Fix installed_from_dep value in activity for DEP re-enrolling (#15419)

#12037 ![Screenshot 2023-12-04 at 17 03 03](https://github.com/fleetdm/fleet/assets/2073526/e44cee72-1f1a-4a10-be80-26f0e06c8c91) - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [X] Added/updated tests - [X] Manual QA for all new/changed functionality
2026-05-23 17:08:53 +00:00 · 2023-12-04 17:14:16 -03:00 · 2023-12-04 17:14:16 -03:00 · 9b40573f54
commit 9b40573f54
parent 29580a242d
4 changed files with 28 additions and 2 deletions
--- a/changes/12037-fix-dep-reenroll-activity
+++ b/changes/12037-fix-dep-reenroll-activity
@ -0,0 +1 @@
+* Fix `installed_from_dep` in `mdm_enrolled` activity when a DEP device unenrolls and re-enrolls.
--- a/server/datastore/mysql/apple_mdm.go
+++ b/server/datastore/mysql/apple_mdm.go
@ -984,7 +984,7 @@ func (ds *Datastore) UpdateHostTablesOnMDMUnenroll(ctx context.Context, uuid str
 			return ctxerr.Wrap(ctx, err, "getting host id from UUID")
 		}

-		// NOTE: set installed_from_dep = 0 so DEP host will not be counted as pending after it unrolls
+		// NOTE: set installed_from_dep = 0 so DEP host will not be counted as pending after it unenrolls.
 		_, err = tx.ExecContext(ctx, `
 			UPDATE host_mdm SET enrolled = 0, installed_from_dep = 0, server_url = '', mdm_id = NULL WHERE host_id = ?`, hostID)
 		if err != nil {
--- a/server/service/apple_mdm.go
+++ b/server/service/apple_mdm.go
@ -2206,7 +2206,7 @@ func (svc *MDMAppleCheckinAndCommandService) Authenticate(r *mdm.Request, m *mdm
 	return svc.ds.NewActivity(r.Context, nil, &fleet.ActivityTypeMDMEnrolled{
 		HostSerial:       info.HardwareSerial,
 		HostDisplayName:  info.DisplayName,
-		InstalledFromDEP: info.InstalledFromDEP,
+		InstalledFromDEP: info.DEPAssignedToFleet,
 		MDMPlatform:      fleet.MDMPlatformApple,
 	})
 }
--- a/server/service/integration_mdm_test.go
+++ b/server/service/integration_mdm_test.go
@ -2196,6 +2196,31 @@ func (s *integrationMDMTestSuite) TestDEPProfileAssignment() {
 	require.NoError(t, mdmDevice.Enroll())
 	checkPostEnrollmentCommands(mdmDevice, true)

+	// The user unenrolls from Fleet (e.g. was DEP enrolled but with `is_mdm_removable: true`
+	// so the user removes the enrollment profile).
+	err = mdmDevice.Checkout()
+	require.NoError(t, err)
+
+	// Simulate a refetch where we clean up the MDM data since the host is not enrolled anymore
+	mysql.ExecAdhocSQL(t, s.ds, func(q sqlx.ExtContext) error {
+		_, err := q.ExecContext(ctx, `DELETE FROM host_mdm WHERE host_id = ?`, mdmDeviceID)
+		return err
+	})
+
+	// Simulate fleetd re-enrolling automatically.
+	err = mdmDevice.Enroll()
+	require.NoError(t, err)
+
+	// The last activity should have `installed_from_dep=true`.
+	s.lastActivityMatches(
+		"mdm_enrolled",
+		fmt.Sprintf(
+			`{"host_serial": "%s", "host_display_name": "%s (%s)", "installed_from_dep": true, "mdm_platform": "apple"}`,
+			mdmDevice.SerialNumber, mdmDevice.Model, mdmDevice.SerialNumber,
+		),
+		0,
+	)
+
 	// enroll a host into Fleet
 	eHost, err := s.ds.NewHost(context.Background(), &fleet.Host{
 		ID:             1,
				`@ -0,0 +1 @@`
				* Fix `installed_from_dep` in `mdm_enrolled` activity when a DEP device unenrolls and re-enrolls.