Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 08:28:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 107
fleet/articles/custom-os-settings.md
Mike Thomas 2171544ad1
Docs quick reference optimization (#21331) 
This PR closes https://github.com/fleetdm/fleet/issues/21108

@noahtalerman, I double-checked all redirects, and they are working.
Clicking through the URLs in [this
spreadsheet](https://docs.google.com/spreadsheets/d/1djVynIMuJK4pT5ziJW12CluVqcaoxxnCLaBO3VXfAt4/edit?usp=sharing)
is a pretty quick way to go through them all. Note that "Audit logs" and
"Understanding host vitals" redirect to the contributor docs on GitHub,
so they will throw a 404 until this is merged.

Some new guides benefitted from a name change, so they make more sense
as stand-alone guides, and also so that we don't have to mess around
with more redirects later. Those name changes followed [this
convention](https://fleetdm.com/handbook/company/communications#headings-and-titles),
which was recently documented in the handbook.

Have fun!

---------

Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Noah Talerman <noahtal@umich.edu>
2024-08-16 15:30:31 -05:00

2.6 KiB
Raw Blame History

Custom OS settings

In Fleet you can enforce OS settings like security restrictions, screen lock, Wi-Fi etc., on your your macOS, iOS, iPadOS, and Windows hosts using configuration or device profiles.

Enforce OS settings

You can enforce OS settings using the Fleet UI, Fleet API, or Fleet's GitOps workflow.

For macOS hosts, Fleet recommends the iMazing Profile Creator tool for creating and exporting macOS configuration profiles.

For Windows hosts, copy out this Windows configuration profile template and update the profile using any configuration service providers (CSPs) from Microsoft's MDM protocol.

Fleet UI:

  1. In the Fleet UI, head to the Controls > OS settings > Custom settings page.

  2. Choose which team you want to add a configuration profile to by selecting the desired team in the teams dropdown in the upper left corner. Teams are available in Fleet Premium.

  3. Select Upload and choose your configuration profile.

Fleet API: API documentation is here

OS settings status

In the Fleet UI, head to the Controls > OS settings tab.

In the top box, with "Verified," "Verifying," "Pending," and "Failed" statuses, click each status to view a list of hosts:

  • Verified: hosts that installed all configuration profiles. Fleet has verified with osquery.

  • Verifying: hosts that have acknowledged all MDM commands to install configuration profiles. Fleet is verifying the profiles are installed with osquery. If the profile wasn't installed, Fleet will redeliver the profile.

  • Pending: hosts that will receive MDM commands to install configuration profiles when the hosts come online.

  • Failed: hosts that failed to install configuration profiles. For Windows profiles, the status codes are documented in Microsoft's documentation here.

In the list of hosts, click on an individual host and click the OS settings item to see the status for a specific setting.