Allow enterprise-level controls for commercial licenses
There is a demand to use this software for some proprietary applications, but currently community plugins cannot be disabled, are not reviewed or trusted, and there are no enterprise management features that would allow IT departments to safely restrict which plugins are used. In other words, we don’t have a safe way to use even the pro/paid versions. Obsidian cloud sync is explicitly denied. The absence of these features restricts Obsidian from being considered in many use cases where it would otherwise be incomparably superior to alternatives (OneNote, email correspondance, etc.).
Proposed solution
Please allow commercial licenses to be more easily configured for enterprise use, similar to security features which exist for other software geared towards corporate use (e.g. Microsoft Teams). At minimum, allow restriction/disabling of plugins and cloud sync.
+1 On this – The two main concerns for my organization are plugin restriction (users cannot install unapproved plugins) and identity restriction (users cannot login to sync on non-company accounts).
Absolutely a required feature at this point. Can’t easily convince a company that is concerned with safety that using this tool will be safe without some form of plugin restriction that can be pushed from an admin portal/account. Perhaps setting it up as whomever has the admin permissions can pull community plugins from the larger pool and put them in a ‘managed plugins’ area. that way the admins can vet and approve what is being requested by their users without exposing potentially sensitive information to unknown sources.
As I discussed in another thread, if you provided some way to white list plugins, then we could take it upon ourselves to do the security assessments for the most popular plugins and allow our users to install them.
Currently, it’s all or nothing, which forces us to allow nothing.
Although the ease of syncing and publishing are very good features the addition of a way to disable these features using group policy would make it a lot easier to get permission to install in a corporate environment. The only method I have found so far is disabling the sync domains at the firewalls but this may not be acceptable to IT.
Proposed solution
Add a group policy controllable setting that could be used to disable sync and publish on all Obsidian installs (including portable).
This could be extended to include enabling sync to only company mobiles and having similar restrictions available to corporate IT in the mobile app - but this is more of a stretch goal.
Current workaround (optional)
Blocking the sync domains at the company firewalls may be a workaround.
The inability to be able to completely or granularly restrict community plugins is the reason that Obsidian is being blocked at my work, which is a real shame because in really enjoying using it.
Proposed solution
The means for which, via our managed Self Service, to allow for all (or some) of the community plugins to be restricted. Perhaps some kind of SSO sign on integrated with our current SSO, and for those accounts to be managed so that community plugins are disabled.
I wish I had a better solution, this is more of post to raise this issue and to see if there are any thoughts from the community?
I’m encountering the same problem - that Obsidian is blocked for use on my work computer.
TBH this feels like having an arm amputated, as I’ve got so used to using it over the last year.
The problem from the perspective of our security group is the ability to switch on Community Plugins and hence to install ad hoc code.
I wondered whether Obsidian could add another distribution, one which just disables the Community Plugins capability, either by disabling/hiding that whole settings group, or by disabling the “Restricted Mode” button.
I realise it would lose the value of the community plugins for those using the “Locked Down” version, but personally I’d still much rather use a restricted version of Obsidian and any competitor or alternative.
I totally agree. I’m considering building upon obsidian to level up the Knowledge Management in our company, big one, and without some way to control ability to download plugins, the only way I see is cutting internet off for the obsidian.exe.
Solution : It would be enough to have a simple json at the root of the program folder which would act as a master setting over the separate json files inside each vault. Needed option : disabling community plugins and disabling ability to connect to an account and setup sync.
