We just posted a blog that highlights some of the new features available for macOS and iOS. Some of these were developed after the iOS 11.3 and macOS 10.13.4 release - some we've been working on outside of that 🙂
We'll have a full list posted under Help>New Features in dashboard shortly!
Please make sure to submit any additional feature request in the Make a Wish box in dashboard! We certainly welcome discussions about these in the Community as well - but requests posted in dashboard are actively tracked and monitored by our SM team.
Here are some of the highlighted new features:
Delay OS updates for up to 90 days on iOS and macOS: Providing time for IT teams to vet and test new OS versions before they are deployed on managed devices.
Keep apps up to date on iOS and macOS: Select for specific App Store apps to automatically update when a new version is available.
Disable bluetooth settings on iOS and macOS: Limit distractions and security loopholes by locking down the bluetooth functionality on devices through the live tools on a device page. IT teams can use this in conjunction with bluetooth restrictions settings to lock bluetooth settings on or off.
FileVault Personal Recovery Key (PRK) Escrow: Store PRKs for disk encryption on macOS devices.
Login window: Set custom login window messages for macOS devices to alert users of management or convey organizational messages.
Lock screen: Specify a custom lock screen asset tag on iOS to easily identify a device in hand.
App Store Restrictions: Restrict end user app installations and updates for more control of apps and app versions on macOS devices.
Airprint: Set printer configurations for iOS and macOS devices.
Dock: Change size, magnification, position, minimization effect, and more macOS dock settings.
Setup Assistant: When re-provisioning a macOS device, select to skip steps like Siri setup.
THANK YOU!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Lock screen: Specify a custom lock screen asset tag on iOS to easily identify a device in hand. 🙂 🙂 🙂
just tried to bluetooth modification restriction on IOS
radio button is indeed greyed out but i can still enable/disable it using control center..
what's the point ?
@alexis_cazalaa I believe control center only shuts stops connections until the next day. This feature prevents students from circumventing Apple classroom, the student "toggling" bluetooth off in the control center with this restriction enforced would stop that.
@jared_f @alexis_cazalaa - I think this is something that is unclear on the end device UI. When a bluetooth restriction is set, the user actually CAN'T change that in the control center...it just LOOKS like they can.
Is what you're seeing when you test the actual bluetooth connection- after setting a restriction and trying to disable bluetooth in control center?
@alexis_cazalaa I just tested it, even though it is turned off at control center, Apple Classrooms still works.
@jared_f so to go deeper, bluetooth must be enabled prior to setting up that restriction as the Bluetooth enable/disable MDM command doesn't seem to override it.
@alexis_cazalaa That is correct. This is not Meraki's fault, but is an Apple limitation. I highly recommend enforcing bluetooth on during DEP enrollment (if you are using it). This ensures it will be locked on.
Do you think we'll be able to get the same lock screen options on Android?
This is a really great update to SM! Thanks to @Melissa and the whole SM team.
Is there a way to configure in WiFi Settings payload for macOS, similarly to Server.app, to authenticate macOS on the network using machine's AD credentials?
As on the picture:
The simplest way is to deploy Systems Manager.
It is a way IF wireless at that particular site is Meraki.
But what if I need to authenticate corporate's macOS to let's say Cisco WLC with ISE as Radius and policy requires device's AD credentials (PEAP/EAP-MSCHAPv2). I can easily push it through AD to Windows-based devices.
However, macOS is an issue as it requires, in this case, Server.app to configure the profile or additional/separate MDM like AirWatch which has the same setting as the previous screenshot: Authenticate with target machine directory credentials.
I would really appreciate having a single MDM system 🙂
"Keep apps up to date on iOS and macOS: Select for specific App Store apps to automatically update when a new version is available."
Are you able to confirm if this feature is now working in iOS 12.1? I stumbled across this post: https://community.meraki.com/t5/Endpoint-Management-Systems/VPP-Apps-not-updating-correctly/m-p/438...