this post was submitted on 27 Jan 2024
20 points (91.7% liked)

Selfhosted

40006 readers
553 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I’d like to experiment with MDM for mine and my child’s iPhones, and possibly my child’s MacBook.

I self host tons of mainly docker based services and have a domain, with everything behind traefik already.

Does anyone know a good MDM solution/tutorial to do this? I started to try one free recommended one but it was unfortunately a windows service, and then the apple side setup seemed very complicated and I could really use a tutorial.

And if anyone has done it, what are the main benefits over the regular parental controls?

all 22 comments
sorted by: hot top controversial new old
[–] [email protected] 10 points 9 months ago (3 children)
[–] [email protected] 17 points 9 months ago

From context, I assume Mobile Device Management, though I've never heard it it being used other than by an employer.

[–] [email protected] 6 points 9 months ago (1 children)

@Vendetta9076 @InformalTrifle A system to centralise the management of mobile devices like iPhones and iPads remotely. Usually used by companies to provision devices automatically and dictate apps can be installed and have email/calenders etc. configured automatically.

See also https://it-training.apple.com/tutorials/deployment/dm005

[–] [email protected] 1 points 9 months ago
[–] [email protected] 4 points 9 months ago

My dank memes

[–] [email protected] 6 points 9 months ago

You can use Apple Configurator if you just want basic device supervision. IIRC it should be free. https://support.apple.com/en-ca/guide/apple-configurator-mac/welcome/mac

[–] [email protected] 4 points 9 months ago (1 children)

What about the family sharing and all that jazz? Add kiddos account under yours and you can set age/time limits and stuff like that.

[–] [email protected] 5 points 9 months ago

That’s what I am using at the moment but wondered what extra MDM would allow. Plus it’s an opportunity to learn and mess around with it :)

[–] [email protected] 3 points 9 months ago (1 children)

If the self hosted option doesn’t pan out, would suggest iMazing.

They have an MDM now and their previous versions for personal use were superb, versus iTunes.

[–] [email protected] 1 points 9 months ago

I’ll check it out, thanks

[–] [email protected] 2 points 9 months ago (1 children)

Not a self-hosted option, but Mosyle allows up to 30 devices free.

[–] [email protected] 1 points 9 months ago
[–] [email protected] 1 points 9 months ago (1 children)

Configurator if you have a MacOS device already and want the OG. Plus it does allow for device supervision. Although you may have to register as an enterprise system for that. That’s really going to be the key thing here as last time I recall signing my org up for MDM we had to provide tax documents.

Apple uses JAMF, and their prices are so low and it’s so easy that for strictly Apple devices I’d go that route. I do believe there is an on prem version of Jamf as well, but you still pay yearly for it.

There’s also Hexcloud, whatever VMware is calling there’s now, and technically sccm can do device MDM.

Main benefits come from supervised mode. On iPads you can enable multi user support with sign in. You can remove access to messaging or other apps, but beyond that the differences between MDM and parental locks aren’t as wide.

[–] [email protected] 1 points 9 months ago (1 children)

Ah, I didn’t realise it might be difficult on the apple side registering as a company etc. Maybe it’s not worth the effort, but I’m gonna look into the options you mentioned

[–] [email protected] 2 points 9 months ago

Supervised mode gives you basically all the cool options post IOS 12. That said, it’s been about 4 years since I’ve done any of that registration stuff and I know it changed a lot during the pandemic. So it could be easier now.

[–] [email protected] 1 points 9 months ago

I remember researching the topic a while back. SimpleMDM seems to do it, but it requires paying Apple $300 a year. Luckily, Mosyle allows up to 30 devices for free.

[–] [email protected] 1 points 9 months ago (1 children)

Miridore is self hosted and free

[–] [email protected] 1 points 9 months ago

I’ll check it out, thanks

[–] [email protected] 1 points 9 months ago (1 children)
[–] [email protected] 2 points 9 months ago (1 children)

Mobile Device Manager, used for protecting/locking down devices.

[–] [email protected] 1 points 9 months ago

I'd say locking it down is a feature of being managed, not necessarily what it does.

When managing devices, you can enable users to have as much control as you'd like.

It's more about being able to manage devices from a single place, similar to what business does with workstations and servers (e.g. MS SCOM.

Plenty of users still have admin rights even with SCOM being used. It still really helps from a support perspective.