Device Management,
Uncomplicated.

An open-source, cross-platform MDM solution designed for administrators who want total control without the enterprise bloat.

Get Started Read the Docs

Why Choose MiniDM?

🚀

Lightweight Backend

Powered by a blazing-fast Node.js and Express server with a zero-config SQLite persistence layer. Deploy in seconds, not days.

🛡️

Defense-in-Depth

Features Trust On First Use (TOFU) enrollment. Cryptographic keys and server states are locked inside the local Windows DPAPI vault.

Tamper-Proof Execution

Say goodbye to arbitrary shell injection. Agents only execute strongly-typed, pre-compiled commands (JSON), ensuring rock-solid stability.

Zero-Trust Architecture Built-In

MiniDM doesn't just assume a device is friendly. Every single command and heartbeat is mathematically verified.

  • Mutual Authentication: Both the C# Agent and Node Server utilize local RSA-2048 key pairs to verify each other's identity on every check-in.
  • Payload Signing: Commands queued in the admin dashboard are hashed (SHA256) and signed by the server's private key before transit.
  • Burn The Bridge: Initial deployment registry keys are permanently destroyed after successful cryptographic enrollment.
// C# Agent Signature Verification if (VerifySignature(payload, sig, ServerKey)) { Console.WriteLine("Signature valid."); ExecuteCommand(payload); } else { // Drop connection, log attempt DropPayload(); }