Skip to content

Suggestions

Have a great idea that you’d like to see added to our service? Perhaps there’s an existing feature that you’d like to have extended or modified? Share it here!

461 results found

  1. Ability to rollout Profiles and Pkgs to shards of devices

    The basic idea would be to give each device a shard automatically (but allow it to be overridden) and then be able to set a release schedule for profiles and applications.
    For example, on the assign page for a profile, you could select "Shard this assignment" and then be able to select 7 days and have the profile released to (total devices / 7) on each day. Would also need the ability to stop the rollout.
    We currently do this in our internal munki with an installable_condition.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Combine assignments into groups for easy viewing

    Allow the ability to create a group/folder in the App Assignments menu to allow the grouping of assignments. We will have a lot of iPads that require individual apps. This will make it quite cumbersome to parse through.

    If we could group the assignments into a folder and title it based on department, viewing the assignments would be a lot easier.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Add profile.created and profile.deleted webhook events

    https://api.simplemdm.com/#webhooks

    I am requesting the profile.created and profile.deleted events be added to webhooks. Considering the sensitive nature of profiles, it follows these are events which would be of interest to security and IT teams. For example, if an attacker were to gain access to a SimpleMDM instance and craft a malicious profile.

    In our case, most profiles are created through the API. Knowing when a profile is manually created in the web app is an important signal as it could mean someone has maliciously gained access or an impending profile misconfiguration is on the way. We also keep a cache…

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. I'd love to see tags implemented as a device organizational tool.

    Right now we have groups. But device groups is only one way to view your fleet. I'd love if I could also assign tags to devices. Ideally multiple tags. This way I could have tags for things like "remote" or "customer service" or "need2retire". Then I could use a tag or combination of tags to isolate a special group of devices.

    Thanks

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Implement more granular API permissions

    In https://suggestions.simplemdm.com/forums/204404-suggestions/suggestions/32990482-scope-api-key API permissions were split up to correspond with API endpoints. While a welcome change, it doesn't go far enough in providing granular access to sensitive MDM actions. Since the the /devices endpoint contains so much (device update, info, restart, shut down, lock, erase, etc.) it is a prime target were an API key to be compromised.

    I am asking for API permissions to be split up to be even more granular by MDM command. An API key which only needs to enable/disable remote desktop should not also be able to lock or wipe the device. While I don't…

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Support per admin user time zone settings

    Under Account > Settings > Time zone an admin can set the global time zone for their entire SimpleMDM instance. This is the timestamp used in logs, enrollment date, etc.

    I'd like the ability for each admin user to set their own time zone as well. Having a per account setting is a small quality of life change which makes it easier to grok events. I prefer to read timestamps in my local time. Time data itself should not change, only what's presented to the user.

    4 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. ability to allow admin to decide if end user can or cannot control their date and time zone settings

    For some users, we want to allow them to control time zone while for others we want to lock it down. It'd be nice to have the option.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Disable big popup window from Managed Software Centre

    Hi!
    We use SimpleMDM on our rental/production macs, not as office computers. And I have gotten feedback that sometimes the "Managed Software Centre" pop up on the middle of the screen, when an update has been waiting for a few days.

    We want a way to turn this off, since we dont want a suddenly popup on the screen in middle of an event/production/show. And sometimes we have an event for a week or so, and dont want to update a program during that week. Would be nice if it was possible to turn of the popup either on each…

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Collect RAM inventory data

    Hello,

    We would like to see the amount of RAM a computer has from within SMDM, within each device inventory and on the Device tab as an extra column.

    Our team is looking to refresh hardware, and RAM is the main criteria, but we are unable to gather this data, and everymac.com information is not accurate.

    Note that this feature request is separate from the "report on mac model, installed ram and cpu type," because we are not looking to access the data via API.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Assign profiles to multiple groups from the Profiles Action menu

    There's no easy way to assign a single profile to multiple groups at once. Instead, I have to go to the Groups view and click on each group I want to add the profile to, click the profile tab, click Assign Profile, find the Profile I want to add, then click the Assign button. Doing that for each group is tedious.

