r/mosyle

I'm new to MDM and Mosyle, been trialing it, and plan to deploy. I'm trying to decide the best approach before rolling out to macbooks, I've experimented with different configurations but looking for guidance in case I've missed or overlooked some nuances.

I'm under pressure to start rolling it out, but nervous of going one route only to find gotchas or another approach would have been better. I'd be most grateful for any feedback or guidance on my current thoughts/questions:

1. Auth 2 can setup and sync the user/password with Microsoft Entra and on a reboot require the sign on + MFA; adds a layer of authentication.

2. PSSO with password can also sync the user/password with Microsoft Entra but doesn't provide MFA on a reboot or other unlock/login MFA.

3. PSSO is simpler and should improve as Microsoft/Mosyle add more support for it

4. Microsoft Company Portal is needed for both for apps etc to use SSO.

5. Is it advantageous to use Auth 2 for the login and sync experience, etc, with PSSO using enclave key to support apps and SSO?

6. How are you deploying Mosyle for macs: Auth 2, PSSO (password or enclave key?), or both?

Many thanks!

We had pushed a command to update some of the built-in apps on iPads (mostly for our staff) but some student iPads had them installed as well. This produced the pictured error message across many (but not all) devices. Clicking "Cancel" (in some cases up to 10x) seems to make it go away. We've had a few iPads that keep coming back up w/this problem. We have a support ticket in but its just AI chatbot nonsense and we are doing what they ask such as clearing pending and failed commands, but the failed commands keep indicating the built-in Apps can't be updated. Other documentation suggests to download the built-in apps from the VPP store and deploy that way but that's nuts. Feels like something changed drastically in how Mosyle manages built-in apps (that or iOS changes?)

https://preview.redd.it/4elolr2qax0h1.jpg?width=3024&format=pjpg&auto=webp&s=e792fb8965d5010a6685ca929b0278ebcd397a58

I am a small law firm owner that is hiring a part-time paralegal. We now have 3 total Mac Books and an iPad in our arsenal. The first two and iPad were registered into Mosyle after they were purchased. I am using Apple Business and Mosyle in anticipation of scaling the business eventually. I just purchased this third MacBook through Apple and it is already registered in Apple Business and in Mosyle and set for automatic device enrollment.

When I turned on the MacBook for the first time to set it up, it is asking me to Create a Mac Account. Before I go further and mess something up, I would appreciate guidance on the Full Name, Account Name, and PWs. Would these be unique logins for the paralegal? Or would they be more permanent for the MacBook longer term?

If permanent, then I obviously do not want to create an account for the paralegal that will only be here a few months and have her name permanent ingrained into the computer or software.

Additional information:

-Mosyle settings were whatever the Support team recommended when I did my free sessions with Mosyle upon sign up.

-Account Config: YES to prompt user to create an account / administrator

-NO to create additional local admin during Setup Assistant.

I would appreciate any tips and guidance on setup...

We have the free implementation of Mosyle MDM (under 30 devices). I am unable to delete user profiles from the managed Mac Studio computers, which are joined to a Microsoft Active Directory domain. I have shut down and restarted all the managed computers. No users are logged on.

What am I doing wrong?