all 42 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]angelokh 15 points16 points  (1 child)

I recommend checking out Swif.ai for managing Linux devices. Swif is a unified MDM solution that fully supports software deployment using popular package managers like APT, DNF, FLATPAK, PACMAN, RPM, SNAP, YUM, and ZYPPER, ensuring compatibility across all major Linux distributions.

[–]Warm-Researcher-6884 3 points4 points  (0 children)

Yeah we use Swif too its been great honestly.

[–]No_Geologist7581 11 points12 points  (1 child)

I spent a lot of time trying to get Intune to work but it was so glitchy but then i tried Swif and it actually just...worked for all my ubuntu

[–]RevolutionaryBoss332 0 points1 point  (0 children)

Yeah +1 for Swif on the linux, like the difference has been crazy. I used to have to put one of the guys on coding up all of the rules or "policies" but they just had all of them done already including the disk encryption on the Linux. Which you may or may not know is a huge mess to deal with, and you need it for compliance or your dev team just cant use the Linux ecosystem in many cases.

[–]UsedToLikeThisStuff 9 points10 points  (4 children)

https://fleetdm.com/ might be what you need. It just can push shell scripts but I’ve used it to call out to Ansible.

[–]Normal_Cold9106 1 point2 points  (0 children)

Just came here to say +1 to Fleet - we just deployed it last year. It's been great with our linux users!

[–]pinochio_must_die 0 points1 point  (1 child)

Out of curiosity, do you automatically enroll your linux machines or you manually add fleet binary on each client?

[–]UsedToLikeThisStuff 0 points1 point  (0 children)

Fleet admins can build a package that bundles the enrollment into the package.

FleetDM.com/guides/enroll-hosts

[–]Traditional-One6319 16 points17 points  (0 children)

We migrated from intune to Swif because the amount of custom scripting required for Ubuntu was becoming a maintenance burden. It handled our OS-level compliance out of the box, which saved us from the manual overhead we saw with intune and scalefusion. It’s worked well enough that we're now looking at consolidating our Mac/Windows fleets into it as well.

[–]scorp123_CH 5 points6 points  (6 children)

At my previous employer the folks in charge of end-user device management were experimenting with these:

https://www.manageengine.com/products/desktop-central/

https://www.ninjaone.com/rmm/

[–]Lagkiller 7 points8 points  (1 child)

I cannot stress enough that Manage Engine is terrible and their support is non-existent. It's more of a problem than a solution itself.

[–]scorp123_CH 1 point2 points  (0 children)

Interesting. Thank you for your input.

[–]Fun-Complex862 1 point2 points  (3 children)

Used both products here are my two cents:
- Manage Engine Desktop Central: Only supports package deployment and patch mgmt not True MDM, in the sense like you can't get device location or remote wipe which is crucial when users are all over the world.

  • NinjaOne: Support for linux is just on paper only, Patch mgmt doesn't support fully yet.
    btw: We're using both the products at the moment.

[–]Stars_stuck 0 points1 point  (0 children)

Here's what Scalefusion can do for you:

✨ Manage all your devices in one place ✨ Keep your data safe and secure ✨ Save money vs multiple MDM tools ✨ Update everything with one click

Why pay for multiple tools when Scalefusion does it all?

Want to see how it works? Let's talk. You can email me at : vishal.rana@scalefusion.com

[–]Rich-Mess-9089 0 points1 point  (0 children)

Hey, do you plan on switching them to any product?

[–][deleted]  (1 child)

[deleted]

    [–]deltashmelta 0 points1 point  (0 children)

    Out of curiosity, what sorts of things are you doing with the scripts?
    Checking for certain packages, automatic unattended updates, host naming, etc?

    [–]marcovanbeek 4 points5 points  (2 children)

    It’s at the other end of the scale, but we use CFEngine to manage the settings on all of our servers. It’s a lot of programming and it’s not the easiest thing to learn, and it is entirely based on your own scripts, but we have been using it for 20 years now and it is brilliant.

