Some things that we apply after the unit comes online, other than what is already in cnArcher (Encryption mode, Encryption Key, Color Code, etc), are the following:
Authentication (Users/Password),
AP Selection method (changed to Power Level rather than Throughput)
Web Auto Update
Bridge Table Size
Disable TFTP and FTP
Enable PacketFilter for SMB, BootP, and Multicast for both IPv4 and v6
Other than that, we also pass a few things like scan list (different than what gets set in cnArcher)
Yes, and in fact, if we have bored tech's we try to maintain a stockpile of SM's preconfigured for grab and go.
Freq lists, credentials, generic stuff like that. If we're stockpiling, we'll get site specific info such as color codes and vlans as well, using configs per tower.
Beyond setting latitude longitude and name, and AAA settings, the big one I'd say is setting PPPoE filters (technically we have 2 configurations one for users with pppoe that blocks everything except pppoe and another that leaves all filters unblocked (for non pppoe customers). So having the app auto apply proto filters would be nice. Not sure how a pppoe-filter on the eth would affect access to the SM via LAN1 management though.
Ohhhh and username/password for admin login, ability to drop unused users/set password for correct users is something that is a pain to get installers to remember, but mainly those 3 things are what we need to get configured during install (beyond cc/freq) but thats already in place.
Moreover, we use the default ip address, so I don't need to modify it as requested from the cnArcher.
It would be convenient if I could load a script from the application, with this option we can also eventually modify the configuration in the future without changing the application.