Community Record
403
Posts
382
Kudos
49
Solutions
Badges
Aug 9 2024
7:39 AM
1 Kudo
This is a limitation of the Android Enterprise API: There's no ability for us to prevent users turning location on or off.
... View more
Aug 9 2024
3:33 AM
2 Kudos
Both of these are suitable solutions to not using conditional access. Duo Trusted Endpoints is the easiest to roll out
... View more
Aug 9 2024
3:30 AM
2 Kudos
You can hide the settings application (Use the Android System Apps payload) but that doesn't stop the user from using shortcuts to turn off location A limitation of android, sadly
... View more
Jul 25 2024
3:45 AM
3 Kudos
import meraki
API_KEY = '<YOURAPIKEY>'
client = meraki.DashboardAPI(API_KEY)
networks = client.organizations.getOrganizationNetworks(organizationId="<YOURORG>")
clientNum = 0
for network in networks:
try:
clients = client.networks.getNetworkClients(networkId=network['id'])
print(len(clients))
clientNum = clientNum + len(clients)
except meraki.APIError as e:
result = 'fail'
print("Total Clients", str(clientNum)) There's no ORG wide API call presently for network clients, so you'll have to cycle through each network Replace <YOURAPIKEY> and <YOURORG>
... View more
Jul 15 2024
7:05 AM
2 Kudos
The easiest way would be to use Meraki WiFi and Systems Manager and spend 15 seconds, yes, SECONDS deploying certs to all of your devices, utilising the built in PKI and RADIUS in Meraki Dashboard But, as you're not doing that, so.... 1. Create a new Setting (Systems Manager > Settings > Add profile) 2. Give is a name 3. Add a certificate payload: You'll have to reach out to ClearPaass to work out what type, either dynamic or static 4. Add a wifi payload to the same setting, and configure the various 802.1x options under Security > WPA2 Enterprise > Protocols / Authentication / Trust 5. Under Authentication > Identity Certificate, choose the SCEP / Cert payload you created earlier
... View more
Jul 15 2024
7:00 AM
2 Kudos
So long as you haven't blocked the ability to modify account settings, the user can very easily click the icon top right of Google Play, click the down arrow next to the AFW account, and then add another account giving them access to all of google play
... View more
Jul 1 2024
3:46 AM
This is only true if you are using Apple's ADE. To ensure, if the powers that be decide not to buy a license, that you edit the MDM server: This will ensure that it doesn't try to enroll again after a wipe
... View more
Jun 25 2024
12:57 AM
3 Kudos
You're going to need to either deploy a script to install the contents of your DMG, or follow the section titled, Building your package : DMG / PKG (silent installer) https://community.meraki.com/t5/Mobile-Device-Management/HOWTO-Package-files-scripts-and-apps-together-for-macOS/m-p/187857
... View more
Jun 20 2024
6:37 AM
2 Kudos
I've reached out to product management for you. Can't offer anything more at the moment, but watch this space
... View more
Jun 19 2024
12:39 AM
2 Kudos
Zabbix supports API usage: https://www.zabbix.com/integrations/meraki If there's something that Zabbix doesn't support, this should be relatively easy to integrate, as the Meraki API is REST based https://developer.cisco.com/meraki/api-v1/get-network-events/ would be a good place to start Also, it would be helpful to understand what you means by "logs"
... View more
Jun 14 2024
3:25 AM
1 Kudo
Everything you ever wished to know: https://documentation.meraki.com/SM
... View more
Jun 5 2024
7:37 AM
2 Kudos
Firstly, https://www.youtube.com/watch?v=-d37z6qCGLQ And when you get to the Consumer URL part, you can use : The vision one instead of the normal one
... View more
Jun 5 2024
5:36 AM
5 Kudos
Firstly, for those that don't know, we maintain a YouTube channel, called MerakiMinute that covers various features of Meraki in short, easily digestible videos In the video below, we cover how to configure SAML authentication with the Meraki Dashboard, using OKTA as the IDP https://youtu.be/-d37z6qCGLQ Of course, other IDPs are available, which are covered here: https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_Single_Sign-on_for_Dashboard And for diagnosing login problems, you can use the link below: https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/SAML_Login_History_Events
... View more
Labels:
- Labels:
-
Administrators
Jun 5 2024
1:42 AM
Will feed this back
... View more
Jun 5 2024
1:42 AM
Systems Manager doesn't have that level of granularity just yet, but I will feed this back to the team. I had a look at the API (in case you wanted to consider building a portal just for this), but whilst we have an API for Lock we don't have one for Lost
... View more
Jun 4 2024
8:10 AM
4 Kudos