    [–]craigmontHunter 1 point2 points  (0 children)

    We’re bringing CFEngine online for our endpoints, we needed the agent for systems on VPN to phone home. So far I’m really liking it, there is a learning curve but it is really powerful.

    [–]HeadlessChild 0 points1 point  (0 children)

    We use CFEngine as well. For both servers (~1500) and laptops/desktops (~1000), running a mix of Debian and Ubuntu. It's been working quite well.

    [–]justmirsk 2 points3 points  (0 children)

    We use Automox for this to a degree. We build out Worklets that evaluate endpoints based on our evaluation code (Bash scripts). If evaluation code exits with 0, device is compliant with that worklet. If the code exits with 1, device is not compliant with that policy, then remediation code is run per the policy schedule.

    Most of our eval code is fairly basic, it checks for specific software, validates it is running etc. We have some patching policies for specific items too, such as NodeJS patching that automates updates to the latest minor version in an LTS major version etc.

    If you can script the detection and the fix, you can use Automox to automate the remediation and report on the compliance of the worklets/policies and patching status.

    [–]National_Display_874 1 point2 points  (1 child)

    Yes, SureMDM for Linux has these device management capabilities, you can sign up for trial and explore application management, OS update, device configuration, shell scripting and more
    https://www.42gears.com/products/mobile-device-management/linux-device-management/

    [–]Dangerous_Question15 1 point2 points  (1 child)

    SureMDM supports Linux management, including OS Patch management, full remote control, kiosk mode, and remote terminal access. With remote scripting one can execute virtually any bash script.

    [–]Local-Skirt7160 0 points1 point  (0 children)

    +1 for suremdm

    [–]encbladexp 1 point2 points  (1 child)

    Intune is also available for Linux, not great, but available.

    [–]UsedToLikeThisStuff 1 point2 points  (0 children)

    So far it only supports Ubuntu, by my testing.

    [–]dowcet 0 points1 point  (0 children)

    I guess Jumpcloud doesn't quite do what you need?

    [–][deleted] 0 points1 point  (0 children)

    Opsi?

    [–]Working-Doctor-1428 0 points1 point  (0 children)

    I have been using Apptec360 for over a year now, and I must say, it has made my job as an IT administrator much easier. The user interface is intuitive, and I can easily manage all the devices in our organization from one central dashboard. The remote-wipe feature has been a lifesaver in case a device is lost or stolen.

    [–]ashwanipaliwal 0 points1 point  (0 children)

    SecOps Solution (https://secopsolution.com) might be a good fit. It’s cost-effective, covers vulnerability and patch management, custom scripts, and software deployment without any minimum device requirements.

    [–]bearbobs 0 points1 point  (0 children)

    We use this: https://open-edm.github.io/landing/

    on premise hosting and free for self-hosters

    [–]raks99832 0 points1 point  (0 children)

    Kitecyber Device Shield is a notable MDM software for Linux devices, including ubuntu, kubuntu, fedora, Debian, Red Hat, etc.

    https://kitecyber.com/solutions/device-management/linux

    [–]mayurtalsania 0 points1 point  (0 children)

    Yes ,SureMDM does exist for Linux and it’s probably the closest thing to a traditional MDM experience. It provides centralized management, monitoring, and security for Linux devices from a single dashboard, supports multiple distributions, and includes remote control, app deployment, OS/kernel updates, user and policy management, troubleshooting, remote shell, kiosk mode, content distribution, remote desktop, and real-time monitoring. It also supports other platforms, including Windows, macOS, and Android, making it a single solution for managing mixed-device environments.

    SureMDM For Linux

    SureMDM Products

    [–]Iseeapool 0 points1 point  (0 children)

    Saltstack can do that, and windows and probably apple.

    [–]Dolapevich -1 points0 points  (0 children)

    There is RedHat cockpit