

  14. Add Handbrake to macOS shared apps.

    I would like to see Handbrake offered as a macOS shared app. Thanks!

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Specify package install order during prestage

    The prestage_installer pkg that gets used when more than one pkg is assigned to a device group doesn't currently have a method to specify installation.

    Some vendors supply their products as multiple packages and some have dependencies of one being installed before another (see: jamf Connect trying to run the installed app if it doesn't detect a LaunchAgent on disk that is installed by another .pkg). For reasons like this, being able to guarantee the order of pkg installation is key.

    This request is to implement a way to specify the order of installation from the portal that is used…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Add a column to the device export list for "Filevault key escrowed"

    When reviewing devices, it would be helpful to see which devices have FileVault enabled but if the key is not escrowed to the MDM.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    The "FDE Recovery Key Stored" column has been added to the "Export Devices" CSV.

  17. Add extra fields to the device list

    The device list currently displays:
    Device Name Initial Group Model Status Serial Number Enrollment

    It would be useful to be able to customize the fields being shown to include or exclude any of the fields available, including custom attribute fields.

    15 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    Custom attributes and additional fields can now be displayed on the devices index page. Click the gear in the table to select more columns.

    If there are additional specific attributes you would like, please create a new request.

  18. Implement FileVault recovery key rotation in UI

    It would be convenient to be able to rotate FileVault recovery keys from within the SimpleMDM UI as documented here: https://developer.apple.com/documentation/devicemanagement/rotate_the_filevault_key rather than running the fdesetup Terminal command via script or using the API to accomplish this.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    Hi Eddie,

    Thanks for the post. This option is already supported in SimpleMDM. It is available when the existing recovery key is stored in MDM.



  19. Add Device Group Custom Attributes to API

    There is currently not a way to read or set the custom attributes of a device group from the API. In order to pull this information into external systems, the API is needed.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Send e-mail notifications for pending VPP and DEP token expiration

    It would be convenient for administrators to receive e-mail notifications 30 days in advance of a VPP or DEP token's expiration.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Anonymous responded

    This should be completed now. If there are certain additions you'd like to see, please do not hesitate to submit a new suggestion.

← Previous 1 3 4 5 17 18
  • Don't see your idea?

Suggestions

Categories

Feedback and Knowledge Base