From 5f9a7df51809e480d66d2da176eaa9591f29292b Mon Sep 17 00:00:00 2001 From: Marko Lisica <83164494+marko-lisica@users.noreply.github.com> Date: Tue, 22 Aug 2023 12:55:14 +0200 Subject: [PATCH] Update manage-access.md (#13426) Updated table rows related to MDM commands permission. Right now there are just calling out macOS hosts and we're implementing MDM commands for Windows. Additionally, there was a duplicate row in the table which I removed. # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). --- docs/Using Fleet/manage-access.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/Using Fleet/manage-access.md b/docs/Using Fleet/manage-access.md index 2095bdf291..48c1a21526 100644 --- a/docs/Using Fleet/manage-access.md +++ b/docs/Using Fleet/manage-access.md @@ -77,8 +77,8 @@ GitOps is an API-only and write-only role that can be used on CI/CD pipelines. | Generate Apple mobile device management (MDM) certificate signing request (CSR) | | | | ✅ | | | View disk encryption key for macOS hosts | ✅ | ✅ | ✅ | ✅ | | | Create edit and delete configuration profiles for macOS hosts | | | ✅ | ✅ | ✅ | -| Execute MDM commands on macOS hosts*** | | | ✅ | ✅ | | -| View results of MDM commands executed on macOS hosts*** | ✅ | ✅ | ✅ | ✅ | | +| Execute MDM commands on macOS and Windows hosts*** | | | ✅ | ✅ | | +| View results of MDM commands executed on macOS and Windows hosts*** | ✅ | ✅ | ✅ | ✅ | | | Edit [MDM settings](https://fleetdm.com/docs/using-fleet/mdm-macos-settings) | | | | ✅ | ✅ | | Edit [MDM settings for teams](https://fleetdm.com/docs/using-fleet/mdm-macos-settings) | | | | ✅ | ✅ | | Upload an EULA file for MDM automatic enrollment\* | | | | ✅ | | @@ -141,9 +141,8 @@ Users that are members of multiple teams can be assigned different roles for eac | Initiate [file carving](https://fleetdm.com/docs/using-fleet/rest-api#file-carving) | | | ✅ | ✅ | | | View disk encryption key for macOS hosts | ✅ | ✅ | ✅ | ✅ | | | Create edit and delete configuration profiles for macOS hosts | | | ✅ | ✅ | ✅ | -| Execute MDM commands on macOS hosts, and read command results* | | | ✅ | ✅ | | -| Execute MDM commands on macOS hosts* | | | ✅ | ✅ | | -| View results of MDM commands executed on macOS hosts* | ✅ | ✅ | ✅ | ✅ | | +| Execute MDM commands on macOS and Windows hosts* | | | ✅ | ✅ | | +| View results of MDM commands executed on macOS and Windows hosts* | ✅ | ✅ | ✅ | ✅ | | | Edit [team MDM settings](https://fleetdm.com/docs/using-fleet/mdm-macos-settings) | | | | ✅ | ✅ | | View/download MDM macOS setup assistant | | | ✅ | ✅ | | | Edit/upload MDM macOS setup assistant | | | ✅ | ✅ | ✅ |