Skip to content

I suggest you ...

← Suggestions

Possibility to lock account name during enrollment

LockPrimaryAccountInfo and put use of the saml login name
from:
https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/command

and if possible collect the users full name from the saml login.

15 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Viktor Lundberg shared this idea  ·   ·  Report…  ·  Admin →
completed  ·  SimpleMDM responded  · 

LockPrimaryAccountInfo is now available as of macOS 10.15.4. Earlier versions of macOS have a bug that prevents this feature from functioning reliably.

SAML attributes can be saved to a device’s custom attributes. Under the “Authentication” tab in Enrollment details, SAML authentication types include an option to “Allow provider to set custom attributes”.

Show previous admin responses (1)

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Paul commented  ·   ·  Report

    This is great stuff. What would be really useful if the following could be implemented. This would allow the admin account as well as the user to be specified

    SetPrimarySetupAccountAsRegularUser
    boolean
    If true, the primary accounts are created as regular users. If this is true, you must specify an entry in AutoSetupAdminAccounts.

    Default: false

  • Rick commented  ·   ·  Report

    Yes please!! This would greatly simplify our flow and avoid a lot of the issues we have with getting the right user enrolled in user channel.

Suggestions

Categories

Feedback and Knowledge Base

(thinking…)