This pull request makes minor improvements to the software metadata for
Linux and Windows installers, and updates messaging in a MacOS
configuration profile. The main changes are the addition of display
names for several software packages and a small wording update in the
MacOS profile.
Software metadata improvements:
* Added the `display_name` field for 1Password, Slack, and Zoom
installers in both `.deb` and `.rpm` formats for Linux, improving
clarity in software listings.
[[1]](diffhunk://#diff-74a6b317e1363bc4c856fc04b9532876ec6fbdaec1ae7745bc7ec00c164b5ee8R2)
[[2]](diffhunk://#diff-a09b19aa20a36257dba104b182ec182a175198bf2b83b4c27bbe5b34e3f86a9cR2)
[[3]](diffhunk://#diff-63cf9bff568593d4d6681597dc69b3c3741cbd53197cfa8056e66a8ce6aa65a3R2)
[[4]](diffhunk://#diff-1c76fa28d50f586e4d7090a954db56d9235cdea759e8a613d2c5fb0ccdf28fdfR2)
[[5]](diffhunk://#diff-d3b614ed0d7209d14d8f70170e4326d56e660fdb87ed585674be14c344a59d7fR2)
[[6]](diffhunk://#diff-c5be3430c846b9b69a3d47f0157b0d1707a61dac731d823e38adbf78de4f5ebeR2)
* Added the `display_name` field for Zoom installers for Windows
(`zoom-arm.yml` and `zoom.yml`), making software identification easier.
[[1]](diffhunk://#diff-3f6d972edfe5bd7590c0cd9ffc76a416401410a4b6143e4d6b2d6a0f8efa83b5R2)
[[2]](diffhunk://#diff-2ea34a1db8efdb13d238a064e9bd2e0ba1e4565aba849549e6182fcbe38cd388R2)
MacOS configuration profile update:
* Updated the `subHeader` in the `nudge-configuration.mobileconfig` file
to reference the "IT team" instead of "IT & Enablement team," clarifying
the responsible group in user notifications.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#38252
This pull request improves the Windows MDM unregistration PowerShell
script by adding extra checks and cleanup steps to ensure devices are
properly unenrolled and that the state is clearly reported. The script
now checks for relevant registry values before and after unregistration,
and explicitly clears any remaining values to guarantee correct
detection by Fleet.
Enhancements to device unregistration and registry cleanup:
* Added a pre-check for `DiscoveryServiceFullURL` registry values before
attempting to unregister the device, to provide clearer output about the
device's enrollment state.
* After calling the `UnregisterDeviceWithManagement` API, the script now
explicitly removes any remaining `DiscoveryServiceFullURL` values from
enrollment keys that have a `UPN`, ensuring Fleet properly detects the
device as unenrolled.
* Improved output messages to clearly indicate the actions taken and the
resulting device state, including whether registry values were found,
cleared, or already absent.
* Added error handling to exit with a non-zero code if an error occurs
during unregistration.
This fixes an issue where the background process invocation fails if the
script is located in a path containing white spaces, due to improper
path escaping, which can occur when the uninstall script is executed via
Microsoft Intune.
- Added new Windows Defender policy that checks to make sure Windows Defender is running, antivirus is enabled, real-time protect is enabled, and data protection access is enabled.
- Added additional formatting to policies section
- Updated Windows policies with human readable names so they appear cleaner in Fleet UI, rather than by their file names. Ex: `Disable OneDrive` vs `disable-onedrive`
Now that we are getting the new APNs certificate and enrollment profile
distributed, devices need to reboot to have FileVault enabled and their
keys escrowed the Fleet. These policies should hopefully encourage
everyone affected to restart their device.
---------
Co-authored-by: Brock Walters <153771548+nonpunctual@users.noreply.github.com>
Changes:
- Windows MDM setup guide update: include instructions how to turn off
MDM
- Redirect: new link `learn-more-about/windows-mdm` that will be used in
the error message.
Added two new policies that check for available software updates.
Renamed an existing policy to reflect accuracy.
Resorted list of policies to group them by platform.
