We run websites on kiosk devices with locked down url profile. Would be great to support clearing the cache, or locking the browser to private browsing mode.

Currently, the API only allows to set a custom profile value for a device, not a default value globally.

There are lots of businesses that only want staff to access a certain website, but due to Apple's limitations this is impossible.
Suggestion is to create a browser app that can be programmed for only 1 (or more) specific websites. Then integrate it with your mdm for pushing the specific needed site(s)..

Linked in some ways to this request https://suggestions.simplemdm.com/forums/204404-suggestions/suggestions/37168075-add-more-granular-simplemdm-user-roles… (and yes, please more granular permissions!)

Would it be possible to restrict access to devices in MDM based on some kind of tagging?

So I can tag devices as “Kiosk” and grant helpdesk full admin access over those devices, but they won’t be able to see or modify devices tagged “user laptop” for example.

At the moment we achieve this using two separate SimpleMDM tenants, which works - but makes our plans to use auto-assignment of devices from Apple Business manager more challenging…

Provide Swagger Documentation for the API
A la https://swagger.io/docs/

Currently I have to list all of the devices in the MDM, and filter after the fact. It would be great to be able to retrieve the devices in a particular group directly.

When a machine enrolls into MDM via ABM/ASM the current cadence is to install packages before creating the configured account.

This request is to make the account creation happen first so packages that install can use the account that is created by the MDM.

One instance is the ability to install the bootstrap token escrow with the local admin account.  

Enrolling devices through Portable hotspot. When targeted devices are connected to admin device hotspot and by entering the user credentials for the login. Hence the mobile device is enrolled and the profiles are pushed.

We are using few Custom Attributes that can have only some options (like kiosk app). Having drop-down list with options will be really nice.

Then it will allow us to set possible Attributes and help desk will just choice from drop-down list.

Thanks David

WARNING tells me something. Doesn't tell me where to go to fix it. Thx

I would like to remotely wipe an Apple TV like I can on JAMF.

Okta have nice "Device trust" setting do you guys think it will be possible to cooperate with them and make this happen?

https://help.okta.com/en/prod/Content/Topics/Mobile/OktaDeviceTrustJamfmacOS_Devices.htm

It is easy for iOS/Windows but they need some API access to verify device in MDM.

Thanks

We need the ability to enrol macs into AD. This is done via the Directory payload, but I can't find a profile for it in Simple MDM. Before this is present, we can't switch to Simple MDM and is stuck with Apples Profile Manager.

It would be excellent to allow a custom URL for the "Welcome screen" contents, including providing drop-in HTML for a "start enrollment" button. This way, we could for example redirect to existing EULA agreement pages and pop the user right back to the SimpleMDM workflow.

Under Passcode Policy, can the option be placed to require a passcode? I could not locate that option anywhere ...

On the main Devices View, include the serial number as a column. Or have the ability for Users to add fields to this table to customize the view.

From the Apps->Catalog->Installs screen, add a "Push update" option to the Action menu, letting me push the most recent app binary to multiple devices at once.

At the moment, I have to go via Devices -> Devices -> Apps and update devices one at a time.

My use case is pushing an RC version of the app to c 3-4 manager devices, and then pushing the same/approved version to many more client devices. All at once. (Without having to generate a spurious additional build version and using auto-update during the update binary process).

We need a report to see device movements from users. Also see devices removed by and the related information

It would be extremely useful if a device dropping below a minimum specified battery level would trigger a notification to the administrator via email. This is a weak point with remotely located devices that are left on and accessible for long periods at a time. Even the genuine high wattage Apple chargers can require a power cycle after being left on for long periods, to avoid the device battery discharging faster than it is maintained.

allow exceptions to Apps that are still useful but are restricted to the profile settings.
if your profile settings have age restricted Apps set at 14+, have an exception box to allow Apps that have a 17+ to still function on device.