Suggestions

Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!

  1. API device_groups support Create Update Delete

    Hi, the /devices endpoint currently supports create/update/delete - https://simplemdm.com/docs/api/#update-6

    Could we get support for create/update/delete on the /device_groups endpoint as well?

    We have a use case where we would like to clone an existing (template) group and name it. This is not currently possible via the API.

    Thanks!

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add restart option to FileVault profile

    Currently, FileVault will not be enabled on MacOS until the user either logs out or logs in, depending on how it is configured. It would be great to add the ability to restart the machine once enrollment is complete to ensure FileVault is enabled as soon as possible.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add full app path to collected apps & return with API

    When reviewing / querying apps it would helpful to know the full path of all found apps. Would like this returned in the API as well.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Bring parity to timing options in Apple's Security & Preferences menu

    In System preferences, in the Security and Preferences -> General tab, the "Require password <insert timeframe> after sleep or screen saver begins" dropdown has many more granular options than SimpleMDM allows. My company's security policy prefers 5 seconds after lock, but our only close options are immediate or 1 minute after sleep. It would be nice to have parity between the SimpleMDM configuration options and the options Apple allows.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. support media deployment for macOS

    apple supports this, just need it in SimpleMDM

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Extend the included Device fields via the CVS download option

    Appears to be missing a few key fields:
    - passcode policy enabled (This is not the same as "firmware password" and btw, a similar field is downloaded but we think it's tied to iOS devices as opposed to Mac OS)
    - Firewall enabled
    - Mac OS Patch Management enabled
    - Anti-virus / Malware enabled

    You may recognize these as SOC2 requirements. Would be ideal to run a report / download for all devices with this data included. Thanks!

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Rotate Firmware Password option

    We would like to use unique firmware password with the option to rotate the password, in case we have to share the password with the user at some point. Currently that would only possible with moving the device to a group without a firmware password, clear the firmware password and assign the device back to the original group.

    Maybe there is a possibility like building a mechanism that sends out multiple commands (one to clear the password and one to set it again), which would effectively "rotate" the firmware password.

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Provide a UI to configure system level DNS over HTTPS (DoH) and DNS over TLS (DoT) for macOS and iOS

    Many of us managing devices via MDM have to assume the devices are on networks that are insecure, malicious, or in the best case scenario, not malicious but definitely not private.

    The standard way of doing DNS in those environments is unsafe, as the DHCP server can provide any resolver, and the traffic to those servers is made in the clear.

    DNS over HTTPS (DoH) and DNS over TLS (DoT) are two options we have to make computing in such environments safer, by ensuring queries are encrypted as they leave the device.

    Big Sur and iOS 14 both support this,…

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Implement AllowNonAdminUserApprovals for macOS Kernel Extension policies

    Starting in Big Sur, Apple requires a local user to explicitly allow kernel extensions to be installed, even if they are whitelisted by MDM policy. By default only admin-level accounts are permitted to do so, but this is not practical in environments that don't allow end-users to be admins. Any such kernel extensions, and the software that depends on them, are basically unusable after upgrading to Big Sur.

    Please implement the new 'AllowNonAdminUserApprovals' option in macOS Kernel Extension profiles. This will allow our non-admin users to "approve" the required kexts and their software to function again. The public documentation hasn't…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Extend profiles API to include listing/managing all profiles

    Currently the only profiles that can be managed via the API are custom configuration profiles.

    Please extend management of the profiles to include all the profiles that can be created within the SimpleMDM web console so that these profiles can also be managed with the API.

    Given there is no ability to assign devices to multiple device groups, using the API to ensure all device groups get the profiles required is the only means of ensuring consistent application of profiles to device groups.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sorting columns on Profiles

    It would be nice to be able to sort the profiles by clicking on the column header.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Enforce device name when re-enrolled

    Add option to enforce "New Device Naming" when device re-enroll to SimpleMDM.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide more details in webhook messages

    We've got a webhook setup to post events to a Slack channel, but the messages don't have enough details to be actionable.

    Including the device name would be a good start!

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow control of the TLSTrustedServerNames field when configuring WiFi certificates

    When deploying or upgrading machines to Big Sur, I'm finding a change in behavior vs Catalina, in that when connecting to an 802.1x network, BS devices are asking the user to approve a certificate, where Catalina devices do not. In https://macadmins.slack.com/archives/C016JHNMP1N/p1611939579192200 it is suggested that the 802.1x profile can support the TLSTrustedServerNames field. However, SimpleMDM does not offer this field in the Profiles:Wireless category. I think that having this would address the unwanted dialog. As documented at https://developer.apple.com/documentation/devicemanagement/wifi/eapclientconfiguration , it seems this could be a field you could expose in the certificate management interface?

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. iOS version on dashboard

    I would like to see the iOS version on the main dashboard when you are looking at all the devices in your specific groups.

    So, today we have Name, Group, Model, Status, Last Seen. ADD: iOS Version!

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Document what shared apps are available on somewhere publicly available

    It would be nice if there was a publicly available support document or otherwise that listed what shared apps are available in SimpleMDM right now.

    Thanks!

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Schedule Regular Application Updates

    Similar to scheduled iOS update policy, we would love to see clients check in for applications in our catalog and perform regular scheduled non-business hours updates. This would be for all Apps (VPP and Enterprise).

    When updating enterprise app binaries, users sometimes reject the "Smart Update" if they feel it interrupts their workday, so a regular daily or weekly check in to our catalog by the devices to find the most recent app version available would keep all devices current across both VPP and enterprise apps.

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Munki Firefox in multiple languages

    At the moment Firefox is only available in English at Munki. It would be great if more languages were supported.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Suggestions

Categories

Feedback and Knowledge Base