Release Notes

Restrictions profile: several new keys added – September 18, 2024

The following keys have been added to the Restrictions profile:

 
  • "Allow Genmoji" allowGenmoji
  • "Allow Image Playground" allowImagePlayground
  • "Allow Image Wand" allowImageWand
  • "Allow iPhone Mirroring" allowiPhoneMirroring
  • "Allow Personalized Handwriting Results" allowPersonalizedHandwritingResults
  • "Allow Writing Tools" allowWritingTools
  • "Allow Auto Dim" allowAutoDim
  • "Allow call recording" allowCallRecording
  • "Allow media sharing modification" allowMediaSharingModification
  • "Allow web distribution app installation" allowWebDistributionAppInstallation

 

NonRemovableFromUISystemExtensions key added – September 16, 2024

NonRemovableFromUISystemExtensions key now supported in System Extensions profile

This new key is available as the "Allow UI Removal" option in the System Extensions profile. Supported in macOS 15+, this key allows admins to prevent end-users from being able to remove System Extensions via the System Settings UI.

 

Support for Apple Vision Pro added – August 14, 2024

Apple Vision Pros can now be managed

Apple Vision Pros are now able to be enrolled in SimpleMDM to view inventory information, installs apps, and a limited set of other features.

Documentation for supported features is available here.

 

Services Background Tasks configuration added – July 23, 2024

Services Background Tasks configuration added

Services Background Tasks is a new configuration declaration that Apple announced support for during the Apple Worldwide Developers Conference (WWDC) 2024. This configuration allows admins to create and control background tasks for things like launchd configuration files and agents, and store them in a secure and tamper-resistant location. Available on macOS 15+.

Official Apple documentation for Services Background Tasks is available here

Install beta OS updates during Automated Device Enrollment – July 11, 2024

New option to enroll devices into beta program during Automated Enrollment

The option to enroll a device into Apple's beta program and force it to update to a beta OS version during ADE has been added under the "Minimum OS Version Requirement" section on the Automated Enrollment > DEP Settings page. This option is available to accounts that are eligible for Apple's beta program and have the option enabled in Apple Business Manager.

Safari Extension Settings configuration added – July 10, 2024

Safari Extension Settings configuration added

Safari Extension Settings is a new configuration declaration that Apple announced support during the Apple Worldwide Developers Conference (WWDC) 2024. This configuration allows admins to control which Safari Extensions are allowed, enabled, or disabled during regular and private browsing, and which domains extensions are allowed to be active on. Available for iOS 18+ and macOS 15+.

Official Apple documentation for Software Update Settings declaration is available here.

New configuration declarations added – July 9, 2024

Software Update Settings configuration added

Software Update Settings is a new configuration declaration that Apple announced support during the Apple Worldwide Developers Conference (WWDC) 2024. This new declarative configuration is intended to replace the legacy System Settings Software Update configuration profile (com.apple.SoftwareUpdate - included in the Software Update Policy for macOS profile in SimpleMDM) going forward, starting with iOS 18+ and macOS 15+.

Official Apple documentation for Software Update Settings declaration is available here.

Disk Management Settings configuration added

Disk Management Settings is a new configuration declaration that Apple announced support during the Apple Worldwide Developers Conference (WWDC) 2024. This configuration allows admins to allow or restrict connections to external storage and network storage on macOS 15+ devices.

Official Apple documentation for Disk Management Settings declaration is available here.

Clear Restrictions Password command added, New Shared Apps – July 8, 2024

Restrictions password can now be cleared on iOS/iPadOS devices

We added the "Clear Restrictions Password" command to the available device actions on supervised iOS and iPadOS devices.

Official Apple documentation for Clear Restrictions Password command is available here.

New Shared Apps added

We added GoLand and IntelliJ IDEA to the Shared Apps directory. 

Extensible Single Sign On profile updates – June 27, 2024

New options added to support Platform SSO

We updated the Extensible Single Sign On profile to add support for new options related to Platform SSO that were announced during Apple WWDC ’24, including settings like FileVault Policy, Authentication Grace Period, Login Policy, Unlock Policy, and more.

Official Apple documentation for the Extensible SSO payload with new changes is available here.

Restrictions profile updates – June 25, 2024

New keys added

We added the following new keys to the Restrictions profile:

  • allowESIMOutgoingTransfers
  • allowMediaSharing


N
ew Shared Apps – June 24, 2024

New Shared Apps added

We added the following apps to the Shared Apps directory:

  • Opera Browser
  • Poly Lens
  • TailScale

Return to Service for tvOS, Apple Intelligence skip key added – June 20, 2024

New for tvOS 18: Return to Service 

We added support for the "Return to Service" option on tvOS 18+ devices when sending a Wipe command.