    Instead, I suggest the Profiles view have an option in the Action button to be able to add whichever Profiles are selected to add to Groups. I imagine the resulting view would be a list of groups with a…

    17 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. allow user roles who (only) see their own device

    The idea here is to make our employees trust in the MDM solution. I'd like to give them read-only-access to SimpleMDM to see
    1) what is configured
    2) what I can see about their device
    3) what is NOT possible (I frequently get the question "can you read my e-mail now?")

    Currently, the lowest level of access still allows to see ALL settings, accounts and apps installed on ANY device.

    Being able to restrict the app-listing (similar to the settings in "Allow secret information visibility") would be a helpful feature.

    Even better would be linking the SAML-identity from the Enrollment…

    13 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Allow for a few different local admin password formats

    The current format is often very hard to type (and not easily copied), so it would be helpful if you offered some other password types that were more user and script friendly. 1Password's "memorable" word based passwords are a good example of a strong password, that's also easy type. Bonus points if you omit characters that need to be escaped in scripting (like when using the sysadminctl -secureTokenOn function).
    Thanks

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Include copy button for admin password.

    With the escrowed admin password feature, it would be helpful to include a small copy button (similar to those seen on code training/doc sites) to easily copy the password.

    As it is now, if you reveal the password, then triple click to select, you end up grabbing a carriage return (and text styling) that will make the password invalid when pasted.

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Enable adding multiple devices to app assignment groups Via API

    It would be nice to be able to add multiple devices using their device ID's to an app assignment group using the API. There is no easy way to add multiple devices to an assignment group unless they are already in a device group, and you may want to add specific devices in ag group rather than the full group for some apps, IE: installers.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Allow the removal of generated local-admin passwords

    When a device has been factory reset, its auto-generated local admin password gets a second, third etc entry depending on how many times it has been wiped.

    Once confirming the older local admin passwords are no longer necessary, we should be allowed to remove them to avoid confusion

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Checking the "Select All" checkbox should apply to ALL enrolled devices (not just the first 100)

    Meaning if I want to push an Apple VPP update to all enrolled devices, clicking the "Select All" checkbox only applies to the first 100 (as the ceiling).

    We currently only have 105x macOS devices enrolled, but are in the process of bringing over 850x others from VMWare Workspace ONE in a way that's "zero touch" for the user.
    You can imagine us having to click the "Select All" checkbox on each 9x pages containing 100x devices/each would be inefficient.

    Screenshot is from my work Gmail and is just an example of what I would see implemented.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Ability to sort Apple VPP app by the version installed on device

    So I'm not clicking the Select All checkbox --> clicking Actions - Install Update for users who are already on the latest version (example in screenshot being v2.0.25 as the latest for that app)

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Create a Vanta integration

    Vanta is an automated compliance tool. If SimpleMDM created an integration, it would be much easier for us to deploy across various products as part of a comprehensive compliance package.

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Support API key expiration

    API keys currently never expire. A key can be regenerated to effectively expire it, but there's no way to do so by time. I'm specifically asking...

    • Add support for API keys to expire after 30, 60, 90 days, by timestamp, or never.
    • Optional. Let the API regenerate or expire keys. Ends up being a one key rules them all situation. Up to debate whether this is a secure approach.
    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Allow Configurable Log Retention

    I would like to be able to customize the log retention filter and length. Not all device logs are needed for longer than 30 days, however important access logs and commands such as locking devices should be able to be kept for much longer.
    Alternatively or in addition, having a built in log pipeline to a SIEM would be great. Pulling logs out of the API is a bit of a hassle.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
1 2 6 8 10 23 24
  • Don't see your idea?

Suggestions

Categories

Feedback and Knowledge Base