Firstly, apologies if you've not seen this. It was launched a while ago, and I've only just stumbled upon it https://youtu.be/HIJrktiaQ_o Essentially, Limited Access Roles give you the ability to segment a Systems Manager network, so that admin A can only see devices that are tagged with a particular role. So, for example, the administrator of a hospital in Milan can only see devices in their dashboard that are tagged with Hospital-IT-Milan, for example. Now, there's severa things you need to do 1. Create the role(s) 2. Create the admin(s) 3. Tag the devices This ALSO works with SAML too: Now, obviously, if you've a LOT of admins, roles, devices to tag / create, all of this can be done with the Meraki API https://developer.cisco.com/meraki/api-v1/create-organization-sm-admins-role/ https://developer.cisco.com/meraki/api-v1/create-organization-admin/ https://developer.cisco.com/meraki/api-v1/modify-network-sm-devices-tags/ and, if using SAML https://developer.cisco.com/meraki/api-v1/create-organization-saml-role/ Full details here: https://documentation.meraki.com/SM/Other_Topics/Limited_Access_Roles and, for nostalgia: https://meraki.cisco.com/blog/2015/06/limited-access-roles-for-systems-manager/
... View more
Labels:
- Labels:
-
Monitoring
-
Other
Jun 3 2024
3:42 AM
Can you create a case for this? I feel that everyone would benefit from this, but, obviously, validation by engineering needs to take place
... View more
May 24 2024
8:30 AM
2 Kudos
You may be getting errors when using the portal. It's because Google are mandating that you accept the new terms and conditions: https://www.androidenterprise.community/t5/service-announcements/fix-available-toserror-responses-accessing-zero-touch-customer/ta-p/4041
... View more
Labels:
- Labels:
-
Android
May 14 2024
7:09 AM
https://ss64.com/mac/installer.html is also your friend
... View more
May 14 2024
7:07 AM
2 Kudos
Whilst this is true, if you're building your own packages, you may be able to accept prompts on the user's behalf. This is a post install script I created a few years ago to install CaptureOne #!/bin/bash
dmgPath="/tmp/CaptureOne12.Mac.12.1.4.dmg"
mountPath="/Volumes/Capture One 12"
/usr/bin/expect<<EOF
spawn /usr/bin/hdiutil attach "$dmgPath" -nobrowse -quiet
expect ":"
send -- "G"
expect ""
send -- "\n"
expect "Agree Y/N?"
send -- Y\n"
expect EOF
EOF
if [[ -e "$mountPath" ]]
then
cp -r "$mountPath"/"Capture One 12.app" /Applications/"Capture One 12.app"
fi
umount "$mountPath"
rm -rf "$dmgPath"
exit 0 You'll note that you can accept various prompts I'd reach out to Tanium and ask for help here, but if you can get the prompting working you may be on the home straight
... View more
May 14 2024
12:32 AM
Have you seen: https://community.meraki.com/t5/Mobile-Device-Management/HOWTO-Package-files-scripts-and-apps-together-for-macOS/m-p/187857 The important thing is to ensure that you know the bundle ID for the macOS software, else SM will try to install repeatedly, because it will never know that it installed correctly (by design) For Windows: https://community.meraki.com/t5/Mobile-Device-Management/HOWTO-Package-files-for-deployment-to-windows-computers/m-p/117459
... View more
May 13 2024
7:09 AM
3 Kudos
https://community.meraki.com/t5/Feature-Announcements/bg-p/new-features and https://www.youtube.com/merakiminute (where I'll do a video in the feature when it comes out)
... View more
May 13 2024
3:52 AM
This is not supported right now, but I completely understand the use case. Reach out to your Meraki Rep if this is an important feature for you and ask them to create a feature request
... View more
May 13 2024
3:50 AM
Have you tested with the Email Domain name (Systems Manager > General > End User authentication settings) to manipulate the domain (ie: getting the username from AD and then adding acme.com to the end)?
... View more
May 13 2024
3:47 AM
3 Kudos
Whilst this should be in the MV forum, I can answer There's two things that need to be adopted by the MV Vision app to support fully automated deployment 1. managed app config 2. Silent auth Both are being worked on currently, but auth is proving to be much more difficult (as cert auth is not something that has traditionally been supported by Meraki Dashboard). So, watch this space, and we'll have something soon.
... View more
My Accepted Solutions
Subject | Views | Posted |
---|---|---|
112 | 2 weeks ago | |
795 | Oct 8 2024 7:43 AM | |
1376 | Aug 14 2024 4:20 AM | |
1191 | Jul 25 2024 3:45 AM | |
622 | Jun 19 2024 12:39 AM | |
1134 | Jun 14 2024 3:25 AM | |
1558 | May 13 2024 3:47 AM | |
2287 | Mar 14 2024 1:49 AM | |
1789 | Feb 12 2024 3:59 AM | |
1890 | Dec 13 2023 8:56 AM |
My Top Kudoed Posts
Subject | Kudos | Views |
---|---|---|
18 | 4212 | |
9 | 8467 | |
7 | 2458 | |
6 | 723 | |
6 | 4122 |