Apple Intelligence skip key added

We added the "Apple Intelligence" key to the "Panes to Skip" section in the automated enrollment DEP Settings. 

Lock Screen Message Profile Changes – May 7, 2024

Lock Screen Messages have been moved to their own dedicated profile

We have moved the Lock Screen Message field out of Device Group Settings page and converted them to their own dedicated profiles. Lock screen messages can now be created and edited under the Profiles section. This change will not impact existing device lock screen messages.  The purpose of this change is to make managing lock screen message profiles more consistent with other profile types, and to enable more logical management with future enhancements.

Assignment Groups API updates – May 1, 2024

New priority option added

We have added the ability to set the assignment group priority level when creating and updating assignment groups via API using the priority argument.

Assignment Groups API updates – April 24, 2024

Default installs and managed updates install types added

We have added default_installs and managed_updates as available install types when creating an assignment group via API.

Assignment Groups API updates – April 23, 2024

Configuration profiles can now be managed for Assignment Groups via the API

A previous update allowed profiles to be assigned to Assignment Groups (instead of only Device Groups), thus adding support for multi-group membership for devices. We've now added the following endpoints to support managing configuration profiles on Assignment Groups via the API.

  • Assign a profile to an assignment group
  • Unassign a profile from an assignment group
  • Sync profiles to devices for an assignment group

Restrictions profile updates – April 16, 2024

New keys added

We added the following new keys to the Restrictions profile:

  • forcePreserveESIMOnErase
  • allowESIMModification
  • allowPasswordAutoFill
  • allowManagedToWriteUnmanagedContacts
  • allowUnmanagedToReadManagedContacts
  • allowMarketplaceAppInstallation
  • allowLiveVoicemail

Devices API update – April 10, 2024

Key added to show if DDM is enabled on a device

The ddm_enabled key has been added to the Devices API response for devices with DDM enabled.

Declarative device management (DDM) available for all customers, profile Assignment Group support – April 3, 2024

DDM channel enabled for all customers

The DDM channel is now enabled automatically on all eligible devices when they check in with MDM. Admins do not need to take any action to enable this. 

Assign configuration profiles via assignment groups 

Admins can now assign configuration profiles to devices via assignment groups, allowing multi-group membership (inheriting profiles from multiple groups) for devices. For more information, refer to this support article on Configurations & Accounts under the section Assigning profiles to Assignment Groups.


New Munki install type options – April 1, 2024

Managed updates and default installs added

We added “Managed updates” and “Default installs” as new install types for Munki assignment groups. Managed updates allow admins to update software through Munki even if it was not originally installed on the devices via Munki. Default installs allow admins to install apps on devices that end users can choose to uninstall via the Managed Software Center.


DDM Beta: DDM channel enabled for all devices in beta accounts - March 26, 2024

DDM channel turned on for supported devices in beta accounts

The DDM channel has been enabled on all eligible devices within accounts that have opted into the beta program. Admins no longer need to manually turn on DDM for specific groups of devices.

Devices page: Sort by Custom Attribute values  March 25, 2024

Custom attribute column sorting added to Devices list

The Devices list view now allows for sorting on custom attribute values.

DDM Beta: Managed Software Updates – March 4, 2024

Managed Software Updates configuration available in the DDM beta

The Managed Software Updates configuration is now available to accounts that have the Declarative Device Management (DDM) beta enabled. This configuration allows admins to schedule specific OS versions to be installed on devices by a certain date and time, while device users receive enhanced notifications to inform them of the upcoming update. Additional documentation is available:

New Shared Apps February 12, 2024

New Shared Apps added

We added Mactracker and JetBrains Toolbox to the Shared Apps directory.

New UI for the Devices page - December 11, 2023

Updated design for the Devices page

We have released an updated design for the Devices page, an exciting step towards a new UI design that will extend to the rest of the product over time. Admins can now opt-in to using the new UI by clicking the option in the banner on the Devices page. After enabling the new UI, admins have the option to temporarily switch back the old view.

New skip keys added to automated enrollment DEP settings - December 7, 2023

New skip keys added

We added the “Enable Lockdown Mode” and "Wallpaper" keys to the “Panes to Skip” options.

Device information and profile updates - November 14, 2023

Restrictions profile update

We added the “Allow near–field communications (NFC)” key.

Passcode policy profile update

We added the “Minutes until failed login reset” key.

