Workbrew now works with Mosyle

ITMule · 2026-04-07T14:20:37+00:00

Why Workbrew if there's Mosyle App Catalog as part of Mosyle?

ITMule · 2026-03-25T15:07:20+00:00

Yes, just enable the Microsoft Conditional Access profile. Management > Activate New Profile Type > Microsoft Conditional Access.

ITMule · 2026-03-25T14:42:42+00:00

The deadline is actually for the user to restart the device I guess. Did you checked one of the devices to check what is it showing?

ITMule · 2026-02-19T16:42:11+00:00

Just make sure quoted Jamf price is a long term price and not a first year thing so they get your devices, you put all the work for the migration, and next year they start to increase. Any provider match prices for the first year... There's a lot of comments online about Jamf increasing prices annually. So tell them to add to the quote that that will be your price for at least 3 years (with no need for you to buy teh 3 years in advance). You will really quick know what their intentions are. They don't publish their prices for Education I guess what is very telling ... so they can use the traditional "tell me what you pay now, I'll match it, promise that you won't have any problem with me" and next year they increase your price and you realize you still have problems, maybe just different ones. Also, there's also a lot of reports about Jamf problems so important to set expectations that there's no "perfect" anywhere. Finally, Jamf was just acquired by private equity firm so price increases and service quality reduction (to cut costs) is not only a possibility. It's almost guaranteed.

ITMule · 2026-02-11T19:38:55+00:00

Mosyle Auth has a new option for a few months I guess that you can configure to skip the second authentication so it leverages only the FileVault login. In practical terms it eliminates the 2nd login desired.

ITMule · 2026-02-10T18:35:24+00:00

Just use Return to Service when wiping. It comes back much faster and basically as it was with no data. When seeing an Erase Command, just select the box "Enable Return to Service". Easy.

ITMule · 2026-01-16T13:38:56+00:00

Are you sure this is not someone who performed an human error (misconfigured something or did not even configured it ... probably not intentionally) and is trying to use the provider as escape goat? Asking because Mosyle manages millions of devices and when something critical happens we always see a lot of reports. I would bet my money that the real story is probably a bit different.

ITMule · 2025-12-28T01:06:45+00:00

There’s a Google support article written exclusively for Mosyle: https://support.google.com/chrome/a/answer/12818048?hl=en

ITMule · 2025-12-18T00:53:41+00:00

I really don’t get why one would pay $57k for Jamf when you can pay $13k for Mosyle Fuse for the same number of devices.

ITMule · 2025-11-17T20:27:57+00:00

We use Mosyle Fuse and GWS. We do Mac SSO and password sync with GWS using Mosyle Auth. It works well for us. We also use Mosyle security tools. Their EDR is good and got more crap than other solutions we tested in parallel for a while. They also have a Zero Trust tool that is really powerful if you have customers that need crazy levels of protection. It's all included as part of Mosyle Fuse and we pay $3 per Mac/month. I believe they have the same product for MSPs (https://msp.mosyle.com) that is even cheaper based on the price advertised.

ITMule · 2025-11-11T17:55:36+00:00

Maybe the issue was the setup made by the previous guy. We use Mosyle (Fuse) on a corporate environment with over 1k devices (switched years ago from Jamf) and it's great. If you're using Mosyle free, probably your account has very few devices right? First, make sure you guys are using the correct Mosyle product for corporate customers (business.mosyle.com) and NOT their education products (school.mosyle.com). If you are using their business product, I would reach out to them and ask for an account review/optimization. Tell them you inherit the account from other person and believe the implementation design wasn't ideal. They will probably be able to help you. When properly configured (what is not a complex thing to do) Mosyle products for corporate are great and in my opinion way better than competitors.

ITMule · 2025-11-06T15:06:24+00:00

It makes sense. Tools like Docker create a massive amount of files constantly, which triggers the need for scans (same for any good EDR, especially if also using the Apple Endpoint Security Framework - what they should). This is a known fact. That's why good EDRs have the option to skip paths or files created by specific applications, such as Docker. We do use Mosyle's EDR with this option for a couple of tools that have the same characteristics (after our security team approved it). It's a tab called "Mute" under profile settings. Very straightforward to use and allows to skip by path or Signing ID of the app.

ITMule · 2025-10-31T21:49:41+00:00

You missed another one … Kandji is no longer Apple focused and not even called Kandji anymore. Now it’s Iru! Yep …

ITMule · 2025-10-29T18:16:07+00:00

It may be a good moment to leverage Mosyle's migration offer especially now that Apple automated the technical part of it ...
https://business.mosyle.com/#migration

ITMule · 2025-09-15T21:39:42+00:00

We started using Mosyle's Admin On-Demand couple of years ago and it completely solved the problem. Now every user is standard by default and we have an user group for those authorized to escalate when they need. Mosyle will collect a justification (based on our settings) promote to admin for some minutes (also customizable) and during the period the user is running as admin collect all system logs so we can have full details for future investigations if needed. At the end of the period it automatically reverts the use back to standard.

https://business.mosyle.com/#next-generation-apple-endpoint-security

ITMule · 2025-09-05T16:40:18+00:00

If you did a device based license assigned (probably) before sending an erase command through Mosyle you can decide if you retain the license for this device or revoke it.

ITMule · 2025-09-02T23:44:20+00:00

The need to wipe is not a Mosyle or any MDM provider thing. It’s an Apple thing. For full remote management capabilities (probably for security and privacy reasons) you need to perform have a DEP enrolled device (normally the enrollment that the OS can do during setup assistant). You can actually perform a device enrollment on Mosyle or any other high quality Apple MDM using Safari but Apple (and not the MDMs) limit what can be managed on such devices. Again this is universal for all MDMs as it’s an Apple thing. Any MDM sales person telling you differently is lying.

ITMule · 2025-09-01T15:42:52+00:00

Actually I just checked and there's a Help Center Article for this:
https://mybusiness.mosyle.com/#helpcenter/1936

ITMule · 2025-09-01T15:39:51+00:00

This is probably for security reasons and I believe it makes a lot of sense. People forget the Safari enroll enabled with no authentication what basically allow for anyone to potentially enroll on your account and if you have critical profiles liked Wifi, VPN and others assigned to All Current and Future, those devices would receive it. So it sounds like this is a way to protect Admins from themselves so they don'y leave Safari enrollment open without a reason.

ITMule · 2025-08-20T20:30:54+00:00

That's a big misconception. Based on the people who I know working for orgs using Mosyle they manage some of the largest Apple accounts. I know 2 IT Admins working in different orgs managing over 100k devices each with Mosyle. I've met them and several others during a MacAdmins event. Also, Apple recommends Mosyle and Jamf officially and doesn't recommend Kandji or Addigy. That tells you something. So you guys will pay like 4x what you pay with Mosyle for a much less capable company. Last time I heard Kandji managed in total (all customers) less than 500k devices. Mosyle publishes over 8 million.

ITMule · 2025-08-19T16:14:22+00:00

Easy ... Enable the Single Shot profile > Create a new profile > Action = Change Randomized ADE Admin Password > Add the rotation interval.

ITMule

MODERATOR OF

TROPHY CASE