Configurations & Accounts
Configurations allow an administrator to set up accounts, services, and other functionalities on devices. Some configurations can be shared between device groups, some are linked to just one device group, and others are created as accounts for individual devices.
SimpleMDM supports many configurations, including:
|Configuration Name||Allows you to define...|
|App Restrictions||an app whitelist or blacklist to hide undesired apps from iOS. Requires supervision.|
|AirPlay Destination||an available destination to stream audio and video to.|
|AirPrint Printer||an AirPrint-compatible printer for devices to utilize.|
|APN||an Access Point Name. This is also called a Cellular payload. Sometimes used in advanced deployments.|
|CalDAV||a WebDAV or CalDAV calendar account.|
|CardDAV||a WebDAV or CardDAV contacts account.|
|Certificates||deploy custom certificates to devices.|
|an Exchange, IMAP, or POP-based email account.|
|FileVault||requirements around using Filevault full disk encryption. Also supports escrowing and rotating personal recovery keys.|
|Firewall||Firewall settings on macOS devices.|
|Firmware Password||Firmware password settings and saves password to SimpleMDM.|
|Global HTTP Proxy||an HTTP proxy that all web traffic on the device will be forced to pass through. Requires supervision.|
|Google Account||a Google account to use for email, contacts, and calendaring.|
|Home Screen Layout||an icon and folder layout on the iOS home screen and dock. Requires supervision.|
|Kernel Extension Policy||approvals for specific kernel extensions on macOS.|
|LDAP||an LDAP account, typically used to populate Contacts in iOS.|
|Passcode Policy||complexity requirements for passcodes on iOS and macOS, as well as screen lock settings.|
|Privacy Preferences||accessibility permissions for specific applications on macOS.|
|Restriction||a list of iOS functionalities that should be disabled.|
|Single App Lock||an app that is forced to run at all times on a device. Requires supervision.|
|Single Sign-On Account||a Kerberos account to be used to sign into websites and apps.|
|Software Update Policy for iOS||settings to automatically download/install iOS and tvOS updates. Requires supervision.|
|Software Update Policy for macOS||settings to configure Software Update preferences and automatically download/install macOS updates.|
|Subscribed Calendar||a calendar subscription. These appear in the device's calendar list.|
|VPN||a VPN account, such as L2TP, PPTP, Cisco, or other popular technologies.|
|Wallpaper||an image to appear in the background of the home and/or lock screen. Requires supervision.|
|Web Clip||an icon on the home screen that acts as a shortcut to a website.|
|Web Content Filter||a website whitelist or blacklist to control web access in the Safari app. Requires supervision.|
|Wireless Network||a WiFi network that the device can access.|
This is not intended to be a comprehensive list. Refer to the SimpleMDM interface for the latest capabilities.
Custom Configuration Profiles
Sometimes an organization needs a feature available in Apple Configurator that isn't supported by SimpleMDM. Or, an organization may have previously built configurations in Apple Configurator that they are not ready to rebuild in SimpleMDM. In these cases, SimpleMDM allows configurations that have been exported by Apple Configurator to be uploaded and distributed to enrolled devices.
To upload a custom configuration to SimpleMDM, follow the instructions below for creating a configuration and choose "Custom Configuration Profile" as the configuration type.
Most configurations require first creating a shared configuration profile and then assigning it to device groups. To create a shared configuration profile:
- Click Profiles under Configs in the left-side menu.
- Click "Create Profile"
- Click the type of profile you want to create (for example, "App Restrictions").
- Configure the profile settings as needed.
Once you have created the profile, it will be available for assignment via the "Profiles" tab on both the Group Details page and the Device Details page.
Assigning Configuration Profiles to Device Groups
A shared configuration profile will not be pushed to any of your devices until you have assigned it to at least once device group. To assign a configuration to a device group:
- Click "Groups" on the left-hand side of the screen.
- Click the name of the device group you would like to edit.
- Click the "Profiles" tab.
- Click "Assign Profile".
- Locate the profile that you want to assign and click "Assign".
Once you click "Assign", the profile is automatically pushed to the devices in the device group.
Creating and Assigning Accounts & Device-Specific Profiles
Some configurations, like email accounts, can also be assigned directly to devices instead of device groups. To create an account for a device:
- Click "Devices" on the left hand side of the screen.
- Click on the name of the device you would like to create an account on.
- Click the "Profiles" tab.
- Click the "Assign Profile" button in the upper right hand side of the screen.
- To assign a profile that has already been created, click "Assign" next to the profile name. Repeat these steps to add additional profiles to the device. To create a new profile or account, click "Create Profile".
- If you clicked "Create Profile", select the profile type you'd like to create, fill out the settings, then click "Save".
When you click "Save", the configuration is automatically pushed to the device.