Device details information 

  • We added the “EID” field to Service Subscription information.
  • The “Last Seen” column is now more precise.

New automated enrollment setting, Service configuration files - November 8, 2023

Configure a minimum OS version requirement during automated enrollment

Admins can now configure a minimum OS version requirement when a device enrolls through automated enrollment. When a device performs the initial MDM check-in during Setup Assistant and the device does not meet the specified version, users will see a prompt indicating that an update is necessary and be presented with a timer for an automatic restart to install the update. Once the update is complete, they will be able to proceed with the enrollment and finish Setup Assistant.

This option can be configured under the “DEP Settings” tab for automated enrollment. Supported for iOS 17+ and macOS 14+.

The Service configuration file declaration is now supported in the DDM beta

We added support for a new Service configuration asset type that allows admins to configure and manage preferences for system services on macOS, such as sshd, sudo, bash, etc. To do this, admins must upload a zip archive with matching directory structure that contains the configured preference files.

Updates to Privacy Preferences profile October 17, 2023

Privacy Preferences profile updates

We added the following keys to the configurable access permissions:

  • Update or delete other applications
  • Access app data

New enrollment method: Account-driven enrollment October 2, 2023

New enrollment method added

SimpleMDM now supports account-driven enrollment as a method for enrolling devices. Devices can be enrolled by signing in via the Settings app using a Work or School account as an alternative to using traditional profile-based enrollment methods. Account-driven enrollment can be used for both device enrollment and user enrollment types. 

Declarative Device Management (DDM) Beta September 27, 2023

Beta announcement 

We added support for Declarative Device Management (DDM) and it is now available in Beta. The initial functionality will be available for macOS 14+ or iOS/iPadOS 17+ and includes:

  • The ability to turn on DDM protocol for devices 
  • Enabling DDM channel status reports 
  • The ability to install some profiles with DDM and/or migrate existing profiles to DDM

If you are interested in having DDM enabled on your SimpleMDM account for testing, you can fill out this form and our team will enable in within 5-7 business days.

New Shared App August 29, 2023

New Shared App added

We added AnyDesk to the Shared Apps directory.

SimpleMDM Status Page August 9, 2023

Status Page added

We now have a status page for SimpleMDM and the other PDQ products. Visit our status page and subscribe for updates at: https://pdq.statuspage.io/

New Shared Apps August 7, 2023

New Shared Apps added

We added RubyMine, Blender, Miro, and Nextcloud to the Shared Apps directory.

Welcome screen enhancements, new Shared Apps July 26, 2023

New functionality added to the welcome screen feature

We added the ability to create a form and display it on the Welcome Screen during the enrollment process. The form fields are mapped to custom attributes, which allows the input from the user to be stored in the custom attributes once the form has been submitted and enrollment is complete. 

New Shared Apps added

We added ClickUp and Powershell to the Shared Apps directory.

Gatekeeper Policy profile added, new Shared Apps July 11, 2023

New profile added to admin interface

We added support for the "Gatekeeper Policy" profile in the SimpleMDM admin interface. This new profile enables admin to configure Gatekeeper settings on macOS, including force enabling Gatekeeper, allowing or disallowing identified developers, and disabling manual Gatekeeper override abilities.

New Shared Apps added

We added Todoist, Webex, and Wrike to the Shared Apps directory.

FileVault profile updates July 3, 2023

ForceEnableInSetupAssistant key added

We added the "Force FileVault to be enabled in Setup Assistant" option to the FileVault profile. This allows admin to force end-users to enable FileVault during Setup Assistant, ensuring encryption is enabled before reaching the home screen. Requires macOS 14+ and Automated Device Enrollment.

"Set Time Zone" command added, API updates June 29, 2023

New device action added

We added the "Set Time Zone" command to the Actions menu for supervised iOS, iPadOS, and tvOS 14+ devices, allowing admins to update the time zone on supported devices.

Install OS update options

We added the version_type argument to the Update OS API to match what is available in the SimpleMDM admin interface, allowing admins to choose between latest_minor_version and latest_major_version as options.

Update Munki PkgInfo via API

We added the ability for admin to customize PkgInfo for Munki apps via the API.

New feature: Auto Attributes June 28, 2023

Save script outputs in a custom attribute

Admins can now run a script and save the output/device response in a custom attribute. This enables admins to query devices for information beyond the scope of the MDM protocol. Once stored, these custom attribute values will be visible on device records and in the Device Inventory report export (CSV).

Return to Service support added, custom icons for SimpleMDM Munki, updates to Restrictions profile  June 27, 2023

New for iOS, iPad OS 17: Return to Service 

We added support for the "Return to Service option on iOS and iPadOS 17+ devices when sending a Wipe command. This option enables admin to select an assigned Wi-Fi profile, allowing the device to automatically reconnect to Wi-Fi after the wipe and proceed through setup without requiring user interaction.

Upload custom icons for custom apps & NoPkgs

We added the ability to upload custom icons for custom apps & NoPkgs deployed using our hosted Munki integration. Once enabled, the Managed Software Center shows the uploaded custom icon.

Restrictions profile update

We added several new keys and/or updated them for macOS 14 and iOS 17.

"Run script" action added  June 12, 2023

New device action added

We added the “Run Script” action to the Device Actions menu. Selecting this will automatically populate the target device when creating the script job. 

Printing profile added  June 6, 2023

New profile added to admin interface

We added support for Apple's "Printing" profile in the SimpleMDM admin interface. This new profile enables administrators to configure printing settings and preferences on macOS devices.

New user role permission set added  May 30, 2023

"No Access" permission set added

We added a new user role permission set called "No Access" that can be assigned to user accounts, allowing their creation without permitting the user to view any information within the account. This enables existing admin users to manage access by assigning a different user role or revoking the newly created user account. This role can be particularly useful as the initial user role for SAML SSO accounts where sign-in access is not being scoped on the identity provider's side.

Updates to Restrictions profile, export devices CSV May 25, 2023

Restrictions profile update

We added the "Allow password sharing' key to the Restrictions profile.

Column added to device inventory export

We added a new column called 'Last Seen IP' to the device inventory export.

Bluetooth commands added to API  May 18, 2023

Enable & disable Bluetooth on devices via API

The “Enable Bluetooth” and “Disable Bluetooth” commands can now be sent to devices via the API.

Profile updates, device details added  May 9, 2023

System Extensions Policy profile update

We added the option to mark extensions as removable using the RemovableSystemExtensions key.

Software Update Policy for iOS profile update

We added an option to the Software Update Policy for iOS profile to schedule software update commands based on hours within a specific time zone or the time zone currently set on the device.

Time zone added to Device Details

A device's time zone is now reported within the Device Details section.


Schedule Script Jobs
April 26, 2023

Schedule Script Jobs

We added an option to schedule script jobs from the SimpleMDM admin interface. Schedule scripts to run immediately, at a specific date or time in the future, or recurringly.

Reinstall SimpleMDM Munki April 13, 2023

New device action added

We added an option to "Reinstall SimpleMDM Munki' to the Actions dropdown for macOS devices using our hosted Munki integration. This will run an uninstaller and then reinstall Munki on the selected device.

Profiles and Custom Profiles API update March 2, 2023

Profiles and Custom Profiles API updates

We added the ability to query by profile name using the "search={{name}}" param to the Profiles and Custom Profiles API endpoint. 

macOS profiles update February 21, 2023

macOS profiles update

We added the option to "Re-install profiles automatically after macOS software updates are detected" to configuration profiles supported on macOS. This allows admins to choose whether specific profiles should be re-pushed after an OS update is detected. 

Web Content Filter profile updates, API updates February 14, 2023

Web Content Filter profile updates

We added the “Custom Data” field to the Web Content Filter profile.

API updates

“Set auto-admin password” and “rotate auto-admin password” commands have been added to the API. 

NoPkg support added to SimpleMDM Munki integration, device search improvements – February 9, 2023

NoPkg support added

We added NoPkg support to the SimpleMDM Munki integration. NoPkgs are PkgInfo files that can be deployed via Munki without an associated PKG or DMG.

NoPkgs are frequently used to:

  • Provide self-service scripts to end-users within the Managed Software Center
  • Automatically run scripts and check for changes in the installed state to determine if they need to be run again

A few example use cases for NoPkgs:

  • Allowing end-users to install printers as needed
  • Keeping the computer hostname in sync with other systems
  • Automatically forcing a log out or restart
  • Controlling SSH access

For more information on NoPkgs, see the official feature documentation in our Knowledge Base.

Device search improvements

We improved device search capabilities, so now devices with multiple phone numbers associated to them will appear in search results for either phone number. 

Auto-admin password management – January 26, 2023

Auto-admin password management

We updated auto-admin password management, so now for any device with an auto-admin account created by SimpleMDM the password can be reset or rotated. This was previously tied to the “Store admin password for device in SimpleMDM” option in the DEP Settings

Was this article helpful?
Still have a question or want to share what you have learned? Visit our Community Discord to get help and collaborate with others.